• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3513
  • Last Modified:

VBScript to connect to a remote AD and search a user

I am a newbie to vbscript and looking for a script to bind to a remote AD. I am not sure what am I missing from the below script that I have. Any help is appreciated.

                strUser = "<<BIND USER>>"
            strPass = "**********"
            strComp = "****************" '* the remote domain controller
            strAccount = "<<Search User Account>>"
            
            Const ADS_SECURE_AUTHENTICATION = 1
            Const ADS_SERVER_BIND = &h0200

            Set objDSO = GetObject("LDAP:")
            Set objRootDse = objDSO.OpenDSObject("LDAP:/" & strComp & "/RootDSE" , strUser, strPass, ADS_SECURE_AUTHENTICATION OR ADS_SERVER_BIND)
            strTargetDncDomain = objRootDse.Get("defaultNamingContext")


            
            strBase    = "<" & "LDAP://" & strComp & "/" & strTargetDncDomain & ">;"
            strAttrs = "distinguishedName,sAMAccountName;"
            strScope = "subtree"
            strFilter = "(&(objectCategory=person)(objectClass=user)(CN=" & strAccount & "));"

            strQuery = strBase & strFilter & strAttrs & strScope

            Set oConnection = CreateObject("ADODB.Connection")
            oConnection.Provider = "ADsDSOObject"
            oConnection.Properties("Encrypt Password") = True
            oConnection.Open "Active Directory Provider", strUser, strPass

            Set oCommand = CreateObject("ADODB.Command")
            oCommand.ActiveConnection = oConnection
            oCommand.Properties("Page Size") = 100
            oCommand.Properties("Timeout") = 30
            oCommand.Properties("Cache Results") = False

            oCommand.CommandText = strQuery
            Set objRS = oCommand.Execute
            Do While Not objRS.EOF
                  strDnFound = objRS.Fields("distinguishedName")
                  objRS.MoveNext
            Loop
0
vatza
Asked:
vatza
  • 4
  • 4
1 Solution
 
Raj-GTSystems EngineerCommented:
You are missing a / next to LDAP:/ in the line below. The code looks ok otherwise.

Set objRootDse = objDSO.OpenDSObject("LDAP:/" & strComp & "/RootDSE" , strUser, strPass, ADS_SECURE_AUTHENTICATION OR ADS_SERVER_BIND)

Are you getting any other error messages.
0
 
vatzaAuthor Commented:
yes.. thank you..

I could infer that the ADODB connection is open, but the command is closed. Any light in this area ?
0
 
Raj-GTSystems EngineerCommented:
You are using strComp as variable which is invalid. A vbscript function called strComp exists so you have to rename that variable.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell┬« is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
vatzaAuthor Commented:
I have renamed it and the script executes successfully, but for that error. I infered it with  a msgbox(). Below is the updated Script:

'''' CUSTOM CODE STARTS '''''''
 
                                strUser = "<<BIND USER>>"
                                strPass = "***********"
                                strDC = "***************" '* the remote domain controller
                                strAccount = "<<SEARCH USER>>"
                               
                                Const ADS_SECURE_AUTHENTICATION = 0
                                Const ADS_SERVER_BIND = 389

                                Set objDSO = GetObject("LDAP:")
                                Set objRootDse = objDSO.OpenDSObject("LDAP://" & strDC & "/RootDSE" , strUser, strPass, ADS_SECURE_AUTHENTICATION OR ADS_SERVER_BIND)
                                strTargetDncDomain = objRootDse.Get("defaultNamingContext")
               
                                strBase    = "<" & "LDAP://" & strDC & "/" & strTargetDncDomain & ">;"
                                strAttrs = "CN;"
                                strScope = "subtree"
                                strFilter = "(&(objectCategory=person)(objectClass=user)(CN=" & strAccount & "));"

                                strQuery = strBase & strFilter & strAttrs & strScope

                                Set oConnection = CreateObject("ADODB.Connection")
                                oConnection.Provider = "ADsDSOObject"
                                oConnection.Properties("Encrypt Password") = True
                                oConnection.Open "Active Directory Provider", strUser, strPass

                                Set oCommand = CreateObject("ADODB.Command")
                                oCommand.ActiveConnection = oConnection
                                oCommand.CommandTimeout = 30

                                oCommand.CommandText = strQuery

                                Set objRS = oCommand.Execute


                                Do While Not objRS.EOF
                                                strDnFound = objRS.Fields("CN")
                                                objRS.MoveNext
                                Loop
                               
                                objRS.close
                                oConnection.close
0
 
Raj-GTSystems EngineerCommented:
Try this...
strUser = "domain\username"
strPass = "password"
strDC = "DC.domain.local" ' this has to be FQDN of the DC
strAccount = "searchuser" 'Use the sAMAccountname (logon name)  value here instead of CN
            
Const ADS_SECURE_AUTHENTICATION = 0
Const ADS_SERVER_BIND = 389

Set objDSO = GetObject("LDAP:")
Set objRootDse = objDSO.OpenDSObject("LDAP://" & strDC & "/RootDSE", strUser, strPass, ADS_SECURE_AUTHENTICATION OR ADS_SERVER_BIND)
strTargetDncDomain = objRootDse.Get("defaultNamingContext")

strBase    = "<LDAP://" & strDC & "/" & strTargetDncDomain & ">;"
strAttrs = "CN;"
strScope = "subtree"
strFilter = "(&(objectCategory=person)(objectClass=user)(sAMAccountname=" & strAccount & "));"

strQuery = strBase & strFilter & strAttrs & strScope

Set oConnection = CreateObject("ADODB.Connection")
oConnection.Provider = "ADsDSOObject"
oConnection.Properties("Encrypt Password") = True
oConnection.Open "Active Directory Provider", strUser, strPass

Set oCommand = CreateObject("ADODB.Command")
oCommand.ActiveConnection = oConnection
oCommand.CommandTimeout = 30

oCommand.CommandText = strQuery

Set objRS = oCommand.Execute
Do While Not objRS.EOF
   strDnFound = objRS.Fields("CN")
   wscript.echo strDnFound ' Just so that we know it's working
   objRS.MoveNext
Loop 

objRS.close
oConnection.close

Open in new window


Thanks,
Raj
0
 
vatzaAuthor Commented:
Thanks Raj, It works
0
 
Raj-GTSystems EngineerCommented:
You are welcome. Would you mind closing the question then please.
0
 
vatzaAuthor Commented:
I am closing it. Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now