From: Jeffery Hicks [MVP] on 21 Nov 2007 15:46 That's the first thing I thought to. But I tried using ADO with alternate credentials and it from non-domain member as long as I specified a domain controller in the LDAP string. I was a little surprised it worked. -- Jeffery Hicks Microsoft PowerShell MVP http://www.scriptinganswers.com http://www.powershellcommunity.org Now Available: WSH and VBScript Core: TFM Coming Soon: Windows PowerShell: TFM 2nd Ed. "Richard Mueller [MVP]" <rlmueller-nospam(a)ameritech.nospam.net> wrote in message news:%23p02V6HLIHA.4272(a)TK2MSFTNGP06.phx.gbl... > Alternate credentials with ADO requires that the client be joined to the > domain. You might have better luck using the OpenDSObject method. See this > link: > > http://msdn2.microsoft.com/en-us/library/aa706065.aspx > > You will need to specify a Domain Controller in the binding string. I have > not tried this, so I can't say if it will work. > > -- > Richard Mueller > Microsoft MVP Scripting and ADSI > Hilltop Lab - http://www.rlmueller.net > -- > > "Jeffery Hicks [MVP]" <jhicks(a)sapien.com> wrote in message > news:%23deaidHLIHA.536(a)TK2MSFTNGP06.phx.gbl... >> It might work if you can specify a domain controller in your query: >> >> "SELECT Name FROM 'LDAP://DC01/dc=testdomain,dc=local' WHERE >> objectCategory='user'" >> >> -- >> Jeffery Hicks >> Microsoft PowerShell MVP >> http://www.scriptinganswers.com >> http://www.powershellcommunity.org >> >> Now Available: WSH and VBScript Core: TFM >> Coming Soon: Windows PowerShell: TFM 2nd Ed. >> "Tom" <private(a)company.com> wrote in message >> news:A52DC59E-F027-4CF4-B5C7-3D7186583CED(a)microsoft.com... >>> Hi, >>> I have a similar problem. I too wish to query active directory and am >>> using >>> similar code to Maverick to do so (the piece with the connection details >>> is >>> actually identical and the only real difference is I am running a >>> different >>> query). >>> The machine I am using is a member of the domain being queried. If I log >>> on >>> as a user from that domain I can run the script and it works fine. >>> However, >>> if I log on to the same machine but as a user from a different domain >>> and run >>> the script I get the exact same error message as Maverick. >>> Although I specifiy an account in the domain in my script it is as if >>> Active >>> Directory is still using the credentials with which I logged on to >>> decide >>> whether or not I should be granted access to. >>> Has anyone got any ideas? >>> >>> Tom >>> >>> "Jeffery Hicks [MVP]" wrote: >>> >>>> I don't think you'll ever be able to get that to function in a >>>> workgroup. >>>> The AD provider is looking for a domain controller but your workgroup >>>> machine isn't configured to use one. You might be able to use a direct >>>> LDAP >>>> connection to a specific domain controller, possibly passing alternate >>>> credentials as well, but the script will look different than what you >>>> have >>>> here. >>>> >>>> -- >>>> Jeffery Hicks >>>> Microsoft PowerShell MVP >>>> http://www.scriptinganswers.com >>>> http://www.powershellcommunity.org >>>> >>>> Now Available: WSH and VBScript Core: TFM >>>> Coming Soon: Windows PowerShell: TFM 2nd Ed. >>>> "maverick" <maverick(a)discussions.microsoft.com> wrote in message >>>> news:04BA0383-16E8-43ED-987E-4B5295D1C49C(a)microsoft.com... >>>> > Hi, >>>> > >>>> > I tried running the script appended below which runs fine on a >>>> > machine >>>> > joined to a domain. >>>> > How can i get this script to run from a machine which is not joined >>>> > to the >>>> > domain(xyz.mc.uk)? >>>> > >>>> > I get the following error on the client which is not joined to the >>>> > domain? >>>> > >>>> > Windows Script Host >>>> > --------------------------- >>>> > Script: C:\Documents and Settings\Administrator\Desktop\Search.vbs >>>> > Line: 21 >>>> > Char: 1 >>>> > Error: Table does not exist. >>>> > Code: 80040E37 >>>> > Source: Provider >>>> > >>>> > >>>> > Is there a way out to run this script from a machine which is not in >>>> > the >>>> > domain? >>>> > >>>> > >>>> > >>>> > Script >>>> > >>>> > strUserName = "1234567" >>>> > strLDAP = "<LDAP://dc=xyz,dc=mc,dc=ck>" >>>> > dtStart = TimeValue(Now()) >>>> > >>>> > Set objConnection = CreateObject("ADODB.Connection") >>>> > Set objCommand = CreateObject("ADODB.Command") >>>> > objConnection.Provider = "ADsDSOObject" >>>> > >>>> > objConnection.Properties("User ID") = "xyz.mc.ck\user" >>>> > objConnection.Properties("Password") = "Pwd0334" >>>> > objConnection.Properties("Encrypt Password") = TRUE >>>> > objConnection.Properties("ADSI FLAG") = 1 >>>> > >>>> > objConnection.Open "Active Directory Provider" >>>> > set objCommand.ActiveConnection = objConnection >>>> > >>>> > objCommand.CommandText = _ >>>> > strLDAP & ";(&(objectCategory=User)" & _ >>>> > "(mobile=" & strUserName & >>>> > "));distinguishedName,mobile,sAmAccountName,cn;subtree" >>>> > >>>> > Set objRecordSet = objCommand.Execute >>>> > >>>> > If objRecordset.RecordCount = 0 Then >>>> > WScript.Echo "sAMAccountName: " & strUserName & " does not exist." >>>> > Else >>>> > WScript.Echo objRecordSet.fields("distinguishedName").value &" >>>> > exists." >>>> > DNAME = objRecordSet.fields("distinguishedName").value >>>> > set objUser = GetObject("LDAP://" & DNAME ) >>>> > wscript.echo "itworked" >>>> > objUser.Put "userPrincipalName", "mtself(a)xyz.mc.ck" >>>> > objuser.setInfo >>>> > End If >>>> > >>>> > objConnection.Close >>>> > >>>> > >>>> >> > >
From: Richard Mueller [MVP] on 21 Nov 2007 16:19 Good to know. Richard "Jeffery Hicks [MVP]" <jhicks(a)sapien.com> wrote in message news:C8C25400-83C3-4047-90B3-5E4FCC11592E(a)microsoft.com... > That's the first thing I thought to. But I tried using ADO with alternate > credentials and it from non-domain member as long as I specified a domain > controller in the LDAP string. I was a little surprised it worked. > > -- > Jeffery Hicks > Microsoft PowerShell MVP > http://www.scriptinganswers.com > http://www.powershellcommunity.org > > Now Available: WSH and VBScript Core: TFM > Coming Soon: Windows PowerShell: TFM 2nd Ed. > "Richard Mueller [MVP]" <rlmueller-nospam(a)ameritech.nospam.net> wrote in > message news:%23p02V6HLIHA.4272(a)TK2MSFTNGP06.phx.gbl... >> Alternate credentials with ADO requires that the client be joined to the >> domain. You might have better luck using the OpenDSObject method. See >> this link: >> >> http://msdn2.microsoft.com/en-us/library/aa706065.aspx >> >> You will need to specify a Domain Controller in the binding string. I >> have not tried this, so I can't say if it will work. >> >> -- >> Richard Mueller >> Microsoft MVP Scripting and ADSI >> Hilltop Lab - http://www.rlmueller.net >> -- >> >> "Jeffery Hicks [MVP]" <jhicks(a)sapien.com> wrote in message >> news:%23deaidHLIHA.536(a)TK2MSFTNGP06.phx.gbl... >>> It might work if you can specify a domain controller in your query: >>> >>> "SELECT Name FROM 'LDAP://DC01/dc=testdomain,dc=local' WHERE >>> objectCategory='user'" >>> >>> -- >>> Jeffery Hicks >>> Microsoft PowerShell MVP >>> http://www.scriptinganswers.com >>> http://www.powershellcommunity.org >>> >>> Now Available: WSH and VBScript Core: TFM >>> Coming Soon: Windows PowerShell: TFM 2nd Ed. >>> "Tom" <private(a)company.com> wrote in message >>> news:A52DC59E-F027-4CF4-B5C7-3D7186583CED(a)microsoft.com... >>>> Hi, >>>> I have a similar problem. I too wish to query active directory and am >>>> using >>>> similar code to Maverick to do so (the piece with the connection >>>> details is >>>> actually identical and the only real difference is I am running a >>>> different >>>> query). >>>> The machine I am using is a member of the domain being queried. If I >>>> log on >>>> as a user from that domain I can run the script and it works fine. >>>> However, >>>> if I log on to the same machine but as a user from a different domain >>>> and run >>>> the script I get the exact same error message as Maverick. >>>> Although I specifiy an account in the domain in my script it is as if >>>> Active >>>> Directory is still using the credentials with which I logged on to >>>> decide >>>> whether or not I should be granted access to. >>>> Has anyone got any ideas? >>>> >>>> Tom >>>> >>>> "Jeffery Hicks [MVP]" wrote: >>>> >>>>> I don't think you'll ever be able to get that to function in a >>>>> workgroup. >>>>> The AD provider is looking for a domain controller but your workgroup >>>>> machine isn't configured to use one. You might be able to use a >>>>> direct LDAP >>>>> connection to a specific domain controller, possibly passing alternate >>>>> credentials as well, but the script will look different than what you >>>>> have >>>>> here. >>>>> >>>>> -- >>>>> Jeffery Hicks >>>>> Microsoft PowerShell MVP >>>>> http://www.scriptinganswers.com >>>>> http://www.powershellcommunity.org >>>>> >>>>> Now Available: WSH and VBScript Core: TFM >>>>> Coming Soon: Windows PowerShell: TFM 2nd Ed. >>>>> "maverick" <maverick(a)discussions.microsoft.com> wrote in message >>>>> news:04BA0383-16E8-43ED-987E-4B5295D1C49C(a)microsoft.com... >>>>> > Hi, >>>>> > >>>>> > I tried running the script appended below which runs fine on a >>>>> > machine >>>>> > joined to a domain. >>>>> > How can i get this script to run from a machine which is not joined >>>>> > to the >>>>> > domain(xyz.mc.uk)? >>>>> > >>>>> > I get the following error on the client which is not joined to the >>>>> > domain? >>>>> > >>>>> > Windows Script Host >>>>> > --------------------------- >>>>> > Script: C:\Documents and Settings\Administrator\Desktop\Search.vbs >>>>> > Line: 21 >>>>> > Char: 1 >>>>> > Error: Table does not exist. >>>>> > Code: 80040E37 >>>>> > Source: Provider >>>>> > >>>>> > >>>>> > Is there a way out to run this script from a machine which is not in >>>>> > the >>>>> > domain? >>>>> > >>>>> > >>>>> > >>>>> > Script >>>>> > >>>>> > strUserName = "1234567" >>>>> > strLDAP = "<LDAP://dc=xyz,dc=mc,dc=ck>" >>>>> > dtStart = TimeValue(Now()) >>>>> > >>>>> > Set objConnection = CreateObject("ADODB.Connection") >>>>> > Set objCommand = CreateObject("ADODB.Command") >>>>> > objConnection.Provider = "ADsDSOObject" >>>>> > >>>>> > objConnection.Properties("User ID") = "xyz.mc.ck\user" >>>>> > objConnection.Properties("Password") = "Pwd0334" >>>>> > objConnection.Properties("Encrypt Password") = TRUE >>>>> > objConnection.Properties("ADSI FLAG") = 1 >>>>> > >>>>> > objConnection.Open "Active Directory Provider" >>>>> > set objCommand.ActiveConnection = objConnection >>>>> > >>>>> > objCommand.CommandText = _ >>>>> > strLDAP & ";(&(objectCategory=User)" & _ >>>>> > "(mobile=" & strUserName & >>>>> > "));distinguishedName,mobile,sAmAccountName,cn;subtree" >>>>> > >>>>> > Set objRecordSet = objCommand.Execute >>>>> > >>>>> > If objRecordset.RecordCount = 0 Then >>>>> > WScript.Echo "sAMAccountName: " & strUserName & " does not >>>>> > exist." >>>>> > Else >>>>> > WScript.Echo objRecordSet.fields("distinguishedName").value &" >>>>> > exists." >>>>> > DNAME = objRecordSet.fields("distinguishedName").value >>>>> > set objUser = GetObject("LDAP://" & DNAME ) >>>>> > wscript.echo "itworked" >>>>> > objUser.Put "userPrincipalName", "mtself(a)xyz.mc.ck" >>>>> > objuser.setInfo >>>>> > End If >>>>> > >>>>> > objConnection.Close >>>>> > >>>>> > >>>>> >>> >> >> >
From: maverick on 22 Nov 2007 01:43 Hello All, Thanks for the response, yes it does work if the dc = dc.domainname. I can get it to work ,but only the first part of searching the user but not able to update the user info... --------------------------- Windows Script Host --------------------------- Script: C:\Documents and Settings\Administrator\Desktop\Search.vbs Line: 34 Char: 6 Error: An operations error occurred. Code: 80072020 Source: (null) --------------------------- OK --------------------------- The above error comes up at the get object......and it takes longer time as oppossed to a machine which is in the domain? any help will be appreciated. cheers "Richard Mueller [MVP]" wrote: > Good to know. > > Richard > > "Jeffery Hicks [MVP]" <jhicks(a)sapien.com> wrote in message > news:C8C25400-83C3-4047-90B3-5E4FCC11592E(a)microsoft.com... > > That's the first thing I thought to. But I tried using ADO with alternate > > credentials and it from non-domain member as long as I specified a domain > > controller in the LDAP string. I was a little surprised it worked. > > > > -- > > Jeffery Hicks > > Microsoft PowerShell MVP > > http://www.scriptinganswers.com > > http://www.powershellcommunity.org > > > > Now Available: WSH and VBScript Core: TFM > > Coming Soon: Windows PowerShell: TFM 2nd Ed. > > "Richard Mueller [MVP]" <rlmueller-nospam(a)ameritech.nospam.net> wrote in > > message news:%23p02V6HLIHA.4272(a)TK2MSFTNGP06.phx.gbl... > >> Alternate credentials with ADO requires that the client be joined to the > >> domain. You might have better luck using the OpenDSObject method. See > >> this link: > >> > >> http://msdn2.microsoft.com/en-us/library/aa706065.aspx > >> > >> You will need to specify a Domain Controller in the binding string. I > >> have not tried this, so I can't say if it will work. > >> > >> -- > >> Richard Mueller > >> Microsoft MVP Scripting and ADSI > >> Hilltop Lab - http://www.rlmueller.net > >> -- > >> > >> "Jeffery Hicks [MVP]" <jhicks(a)sapien.com> wrote in message > >> news:%23deaidHLIHA.536(a)TK2MSFTNGP06.phx.gbl... > >>> It might work if you can specify a domain controller in your query: > >>> > >>> "SELECT Name FROM 'LDAP://DC01/dc=testdomain,dc=local' WHERE > >>> objectCategory='user'" > >>> > >>> -- > >>> Jeffery Hicks > >>> Microsoft PowerShell MVP > >>> http://www.scriptinganswers.com > >>> http://www.powershellcommunity.org > >>> > >>> Now Available: WSH and VBScript Core: TFM > >>> Coming Soon: Windows PowerShell: TFM 2nd Ed. > >>> "Tom" <private(a)company.com> wrote in message > >>> news:A52DC59E-F027-4CF4-B5C7-3D7186583CED(a)microsoft.com... > >>>> Hi, > >>>> I have a similar problem. I too wish to query active directory and am > >>>> using > >>>> similar code to Maverick to do so (the piece with the connection > >>>> details is > >>>> actually identical and the only real difference is I am running a > >>>> different > >>>> query). > >>>> The machine I am using is a member of the domain being queried. If I > >>>> log on > >>>> as a user from that domain I can run the script and it works fine. > >>>> However, > >>>> if I log on to the same machine but as a user from a different domain > >>>> and run > >>>> the script I get the exact same error message as Maverick. > >>>> Although I specifiy an account in the domain in my script it is as if > >>>> Active > >>>> Directory is still using the credentials with which I logged on to > >>>> decide > >>>> whether or not I should be granted access to. > >>>> Has anyone got any ideas? > >>>> > >>>> Tom > >>>> > >>>> "Jeffery Hicks [MVP]" wrote: > >>>> > >>>>> I don't think you'll ever be able to get that to function in a > >>>>> workgroup. > >>>>> The AD provider is looking for a domain controller but your workgroup > >>>>> machine isn't configured to use one. You might be able to use a > >>>>> direct LDAP > >>>>> connection to a specific domain controller, possibly passing alternate > >>>>> credentials as well, but the script will look different than what you > >>>>> have > >>>>> here. > >>>>> > >>>>> -- > >>>>> Jeffery Hicks > >>>>> Microsoft PowerShell MVP > >>>>> http://www.scriptinganswers.com > >>>>> http://www.powershellcommunity.org > >>>>> > >>>>> Now Available: WSH and VBScript Core: TFM > >>>>> Coming Soon: Windows PowerShell: TFM 2nd Ed. > >>>>> "maverick" <maverick(a)discussions.microsoft.com> wrote in message > >>>>> news:04BA0383-16E8-43ED-987E-4B5295D1C49C(a)microsoft.com... > >>>>> > Hi, > >>>>> > > >>>>> > I tried running the script appended below which runs fine on a > >>>>> > machine > >>>>> > joined to a domain. > >>>>> > How can i get this script to run from a machine which is not joined > >>>>> > to the > >>>>> > domain(xyz.mc.uk)? > >>>>> > > >>>>> > I get the following error on the client which is not joined to the > >>>>> > domain? > >>>>> > > >>>>> > Windows Script Host > >>>>> > --------------------------- > >>>>> > Script: C:\Documents and Settings\Administrator\Desktop\Search.vbs > >>>>> > Line: 21 > >>>>> > Char: 1 > >>>>> > Error: Table does not exist. > >>>>> > Code: 80040E37 > >>>>> > Source: Provider > >>>>> > > >>>>> > > >>>>> > Is there a way out to run this script from a machine which is not in > >>>>> > the > >>>>> > domain? > >>>>> > > >>>>> > > >>>>> > > >>>>> > Script > >>>>> > > >>>>> > strUserName = "1234567" > >>>>> > strLDAP = "<LDAP://dc=xyz,dc=mc,dc=ck>" > >>>>> > dtStart = TimeValue(Now()) > >>>>> > > >>>>> > Set objConnection = CreateObject("ADODB.Connection") > >>>>> > Set objCommand = CreateObject("ADODB.Command") > >>>>> > objConnection.Provider = "ADsDSOObject" > >>>>> > > >>>>> > objConnection.Properties("User ID") = "xyz.mc.ck\user" > >>>>> > objConnection.Properties("Password") = "Pwd0334" > >>>>> > objConnection.Properties("Encrypt Password") = TRUE > >>>>> > objConnection.Properties("ADSI FLAG") = 1 > >>>>> > > >>>>> > objConnection.Open "Active Directory Provider" > >>>>> > set objCommand.ActiveConnection = objConnection > >>>>> > > >>>>> > objCommand.CommandText = _ > >>>>> > strLDAP & ";(&(objectCategory=User)" & _ > >>>>> > "(mobile=" & strUserName & > >>>>> > "));distinguishedName,mobile,sAmAccountName,cn;subtree" > >>>>> > > >>>>> > Set objRecordSet = objCommand.Execute > >>>>> > > >>>>> > If objRecordset.RecordCount = 0 Then > >>>>> > WScript.Echo "sAMAccountName: " & strUserName & " does not > >>>>> > exist." > >>>>> > Else > >>>>> > WScript.Echo objRecordSet.fields("distinguishedName").value &" > >>>>> > exists." > >>>>> > DNAME = objRecordSet.fields("distinguishedName").value > >>>>> > set objUser = GetObject("LDAP://" & DNAME ) > >>>>> > wscript.echo "itworked" > >>>>> > objUser.Put "userPrincipalName", "mtself(a)xyz.mc.ck" > >>>>> > objuser.setInfo > >>>>> > End If > >>>>> > > >>>>> > objConnection.Close > >>>>> > > >>>>> > > >>>>> > >>> > >> > >> > > > > >
First
|
Prev
|
Pages: 1 2 Prev: Change Desktop Wallpaper Next: copyhere and preventing progress bars and dialogs |