Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 473
  • Last Modified:

Run a script on remote server

I have a vbscript to create AD accounts but want to run it on a remote server to create the accounts in the remote Active Directory.
   
I can get a VPN connection going no problem but I can't figure out how in the code to access the remote active directory using RootLDAP.  As a workaround could I connect the VPN, copy the account creation script to the remote server, and then execute it remotely?  The issue I'm having is that when I run the script from my PC, even though is located on the remote server's hard drive the script is essentially run locally on my PC.  

Is there an RPC style DOS command that can run the script on the remote server after it has been copied there,  but still let me have control of the script from my PC?  Hope that makes sense!          
0
prodriveit
Asked:
prodriveit
1 Solution
 
Ashish PatelCommented:
write a script file using WScript functions.
0
 
chandru_solCommented:
Hi,

Can you post the code?

The remote machine you are logging in is part of your domain or the any other domain?

regards
Chandru
0
 
chandru_solCommented:
You should be trying to log in the remote server and then run the script from that local server.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
prodriveitAuthor Commented:
Heres the code:

Function to create the user account.
It gets the domain controller's name for the profile and home drive paths, using a function listed below.
It puts the account in an OU  called testOU,  and also into the administrators group.
------------------------------------------------

Function createUser
      WScript.Echo ""
      WScript.Echo "User Account Details"
      WScript.Echo "--------------------"
      WScript.Echo ""
      WScript.Echo "First Name: "
      WScript.Echo ""
      strFirstName = WScript.StdIn.ReadLine
      WScript.Echo ""
      WScript.Echo "Surname: "
      WScript.Echo ""
      strSurname = WScript.StdIn.ReadLine
      WScript.Echo ""
      
      strUsername = Left(strFirstName, 1) & strSurname
      
      WScript.Echo "Home Drive Letter: "
      WScript.Echo ""
      strHomeDrive = WScript.StdIn.ReadLine
      WScript.Echo ""
      
      strHomeDirectory = getDomainInfo("DCName") & "\users$\" & strUsername & "\Home"
      strProfilePath = getDomainInfo("DCName") & "\profiles$\" & strUsername
      
      WScript.Echo "Telephone Number: "
      WScript.Echo ""
      strTelephoneNumber = WScript.StdIn.ReadLine
      WScript.Echo ""
      WScript.Echo "Email: "
      WScript.Echo ""
      strEmail = WScript.StdIn.ReadLine
      WScript.Echo ""

      WScript.Echo ""
      WScript.Echo "Password for account"
      WScript.Echo "--------------------"
      WScript.Echo ""
      WScript.Echo "Minimum length = " & getPasswordPolicy("length")
      WScript.Echo "Complexity = " & getPasswordPolicy("complex")
      WScript.Echo ""
      WScript.Echo "> "
      strDefaultPassword = WScript.StdIn.ReadLine
      
      strContainer = "OU=testOU,"
      
      ' Bind to Active Directory, Users container.
      Set objRootLDAP = GetObject("LDAP://rootDSE")
      Set objContainer = GetObject("LDAP://" & strContainer & objRootLDAP.Get("defaultNamingContext"))
      
      ' Create the user object.
      Set objUser = objContainer.Create("User", "cn=" & strUsername)
      objUser.Put "sAMAccountName", strUsername
      objUser.Put "givenName", strFirstName
      objUser.Put "sn", strSurname
      objUser.Put "displayName", strFirstName & ", " & strSurname
      objUser.Put "userPrincipalName", strUsername & "@" & getDomainInfo("DomainName")
      objUser.Put "homeDirectory", strHomeDirectory
      objUser.Put "homeDrive", strHomeDrive
      objUser.Put "profilePath", strProfilePath
      objUser.Put "msNPAllowDialin", TRUE
      objUser.Put "telephoneNumber", strTelephoneNumber
      objUser.Put "mail", strEmail
      objUser.setinfo
      
      objUser.setpassword strDefaultPassword
      objUser.accountDisabled = False
      objUser.Put "pwdLastSet", 0
      objUser.setinfo

      '
      ' Add user account to Administrators group
      '
      
      Dim objGroup
      Set objGroup = GetObject("LDAP://cn=Administrators,cn=Builtin,dc=domainName,dc=local")
      objGroup.Add("LDAP://cn=" & strUsername & ",ou=testOU,dc=domainName,dc=local")
      
      ' Optional section to launch Active Directory Uses and Users
      
      WScript.Echo ""
      WScript.Echo "Account created."
      WScript.Echo "View Active Directory?  (only works on server)"
      
      Dim strViewAD
      strViewAD = WScript.StdIn.ReadLine
      If strViewAD = "y" Then
            Set objShell=CreateObject("WScript.Shell")
            objShell.Run "%systemroot%\system32\dsa.msc"
      End If
      
End function


---------------------------------------------------------------------------------

Function to get domain name, DC server name and IP
--------------------------------------------------------------------

Function getDomainInfo(info)
dim strOutput, objWMIService, colItems, objItem

strComputer = "."

Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select * from Win32_NTDomain")

For Each objItem in colItems
    If objItem.Description <> "" AND info = "DomainName" then
          strOutput = objItem.Description
    end if
   
    If objItem.DomainControllerAddress <> "" AND info = "DCIP" then
          strOutput = objItem.DomainControllerAddress
    end if
   
    If objItem.DomainControllerName <> "" AND info = "DCName" then
        strOutput = objItem.DomainControllerName
    end if
Next

getDomainInfo = strOutput
end function
0
 
prodriveitAuthor Commented:
Chandru - The remote server is in a different domain.  I need to get the remote server details dynamically as I want to run this script for many remote servers.

I understand your suggestion of logging into the remote server and running the script - is there a shell to do this?
0
 
chandru_solCommented:
You can just run the script after logging in to the server by double clicking it.

Let me have a look at the script......
0
 
prodriveitAuthor Commented:
Do you mean via RDC?  I'd like to run the script without having to RDC or manually logon to the PC.  I can give the script the username and password for the remote server but thats all the user interaction should be.
0
 
chandru_solCommented:
I think then we can use psexec to run the script.

let me modify the script and you can give it a try
0
 
prodriveitAuthor Commented:
I had not heard about psexec but have had a look and it sounds pretty good!

I have had a play and using the line below can copy the script and execute it:

psexec \\remoteServerName -u "DOMAIN\Administrator" -p "password" -c C:\script.vbs
0
 
RobSampsonCommented:
Yes, PSExec should do this task for you.  As you can see, it has the copy switch, which copies the script to the remote machine, then obviously, as long as you specify the correct credentials for that remote server, you'll be able to execute it.

Also, if you're using the latest PSExec, use the -accepteula switch to avoid the EULA message.

Regards,

Rob.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now