Solved

WSCRIPT / ADSI / Password Reset

Posted on 2006-10-29
6
1,375 Views
Last Modified: 2008-01-09
Hi,

I am looking for some guidance, I currently have the following script that I want to use to bind to an AD DC.  This will then reset the password for the specified, account.  The reason the credentials are being specified is because the script will be used to access many other domains as well as the one the server is a member of.

However myscript always fails on the objUser.SetPassword line, with an error of Access Denied.  Now the user being used to bind to AD does have the privilges to change this, as it is an enterprise admin, and doing so thru ADUC works fine.

I am guessing that my binding to AD is either unsuccessful, and resulting in the use of the locally logged on credentials, or it is not binding at all...

However if I replace the objUser.SetPassword (strNewPasswd) with   "Wscript.Echo objUser.AdsPath"  the script promptly returns the DN of the account in question...

Any ideas??

Cheers,
Tony


-----------
Set objRootDSE = GetObject("LDAP://servername.domain.suffix/RootDSE")


####
Credentials Used to Bind to AD with
####
strPath = "LDAP://CN=UserName,OU=CompanyUsers,DC=domain,DC=suffix"
strUser = "username@domain.suffix"
strPasswd = "Password1"



####
Account I want to have the password reset
####
strUserDN = " CN=Username2, OU=CompanyUsers, DC=domain,DC=suffix"
strNewPasswd = "Password!"

Set objUser = GetObject("LDAP://" & strUserDN)
objUser.GetInfo
objUser.SetPassword (strNewPasswd)
objUser.SetInfo


------------
0
Comment
Question by:ihotdesk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
6 Comments
 
LVL 3

Author Comment

by:ihotdesk
ID: 17830313
Please also note that the lines beginning with  #### and the comments inbetween are not present inthe script and are only a means of highlighting text for the purposes of this question

Cheers,
Tony
0
 
LVL 4

Expert Comment

by:KPCarl
ID: 17830494
Looks like you aren't setting the credentials...

Try:

Set objDSO = GetObject("LDAP:")
Set objUser = objDSO.OpenDSObject(strPath, strUser, strPasswd,0}
     
0
 
LVL 4

Expert Comment

by:KPCarl
ID: 17830501
Correction:

Set objDSO = GetObject("LDAP:")
Set objUser = objDSO.OpenDSObject(strPath, strUser, strPasswd,0)
0
 
LVL 4

Accepted Solution

by:
KPCarl earned 500 total points
ID: 17830533
Use this if you want to encrypt traffic: between your computer and the domain:


Const ADS_SECURE_AUTHENTICATION = 1
Const ADS_USE_ENCRYPTION = 2


Set objDSO = GetObject("LDAP:")
Set objUser = objDSO.OpenDSObject (strPath, strUser, strPasswd, _
ADS_USE_ENCRYPTION OR ADS_SECURE_AUTHENTICATION)

0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question