prodriveit
asked on
Run a script on remote server
I have a vbscript to create AD accounts but want to run it on a remote server to create the accounts in the remote Active Directory.
I can get a VPN connection going no problem but I can't figure out how in the code to access the remote active directory using RootLDAP. As a workaround could I connect the VPN, copy the account creation script to the remote server, and then execute it remotely? The issue I'm having is that when I run the script from my PC, even though is located on the remote server's hard drive the script is essentially run locally on my PC.
Is there an RPC style DOS command that can run the script on the remote server after it has been copied there, but still let me have control of the script from my PC? Hope that makes sense!
I can get a VPN connection going no problem but I can't figure out how in the code to access the remote active directory using RootLDAP. As a workaround could I connect the VPN, copy the account creation script to the remote server, and then execute it remotely? The issue I'm having is that when I run the script from my PC, even though is located on the remote server's hard drive the script is essentially run locally on my PC.
Is there an RPC style DOS command that can run the script on the remote server after it has been copied there, but still let me have control of the script from my PC? Hope that makes sense!
write a script file using WScript functions.
Hi,
Can you post the code?
The remote machine you are logging in is part of your domain or the any other domain?
regards
Chandru
Can you post the code?
The remote machine you are logging in is part of your domain or the any other domain?
regards
Chandru
You should be trying to log in the remote server and then run the script from that local server.
ASKER
Heres the code:
Function to create the user account.
It gets the domain controller's name for the profile and home drive paths, using a function listed below.
It puts the account in an OU called testOU, and also into the administrators group.
-------------------------- ---------- ---------- --
Function createUser
WScript.Echo ""
WScript.Echo "User Account Details"
WScript.Echo "--------------------"
WScript.Echo ""
WScript.Echo "First Name: "
WScript.Echo ""
strFirstName = WScript.StdIn.ReadLine
WScript.Echo ""
WScript.Echo "Surname: "
WScript.Echo ""
strSurname = WScript.StdIn.ReadLine
WScript.Echo ""
strUsername = Left(strFirstName, 1) & strSurname
WScript.Echo "Home Drive Letter: "
WScript.Echo ""
strHomeDrive = WScript.StdIn.ReadLine
WScript.Echo ""
strHomeDirectory = getDomainInfo("DCName") & "\users$\" & strUsername & "\Home"
strProfilePath = getDomainInfo("DCName") & "\profiles$\" & strUsername
WScript.Echo "Telephone Number: "
WScript.Echo ""
strTelephoneNumber = WScript.StdIn.ReadLine
WScript.Echo ""
WScript.Echo "Email: "
WScript.Echo ""
strEmail = WScript.StdIn.ReadLine
WScript.Echo ""
WScript.Echo ""
WScript.Echo "Password for account"
WScript.Echo "--------------------"
WScript.Echo ""
WScript.Echo "Minimum length = " & getPasswordPolicy("length" )
WScript.Echo "Complexity = " & getPasswordPolicy("complex ")
WScript.Echo ""
WScript.Echo "> "
strDefaultPassword = WScript.StdIn.ReadLine
strContainer = "OU=testOU,"
' Bind to Active Directory, Users container.
Set objRootLDAP = GetObject("LDAP://rootDSE" )
Set objContainer = GetObject("LDAP://" & strContainer & objRootLDAP.Get("defaultNa mingContex t"))
' Create the user object.
Set objUser = objContainer.Create("User" , "cn=" & strUsername)
objUser.Put "sAMAccountName", strUsername
objUser.Put "givenName", strFirstName
objUser.Put "sn", strSurname
objUser.Put "displayName", strFirstName & ", " & strSurname
objUser.Put "userPrincipalName", strUsername & "@" & getDomainInfo("DomainName" )
objUser.Put "homeDirectory", strHomeDirectory
objUser.Put "homeDrive", strHomeDrive
objUser.Put "profilePath", strProfilePath
objUser.Put "msNPAllowDialin", TRUE
objUser.Put "telephoneNumber", strTelephoneNumber
objUser.Put "mail", strEmail
objUser.setinfo
objUser.setpassword strDefaultPassword
objUser.accountDisabled = False
objUser.Put "pwdLastSet", 0
objUser.setinfo
'
' Add user account to Administrators group
'
Dim objGroup
Set objGroup = GetObject("LDAP://cn=Admin istrators, cn=Builtin ,dc=domain Name,dc=lo cal")
objGroup.Add("LDAP://cn=" & strUsername & ",ou=testOU,dc=domainName, dc=local")
' Optional section to launch Active Directory Uses and Users
WScript.Echo ""
WScript.Echo "Account created."
WScript.Echo "View Active Directory? (only works on server)"
Dim strViewAD
strViewAD = WScript.StdIn.ReadLine
If strViewAD = "y" Then
Set objShell=CreateObject("WSc ript.Shell ")
objShell.Run "%systemroot%\system32\dsa .msc"
End If
End function
-------------------------- ---------- ---------- ---------- ---------- ---------- -----
Function to get domain name, DC server name and IP
-------------------------- ---------- ---------- ---------- ---------- --
Function getDomainInfo(info)
dim strOutput, objWMIService, colItems, objItem
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=imper sonate}!\\ " & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("S elect * from Win32_NTDomain")
For Each objItem in colItems
If objItem.Description <> "" AND info = "DomainName" then
strOutput = objItem.Description
end if
If objItem.DomainControllerAd dress <> "" AND info = "DCIP" then
strOutput = objItem.DomainControllerAd dress
end if
If objItem.DomainControllerNa me <> "" AND info = "DCName" then
strOutput = objItem.DomainControllerNa me
end if
Next
getDomainInfo = strOutput
end function
Function to create the user account.
It gets the domain controller's name for the profile and home drive paths, using a function listed below.
It puts the account in an OU called testOU, and also into the administrators group.
--------------------------
Function createUser
WScript.Echo ""
WScript.Echo "User Account Details"
WScript.Echo "--------------------"
WScript.Echo ""
WScript.Echo "First Name: "
WScript.Echo ""
strFirstName = WScript.StdIn.ReadLine
WScript.Echo ""
WScript.Echo "Surname: "
WScript.Echo ""
strSurname = WScript.StdIn.ReadLine
WScript.Echo ""
strUsername = Left(strFirstName, 1) & strSurname
WScript.Echo "Home Drive Letter: "
WScript.Echo ""
strHomeDrive = WScript.StdIn.ReadLine
WScript.Echo ""
strHomeDirectory = getDomainInfo("DCName") & "\users$\" & strUsername & "\Home"
strProfilePath = getDomainInfo("DCName") & "\profiles$\" & strUsername
WScript.Echo "Telephone Number: "
WScript.Echo ""
strTelephoneNumber = WScript.StdIn.ReadLine
WScript.Echo ""
WScript.Echo "Email: "
WScript.Echo ""
strEmail = WScript.StdIn.ReadLine
WScript.Echo ""
WScript.Echo ""
WScript.Echo "Password for account"
WScript.Echo "--------------------"
WScript.Echo ""
WScript.Echo "Minimum length = " & getPasswordPolicy("length"
WScript.Echo "Complexity = " & getPasswordPolicy("complex
WScript.Echo ""
WScript.Echo "> "
strDefaultPassword = WScript.StdIn.ReadLine
strContainer = "OU=testOU,"
' Bind to Active Directory, Users container.
Set objRootLDAP = GetObject("LDAP://rootDSE"
Set objContainer = GetObject("LDAP://" & strContainer & objRootLDAP.Get("defaultNa
' Create the user object.
Set objUser = objContainer.Create("User"
objUser.Put "sAMAccountName", strUsername
objUser.Put "givenName", strFirstName
objUser.Put "sn", strSurname
objUser.Put "displayName", strFirstName & ", " & strSurname
objUser.Put "userPrincipalName", strUsername & "@" & getDomainInfo("DomainName"
objUser.Put "homeDirectory", strHomeDirectory
objUser.Put "homeDrive", strHomeDrive
objUser.Put "profilePath", strProfilePath
objUser.Put "msNPAllowDialin", TRUE
objUser.Put "telephoneNumber", strTelephoneNumber
objUser.Put "mail", strEmail
objUser.setinfo
objUser.setpassword strDefaultPassword
objUser.accountDisabled = False
objUser.Put "pwdLastSet", 0
objUser.setinfo
'
' Add user account to Administrators group
'
Dim objGroup
Set objGroup = GetObject("LDAP://cn=Admin
objGroup.Add("LDAP://cn=" & strUsername & ",ou=testOU,dc=domainName,
' Optional section to launch Active Directory Uses and Users
WScript.Echo ""
WScript.Echo "Account created."
WScript.Echo "View Active Directory? (only works on server)"
Dim strViewAD
strViewAD = WScript.StdIn.ReadLine
If strViewAD = "y" Then
Set objShell=CreateObject("WSc
objShell.Run "%systemroot%\system32\dsa
End If
End function
--------------------------
Function to get domain name, DC server name and IP
--------------------------
Function getDomainInfo(info)
dim strOutput, objWMIService, colItems, objItem
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=imper
Set colItems = objWMIService.ExecQuery("S
For Each objItem in colItems
If objItem.Description <> "" AND info = "DomainName" then
strOutput = objItem.Description
end if
If objItem.DomainControllerAd
strOutput = objItem.DomainControllerAd
end if
If objItem.DomainControllerNa
strOutput = objItem.DomainControllerNa
end if
Next
getDomainInfo = strOutput
end function
ASKER
Chandru - The remote server is in a different domain. I need to get the remote server details dynamically as I want to run this script for many remote servers.
I understand your suggestion of logging into the remote server and running the script - is there a shell to do this?
I understand your suggestion of logging into the remote server and running the script - is there a shell to do this?
You can just run the script after logging in to the server by double clicking it.
Let me have a look at the script......
Let me have a look at the script......
ASKER
Do you mean via RDC? I'd like to run the script without having to RDC or manually logon to the PC. I can give the script the username and password for the remote server but thats all the user interaction should be.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I had not heard about psexec but have had a look and it sounds pretty good!
I have had a play and using the line below can copy the script and execute it:
psexec \\remoteServerName -u "DOMAIN\Administrator" -p "password" -c C:\script.vbs
I have had a play and using the line below can copy the script and execute it:
psexec \\remoteServerName -u "DOMAIN\Administrator" -p "password" -c C:\script.vbs
Yes, PSExec should do this task for you. As you can see, it has the copy switch, which copies the script to the remote machine, then obviously, as long as you specify the correct credentials for that remote server, you'll be able to execute it.
Also, if you're using the latest PSExec, use the -accepteula switch to avoid the EULA message.
Regards,
Rob.
Also, if you're using the latest PSExec, use the -accepteula switch to avoid the EULA message.
Regards,
Rob.