Solved

VBscript Logon Error

Posted on 2008-10-27
5
879 Views
Last Modified: 2013-12-24
I've been using the attached logon script to provide information in AD for each user.  The script runs properly for some, but errors upon logon for others.  Here's the error:

Line: 5
Char: 1
Error: 0x80005000
Code:80005000
Source:null

Is this a problem with permissions within Active Directory for the users that are having the script fail?  If so, what would be the fix?

Thanks
''POPULATES AD WITH USER LOGON INFO IN DESCRIPTION FIELD
 
Set objSysInfo = CreateObject("ADSystemInfo")
 
Set objUser = GetObject("LDAP://" & objSysInfo.UserName)
Set objComputer = GetObject("LDAP://" & objSysInfo.ComputerName)
 
strMessage = objUser.CN & " authenticated on " & objComputer.CN & " " & Now & ".  MAC addresses: " & MACAddresses(".")
 
objUser.Description = strMessage
objUser.SetInfo
 
objComputer.Description = strMessage
objComputer.SetInfo
 
function MACAddresses(strComputer)
	dim objWMI, colItems, objItem
	dim strMac
	strMac=""  
	Set objWMI = GetObject("winmgmts:\\" & strComputer &  "\root\CIMV2")  
	Set colItems = objWMI.ExecQuery("SELECT * FROM Win32_NetworkAdapterConfiguration where IPEnabled=TRUE",,48)
	For Each objItem in colItems
		if objItem.MACAddress<>"" then strMac=strMac & objItem.MACAddress & vbCrLf
	Next  
	MACAddresses = strMac
end function

Open in new window

0
Comment
Question by:CommCatz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 7

Expert Comment

by:Mikealcl
ID: 22815893
Normal users do  not have access to update active directory by default if that is what you are trying to do.

You would have to delegate that permission to update those fields.

http://www.windowsecurity.com/articles/Implementing-Active-Directory-Delegation-Administration.html


0
 

Author Comment

by:CommCatz
ID: 22816008
I have already delegated write permission to both the computer and user object's description field.  I must be missing another delegation permission.
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 22818555
Does the update fail for users who are or who have ever been members of a protected group such as Domain Admins, Account Operators, or Server Operators?  If so, this behavior is by design; the following links describe the issue and some potential workarounds:

http://msmvps.com/blogs/ulfbsimonweidner/archive/2005/05/29/49659.aspx
http://support.microsoft.com/kb/817433
0
 

Author Comment

by:CommCatz
ID: 22818901
The script fails for primarily users that are just members of the domain users group with no other elevated permission history.  It seems to run fine for domain admins and users who have full control to particular OUs within AD.
0
 

Accepted Solution

by:
CommCatz earned 0 total points
ID: 22831226
Anyone else?  This is getting really frustrating, I don't understand why it errors for some and not others.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question