Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

WSCRIPT / ADSI / Password Reset

Posted on 2006-10-29
6
Medium Priority
?
1,382 Views
Last Modified: 2008-01-09
Hi,

I am looking for some guidance, I currently have the following script that I want to use to bind to an AD DC.  This will then reset the password for the specified, account.  The reason the credentials are being specified is because the script will be used to access many other domains as well as the one the server is a member of.

However myscript always fails on the objUser.SetPassword line, with an error of Access Denied.  Now the user being used to bind to AD does have the privilges to change this, as it is an enterprise admin, and doing so thru ADUC works fine.

I am guessing that my binding to AD is either unsuccessful, and resulting in the use of the locally logged on credentials, or it is not binding at all...

However if I replace the objUser.SetPassword (strNewPasswd) with   "Wscript.Echo objUser.AdsPath"  the script promptly returns the DN of the account in question...

Any ideas??

Cheers,
Tony


-----------
Set objRootDSE = GetObject("LDAP://servername.domain.suffix/RootDSE")


####
Credentials Used to Bind to AD with
####
strPath = "LDAP://CN=UserName,OU=CompanyUsers,DC=domain,DC=suffix"
strUser = "username@domain.suffix"
strPasswd = "Password1"



####
Account I want to have the password reset
####
strUserDN = " CN=Username2, OU=CompanyUsers, DC=domain,DC=suffix"
strNewPasswd = "Password!"

Set objUser = GetObject("LDAP://" & strUserDN)
objUser.GetInfo
objUser.SetPassword (strNewPasswd)
objUser.SetInfo


------------
0
Comment
Question by:ihotdesk
  • 3
6 Comments
 
LVL 3

Author Comment

by:ihotdesk
ID: 17830313
Please also note that the lines beginning with  #### and the comments inbetween are not present inthe script and are only a means of highlighting text for the purposes of this question

Cheers,
Tony
0
 
LVL 4

Expert Comment

by:KPCarl
ID: 17830494
Looks like you aren't setting the credentials...

Try:

Set objDSO = GetObject("LDAP:")
Set objUser = objDSO.OpenDSObject(strPath, strUser, strPasswd,0}
     
0
 
LVL 4

Expert Comment

by:KPCarl
ID: 17830501
Correction:

Set objDSO = GetObject("LDAP:")
Set objUser = objDSO.OpenDSObject(strPath, strUser, strPasswd,0)
0
 
LVL 4

Accepted Solution

by:
KPCarl earned 2000 total points
ID: 17830533
Use this if you want to encrypt traffic: between your computer and the domain:


Const ADS_SECURE_AUTHENTICATION = 1
Const ADS_USE_ENCRYPTION = 2


Set objDSO = GetObject("LDAP:")
Set objUser = objDSO.OpenDSObject (strPath, strUser, strPasswd, _
ADS_USE_ENCRYPTION OR ADS_SECURE_AUTHENTICATION)

0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
Integration Management Part 2
Look below the covers at a subform control , and the form that is inside it. Explore properties and see how easy it is to aggregate, get statistics, and synchronize results for your data. A Microsoft Access subform is used to show relevant calcul…

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question