LDAP query from non-domain computers

Hello, please allow me to give a brief description of what's going on. We are trying to map drives for users who are VPN'd (via SSL VPN) in. The scripts (different VBscripts for different offices) are on a server share.

What we have discovered is that if the VPN client computer is a managed computer, thus in Active Directory, the scripts run fine and the drives are mapped. However, if the VPN client computer is unmanaged, this is where the problem occurs.

Firstly, using the "Wscript.Network" object, we check for the .UserDomain property. If it's not the domain name then we prompt the user for credentials via InputBox dialogs. We use those credentials to pass to the .MapNetworkDrive method since it takes username/password arguments. This works fine.

The problems come when using the "ADSystemInfo" object. The .UserName property value is used for LDAP queries. From an unmanaged computer there is no .UserName property since credentials are local I suppose. And I can't seem to pass credentials to this object. Thus I cant make LDAP queries.

I thought I found a work around with some code I found (see below). Thats to have a first script determine if the computer is managed or unmanaged. If unmanaged then I would run the second script under assigned credentials. This works from a managed machine but not from an unmanaged one. step2.vbs never executes from the unmanaged machine.

Const conPath = "\\server\share\step2.vbs"
Const conUser = "domain\username"
Const conPwd = "password~" 'The tild(~) simulates an enter key press.
Dim objShell
Set objShell = CreateObject("WScript.Shell")
objShell.Run("runas /user:" & conUser & " " & chr(34) & "wscript \" & chr(34) & _ conPath & chr(34) & chr(34))
objShell.AppActivate "Runas"
WScript.Sleep 100
objShell.SendKeys conPwd

I'm at my wits end. Is there any way I can make an LDAP query from an unmanaged computer?

Thanks in advance,
Jim
jimbo20814Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

RobSampsonCommented:
Have you tried using the OpenDSObject method?
http://msdn2.microsoft.com/en-us/library/aa706065(VS.85).aspx

There's an example of using it here under the "Now lets take a look at the ADSI version" section:
http://www.microsoft.com/technet/scriptcenter/resources/qanda/dec04/hey1213.mspx

Regards,

Rob.
0
jimbo20814Author Commented:
Thanks Rob! Using the OpenDSObject method and WinNT object did the trick.

Jim
0
RobSampsonCommented:
Great!  Are you able to accept an answer and close this question, or do you still have any issues?

Regards,

Rob.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.