LDAP query from non-domain computers
Posted on 2008-01-28
Hello, please allow me to give a brief description of what's going on. We are trying to map drives for users who are VPN'd (via SSL VPN) in. The scripts (different VBscripts for different offices) are on a server share.
What we have discovered is that if the VPN client computer is a managed computer, thus in Active Directory, the scripts run fine and the drives are mapped. However, if the VPN client computer is unmanaged, this is where the problem occurs.
Firstly, using the "Wscript.Network" object, we check for the .UserDomain property. If it's not the domain name then we prompt the user for credentials via InputBox dialogs. We use those credentials to pass to the .MapNetworkDrive method since it takes username/password arguments. This works fine.
The problems come when using the "ADSystemInfo" object. The .UserName property value is used for LDAP queries. From an unmanaged computer there is no .UserName property since credentials are local I suppose. And I can't seem to pass credentials to this object. Thus I cant make LDAP queries.
I thought I found a work around with some code I found (see below). Thats to have a first script determine if the computer is managed or unmanaged. If unmanaged then I would run the second script under assigned credentials. This works from a managed machine but not from an unmanaged one. step2.vbs never executes from the unmanaged machine.
Const conPath = "\\server\share\step2.vbs"
Const conUser = "domain\username"
Const conPwd = "password~" 'The tild(~) simulates an enter key press.
Set objShell = CreateObject("WScript.Shell")
objShell.Run("runas /user:" & conUser & " " & chr(34) & "wscript \" & chr(34) & _ conPath & chr(34) & chr(34))
I'm at my wits end. Is there any way I can make an LDAP query from an unmanaged computer?
Thanks in advance,