LDAP query from non-domain computers

Posted on 2008-01-28
Medium Priority
Last Modified: 2013-12-04
Hello, please allow me to give a brief description of what's going on. We are trying to map drives for users who are VPN'd (via SSL VPN) in. The scripts (different VBscripts for different offices) are on a server share.

What we have discovered is that if the VPN client computer is a managed computer, thus in Active Directory, the scripts run fine and the drives are mapped. However, if the VPN client computer is unmanaged, this is where the problem occurs.

Firstly, using the "Wscript.Network" object, we check for the .UserDomain property. If it's not the domain name then we prompt the user for credentials via InputBox dialogs. We use those credentials to pass to the .MapNetworkDrive method since it takes username/password arguments. This works fine.

The problems come when using the "ADSystemInfo" object. The .UserName property value is used for LDAP queries. From an unmanaged computer there is no .UserName property since credentials are local I suppose. And I can't seem to pass credentials to this object. Thus I cant make LDAP queries.

I thought I found a work around with some code I found (see below). Thats to have a first script determine if the computer is managed or unmanaged. If unmanaged then I would run the second script under assigned credentials. This works from a managed machine but not from an unmanaged one. step2.vbs never executes from the unmanaged machine.

Const conPath = "\\server\share\step2.vbs"
Const conUser = "domain\username"
Const conPwd = "password~" 'The tild(~) simulates an enter key press.
Dim objShell
Set objShell = CreateObject("WScript.Shell")
objShell.Run("runas /user:" & conUser & " " & chr(34) & "wscript \" & chr(34) & _ conPath & chr(34) & chr(34))
objShell.AppActivate "Runas"
WScript.Sleep 100
objShell.SendKeys conPwd

I'm at my wits end. Is there any way I can make an LDAP query from an unmanaged computer?

Thanks in advance,
Question by:jimbo20814
  • 2
LVL 65

Expert Comment

ID: 20764138
Have you tried using the OpenDSObject method?

There's an example of using it here under the "Now lets take a look at the ADSI version" section:



Author Comment

ID: 20778304
Thanks Rob! Using the OpenDSObject method and WinNT object did the trick.

LVL 65

Accepted Solution

RobSampson earned 1000 total points
ID: 20780911
Great!  Are you able to accept an answer and close this question, or do you still have any issues?



Featured Post

We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

OfficeMate Freezes on login or does not load after login credentials are input.
When you see single cell contains number and text, and you have to get any date out of it seems like cracking our heads.
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question