| Author | Messages | |
AD00000203
Posts:0
 | | 08/31/2005 6:55 AM |
| Background:
We are migrating to Exchange from Groupwise in 12 days. We still have a ton of machines that are not part of AD, still in NDS. Users all have accounts and mailboxes in AD. Many Novell users have not logged into AD. During our migration we would like the techs to quickly reset user passwords for those that do not know their AD passwords. Techs will be in the field at distributed locations to help with outlook connectivity. They will not know the existing password.
When i run this from a non domain member I get "The specified domain either does not exist or could not be contacted". It runs fine from a domain member
Here is the code - thanks to anyone that can help.
'Set a Users password
'Written by: Shawn Hayes
'Date: 8-31-05
'Variables
Dim strUserName, strUserDN, strDNSDomain, strNetBiosDomain, strpassword, strpassword1, strpassword2
Dim strUserName1, strUserName2, strmsgresult, strcontinue, stradminID, stradminpwd, stradminpwd1, stradminpwd2
strNetBiosDomain = "ourdomainname\"
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1
Const ADS_PROPERTY_CLEAR = 1
Const ADS_SECURE_AUTHENTICATION = 1
'Input box prompts for UserID
msgbox ("You must enter a userid with privledges in AD to change user passwords!")
stradminID = InputBox ("Enter Your Admin account name used to connect to AD", "Enter Your Admin account name used to connect to AD", "")
'Input box prompts for admins password
Do
stradminpwd1 = InputBox ("Enter the Admin Password", " Admin Password", "")
stradminpwd2 = InputBox ("Reenter the Admin password", "Admin Password", "")
If stradminpwd1 stradminpwd2 then
msgbox ("Admin Passwords do not match")
strpassword = "nothing"
Else
strpassword = "equal"
End IF
Loop until strpassword = "equal"
strpassword = "nothing"
'User information
Do
'Input box prompts for UserID
strUsername1 = InputBox ("Enter the Active Directory UserID", "Enter the Users Active Directory UserID", "")
'Input box prompts for users new password
Do
strPassword1 = InputBox ("Enter the new Password", "Password", "")
strPassword2 = InputBox ("Reenter the password", "Password", "")
If strpassword1 strpassword2 then
msgbox ("Passwords do not match")
strpassword = "nothing"
Else
strpassword = "equal"
End IF
Loop until strpassword = "equal"
Set objNetwork = CreateObject("Wscript.Network")
'Connect to RootDSE
'Set objRoot = GetObject("LDAP://domaincontroller.ourdomain.com/RootDSE")
'Set objroot = GetObject("LDAP:")
'Set objDomain = objRoot.OpenDSObject("LDAP://cn=domain controller,OU=domain controllers,dc=ourdomain,dc=com", strNetBiosDomain & stradminID, stradminpwd1, ADS_SECURE_AUTHENTICATION)
'Set objDomain = objRoot.OpenDSObject("LDAP://dc=ourdomain,dc=com", strNetBiosDomain & stradminID, stradminpwd1, ADS_SECURE_AUTHENTICATION)
'strDNSDomain = objRootDSE.Get("defaultNamingContext")
'strDNSDomain = objdomain.Get("defaultNamingContext")
'Determine UsersDN from netbios name
Set objTrans = CreateObject("NameTranslate")
objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & strUserName1
strUserDN = objTrans.Get(ADS_NAME_TYPE_1779)
strmsgresult = msgbox ("OK to change this user's password? " & struserdn, vbyesno)
'msgbox (strmsgresult)
If strmsgresult = "6" then
'Set the Users Password
'Set objUser = GetObject ("LDAP://" & strUserDN)
Set ObjDomain = GetObject ("LDAP:")
Set objuser = ObjDomain.OpenDSObject("LDAP://domaincontroller.ourdomain.com/" & strUserDN, strNetBiosDomain & stradminID, stradminpwd1, ADS_SECURE_AUTHENTICATION)
objUser.SetPassword strpassword1
Msgbox ("Password Set!")
wscript.quit
Else
strcontinue = Msgbox ("Password not set, would you like to reenter the UserID?", vbyesno)
If strcontinue "6" then
wscript.quit
End IF
End IF
Loop
I am trying to write a script to set a user password and the script must be
run from a machine that is not a domain member.
Background:
We are migrating to Exchange from Groupwise in 12 days. We still have
a ton of machines that are not part of AD, still in NDS. Users all have
accounts and mailboxes in AD. Many Novell users have not logged into
AD. During our migration we would like the techs to quickly reset
user passwords for those that do not know their AD passwords. Techs will
be in the field at distributed locations to help with outlook
connectivity. They will not know the existing password.
When i run this from a non domain member I get "The specified domain either
does not exist or could not be contacted". It runs fine from a domain
member
Here is the code - thanks to anyone that can help.
'Set a Users password'Written by: Shawn Hayes'Date: 8-31-05
'VariablesDim strUserName, strUserDN, strDNSDomain, strNetBiosDomain,
strpassword, strpassword1, strpassword2Dim strUserName1, strUserName2,
strmsgresult, strcontinue, stradminID, stradminpwd, stradminpwd1,
stradminpwd2strNetBiosDomain = "ourdomainname\"Const
ADS_NAME_INITTYPE_GC = 3Const ADS_NAME_TYPE_NT4 = 3Const
ADS_NAME_TYPE_1779 = 1Const ADS_PROPERTY_CLEAR = 1 Const
ADS_SECURE_AUTHENTICATION = 1
'Input box prompts for UserID msgbox ("You
must enter a userid with privledges in AD to change user
passwords!") stradminID = InputBox ("Enter Your Admin
account name used to connect to AD", "Enter Your Admin account name used to
connect to AD", "") 'Input box prompts for admins password
Do stradminpwd1 = InputBox ("Enter the Admin Password", "
Admin Password", "") stradminpwd2 = InputBox ("Reenter the
Admin password", "Admin Password", "") If stradminpwd1
stradminpwd2 then msgbox ("Admin
Passwords do not match") strpassword =
"nothing" Else
strpassword = "equal" End IF Loop until
strpassword = "equal"
strpassword = "nothing"
'User informationDo 'Input box prompts for
UserID strUsername1 = InputBox ("Enter the Active
Directory UserID", "Enter the Users Active Directory UserID", "")
'Input box prompts for users new password Do
strPassword1 = InputBox ("Enter the new Password", "Password",
"") strPassword2 = InputBox ("Reenter the password",
"Password", "") If strpassword1 strpassword2
then msgbox ("Passwords do not
match") strpassword =
"nothing" Else
strpassword = "equal" End IF Loop until
strpassword = "equal" Set objNetwork =
CreateObject("Wscript.Network") 'Connect to
RootDSE 'Set objRoot = GetObject("LDAP://domaincontroller.ourdomain.com/RootDSE")
'Set objroot = GetObject("LDAP:") 'Set objDomain =
objRoot.OpenDSObject("LDAP://cn=domain
controller,OU=domain controllers,dc=ourdomain,dc=com", strNetBiosDomain
& stradminID, stradminpwd1, ADS_SECURE_AUTHENTICATION) 'Set
objDomain = objRoot.OpenDSObject("LDAP://dc=ourdomain,dc=com",
strNetBiosDomain & stradminID, stradminpwd1,
ADS_SECURE_AUTHENTICATION) 'strDNSDomain =
objRootDSE.Get("defaultNamingContext") 'strDNSDomain =
objdomain.Get("defaultNamingContext") 'Determine UsersDN
from netbios name Set objTrans =
CreateObject("NameTranslate") objTrans.Set ADS_NAME_TYPE_NT4,
strNetBIOSDomain & strUserName1 strUserDN =
objTrans.Get(ADS_NAME_TYPE_1779) strmsgresult = msgbox ("OK to change
this user's password? " & struserdn, vbyesno) 'msgbox
(strmsgresult) If strmsgresult = "6" then 'Set
the Users Password 'Set objUser = GetObject ("LDAP://"
& strUserDN) Set ObjDomain = GetObject
("LDAP:") Set objuser = ObjDomain.OpenDSObject("LDAP://domaincontroller.ourdomain.com/"
& strUserDN, strNetBiosDomain & stradminID, stradminpwd1,
ADS_SECURE_AUTHENTICATION)
objUser.SetPassword strpassword1
Msgbox ("Password Set!") wscript.quit Else
strcontinue = Msgbox ("Password not set, would you like
to reenter the UserID?", vbyesno) If strcontinue
"6" then wscript.quit
End IF End IFLoop | | | |
| Alm@xxxx.yyy
| | 08/31/2005 7:20 AM |
| ________________________________
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx on behalf of Shawn Hayes
Sent: Wed 8/31/2005 2:26 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: [ActiveDir] VBscript to set a password for a user in AD but ran from a non domain member
I am trying to write a script to set a user password and the script must be run from a machine that is not a domain member.
Background:
We are migrating to Exchange from Groupwise in 12 days. We still have a ton of machines that are not part of AD, still in NDS. Users all have accounts and mailboxes in AD. Many Novell users have not logged into AD. During our migration we would like the techs to quickly reset user passwords for those that do not know their AD passwords. Techs will be in the field at distributed locations to help with outlook connectivity. They will not know the existing password.
When i run this from a non domain member I get "The specified domain either does not exist or could not be contacted". It runs fine from a domain member
Here is the code - thanks to anyone that can help.
'Set a Users password
'Written by: Shawn Hayes
'Date: 8-31-05
'Variables
Dim strUserName, strUserDN, strDNSDomain, strNetBiosDomain, strpassword, strpassword1, strpassword2
Dim strUserName1, strUserName2, strmsgresult, strcontinue, stradminID, stradminpwd, stradminpwd1, stradminpwd2
strNetBiosDomain = "ourdomainname\"
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1
Const ADS_PROPERTY_CLEAR = 1
Const ADS_SECURE_AUTHENTICATION = 1
'Input box prompts for UserID
msgbox ("You must enter a userid with privledges in AD to change user passwords!")
stradminID = InputBox ("Enter Your Admin account name used to connect to AD", "Enter Your Admin account name used to connect to AD", "")
'Input box prompts for admins password
Do
stradminpwd1 = InputBox ("Enter the Admin Password", " Admin Password", "")
stradminpwd2 = InputBox ("Reenter the Admin password", "Admin Password", "")
If stradminpwd1 stradminpwd2 then
msgbox ("Admin Passwords do not match")
strpassword = "nothing"
Else
strpassword = "equal"
End IF
Loop until strpassword = "equal"
strpassword = "nothing"
'User information
Do
'Input box prompts for UserID
strUsername1 = InputBox ("Enter the Active Directory UserID", "Enter the Users Active Directory UserID", "")
'Input box prompts for users new password
Do
strPassword1 = InputBox ("Enter the new Password", "Password", "")
strPassword2 = InputBox ("Reenter the password", "Password", "")
If strpassword1 strpassword2 then
msgbox ("Passwords do not match")
strpassword = "nothing"
Else
strpassword = "equal"
End IF
Loop until strpassword = "equal"
Set objNetwork = CreateObject("Wscript.Network")
'Connect to RootDSE
'Set objRoot = GetObject("LDAP://domaincontroller.ourdomain.com/RootDSE")
'Set objroot = GetObject("LDAP:")
'Set objDomain = objRoot.OpenDSObject("LDAP://cn=domain controller,OU=domain controllers,dc=ourdomain,dc=com", strNetBiosDomain & stradminID, stradminpwd1, ADS_SECURE_AUTHENTICATION)
'Set objDomain = objRoot.OpenDSObject("LDAP://dc=ourdomain,dc=com", strNetBiosDomain & stradminID, stradminpwd1, ADS_SECURE_AUTHENTICATION)
'strDNSDomain = objRootDSE.Get("defaultNamingContext")
'strDNSDomain = objdomain.Get("defaultNamingContext")
'Determine UsersDN from netbios name
Set objTrans = CreateObject("NameTranslate")
objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & strUserName1
strUserDN = objTrans.Get(ADS_NAME_TYPE_1779)
strmsgresult = msgbox ("OK to change this user's password? " & struserdn, vbyesno)
'msgbox (strmsgresult)
If strmsgresult = "6" then
'Set the Users Password
'Set objUser = GetObject ("LDAP://" & strUserDN)
Set ObjDomain = GetObject ("LDAP:")
Set objuser = ObjDomain.OpenDSObject("LDAP://domaincontroller.ourdomain.com/" & strUserDN, strNetBiosDomain & stradminID, stradminpwd1, ADS_SECURE_AUTHENTICATION)
objUser.SetPassword strpassword1
Msgbox ("Password Set!")
wscript.quit
Else
strcontinue = Msgbox ("Password not set, would you like to reenter the UserID?", vbyesno)
If strcontinue "6" then
wscript.quit
End IF
End IF
Loop
> | | | |
| AD00000203
Posts:0
| | 08/31/2005 7:38 AM |
| strNetbiosdomain is a variable I set
script dies before line 61
A web front-end is where we were leaning.
Shawn
>>> "Al Mulnick" 08/31/05 03:19PM >>>
How does the non-domain member find strNetBIOSDomain ?
On line 61, how about having it echo to the user what the strNetBIOSDomain and strUserName1 variables result in?
Does it match what you think it should be? Is it possible to find that information from the workstation it's running on? Any reason you wouldn't run this as a web page from a domain member instead?
Al
________________________________
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx on behalf of Shawn Hayes
Sent: Wed 8/31/2005 2:26 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: [ActiveDir] VBscript to set a password for a user in AD but ran from a non domain member
I am trying to write a script to set a user password and the script must be run from a machine that is not a domain member.
Background:
We are migrating to Exchange from Groupwise in 12 days. We still have a ton of machines that are not part of AD, still in NDS. Users all have accounts and mailboxes in AD. Many Novell users have not logged into AD. During our migration we would like the techs to quickly reset user passwords for those that do not know their AD passwords. Techs will be in the field at distributed locations to help with outlook connectivity. They will not know the existing password.
When i run this from a non domain member I get "The specified domain either does not exist or could not be contacted". It runs fine from a domain member
Here is the code - thanks to anyone that can help.
'Set a Users password
'Written by: Shawn Hayes
'Date: 8-31-05
'Variables
Dim strUserName, strUserDN, strDNSDomain, strNetBiosDomain, strpassword, strpassword1, strpassword2
Dim strUserName1, strUserName2, strmsgresult, strcontinue, stradminID, stradminpwd, stradminpwd1, stradminpwd2
strNetBiosDomain = "ourdomainname\"
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1
Const ADS_PROPERTY_CLEAR = 1
Const ADS_SECURE_AUTHENTICATION = 1
'Input box prompts for UserID
msgbox ("You must enter a userid with privledges in AD to change user passwords!")
stradminID = InputBox ("Enter Your Admin account name used to connect to AD", "Enter Your Admin account name used to connect to AD", "")
'Input box prompts for admins password
Do
stradminpwd1 = InputBox ("Enter the Admin Password", " Admin Password", "")
stradminpwd2 = InputBox ("Reenter the Admin password", "Admin Password", "")
If stradminpwd1 stradminpwd2 then
msgbox ("Admin Passwords do not match")
strpassword = "nothing"
Else
strpassword = "equal"
End IF
Loop until strpassword = "equal"
strpassword = "nothing"
'User information
Do
'Input box prompts for UserID
strUsername1 = InputBox ("Enter the Active Directory UserID", "Enter the Users Active Directory UserID", "")
'Input box prompts for users new password
Do
strPassword1 = InputBox ("Enter the new Password", "Password", "")
strPassword2 = InputBox ("Reenter the password", "Password", "")
If strpassword1 strpassword2 then
msgbox ("Passwords do not match")
strpassword = "nothing"
Else
strpassword = "equal"
End IF
Loop until strpassword = "equal"
Set objNetwork = CreateObject("Wscript.Network")
'Connect to RootDSE
'Set objRoot = GetObject("LDAP://domaincontroller.ourdomain.com/RootDSE")
'Set objroot = GetObject("LDAP:")
'Set objDomain = objRoot.OpenDSObject("LDAP://cn=domain controller,OU=domain controllers,dc=ourdomain,dc=com", strNetBiosDomain & stradminID, stradminpwd1, ADS_SECURE_AUTHENTICATION)
'Set objDomain = objRoot.OpenDSObject("LDAP://dc=ourdomain,dc=com", strNetBiosDomain & stradminID, stradminpwd1, ADS_SECURE_AUTHENTICATION)
'strDNSDomain = objRootDSE.Get("defaultNamingContext")
'strDNSDomain = objdomain.Get("defaultNamingContext")
'Determine UsersDN from netbios name
Set objTrans = CreateObject("NameTranslate")
objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & strUserName1
strUserDN = objTrans.Get(ADS_NAME_TYPE_1779)
strmsgresult = msgbox ("OK to change this user's password? " & struserdn, vbyesno)
'msgbox (strmsgresult)
If strmsgresult = "6" then
'Set the Users Password
'Set objUser = GetObject ("LDAP://" & strUserDN)
Set ObjDomain = GetObject ("LDAP:")
Set objuser = ObjDomain.OpenDSObject("LDAP://domaincontroller.ourdomain.com/" & strUserDN, strNetBiosDomain & stradminID, stradminpwd1, ADS_SECURE_AUTHENTICATION)
objUser.SetPassword strpassword1
Msgbox ("Password Set!")
wscript.quit
Else
strcontinue = Msgbox ("Password not set, would you like to reenter the UserID?", vbyesno)
If strcontinue "6" then
wscript.quit
End IF
End IF
Loop
Thanks for the reply Al.
strNetbiosdomain is a variable I set
script dies before line 61
A web front-end is where we were leaning.
Shawn>>> "Al Mulnick" 08/31/05
03:19PM >>>How does the non-domain member find strNetBIOSDomain
?On line 61, how about having it echo to the user what the
strNetBIOSDomain and strUserName1 variables result in?Does it match what
you think it should be? Is it possible to find that information from the
workstation it's running on? Any reason you wouldn't run this as a web page from
a domain member instead?
Al________________________________From:
ActiveDir-owner@xxxxxxxxxxxxxxxxxx on behalf of Shawn HayesSent: Wed
8/31/2005 2:26 PMTo: ActiveDir@xxxxxxxxxxxxxxxxxxSubject: [ActiveDir]
VBscript to set a password for a user in AD but ran from a non domain
memberI am trying to write a script to set a user password and
the script must be run from a machine that is not a domain
member.Background:We are migrating to Exchange from Groupwise in 12
days. We still have a ton of machines that are not part of AD, still in
NDS. Users all have accounts and mailboxes in AD. Many Novell users
have not logged into AD. During our migration we would like the techs to
quickly reset user passwords for those that do not know their AD
passwords. Techs will be in the field at distributed locations to help
with outlook connectivity. They will not know the existing
password.When i run this from a non domain member I get "The specified
domain either does not exist or could not be contacted". It runs fine from
a domain memberHere is the code - thanks to anyone that can
help.'Set a Users password'Written by: Shawn Hayes'Date:
8-31-05'VariablesDim strUserName, strUserDN, strDNSDomain,
strNetBiosDomain, strpassword, strpassword1, strpassword2Dim strUserName1,
strUserName2, strmsgresult, strcontinue, stradminID, stradminpwd, stradminpwd1,
stradminpwd2strNetBiosDomain = "ourdomainname\"Const
ADS_NAME_INITTYPE_GC = 3Const ADS_NAME_TYPE_NT4 = 3Const
ADS_NAME_TYPE_1779 = 1Const ADS_PROPERTY_CLEAR = 1Const
ADS_SECURE_AUTHENTICATION = 1 'Input box prompts for
UserID msgbox ("You must enter a userid with privledges in
AD to change user passwords!") stradminID = InputBox
("Enter Your Admin account name used to connect to AD", "Enter Your Admin
account name used to connect to AD", "") 'Input box prompts for admins
password Do stradminpwd1 = InputBox ("Enter the
Admin Password", " Admin Password", "") stradminpwd2 =
InputBox ("Reenter the Admin password", "Admin Password",
"") If stradminpwd1 <> stradminpwd2
then msgbox ("Admin Passwords do not
match") strpassword =
"nothing" Else
strpassword = "equal" End IF Loop until
strpassword = "equal"strpassword = "nothing"'User
informationDo 'Input box prompts for UserID
strUsername1 = InputBox ("Enter the Active Directory UserID", "Enter the Users
Active Directory UserID", "") 'Input box prompts for users new
password Do strPassword1 = InputBox ("Enter the
new Password", "Password", "") strPassword2 = InputBox
("Reenter the password", "Password", "") If strpassword1
<> strpassword2 then msgbox ("Passwords
do not match") strpassword =
"nothing" Else
strpassword = "equal" End IF Loop until
strpassword = "equal" Set objNetwork =
CreateObject("Wscript.Network") 'Connect to RootDSE 'Set
objRoot = GetObject("LDAP://domaincontroller.ourdomain.com/RootDSE")
'Set objroot = GetObject("LDAP:") 'Set objDomain =
objRoot.OpenDSObject("LDAP://cn=domain controller,OU=domain
controllers,dc=ourdomain,dc=com", strNetBiosDomain & stradminID,
stradminpwd1, ADS_SECURE_AUTHENTICATION) 'Set objDomain =
objRoot.OpenDSObject("LDAP://dc=ourdomain,dc=com", strNetBiosDomain &
stradminID, stradminpwd1, ADS_SECURE_AUTHENTICATION) 'strDNSDomain =
objRootDSE.Get("defaultNamingContext") 'strDNSDomain =
objdomain.Get("defaultNamingContext") 'Determine UsersDN from
netbios name Set objTrans = CreateObject("NameTranslate")
objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & strUserName1
strUserDN = objTrans.Get(ADS_NAME_TYPE_1779) strmsgresult = msgbox
("OK to change this user's password? " & struserdn, vbyesno)
'msgbox (strmsgresult) If strmsgresult = "6"
then 'Set the Users Password 'Set
objUser = GetObject ("LDAP://" & strUserDN) Set
ObjDomain = GetObject ("LDAP:") Set objuser =
ObjDomain.OpenDSObject("LDAP://domaincontroller.ourdomain.com/" & strUserDN,
strNetBiosDomain & stradminID, stradminpwd1,
ADS_SECURE_AUTHENTICATION)
objUser.SetPassword strpassword1
Msgbox ("Password Set!") wscript.quit
Else strcontinue = Msgbox ("Password not set, would you
like to reenter the UserID?", vbyesno) If strcontinue
<> "6" then
wscript.quit End IF End
IFLoop | | | |
| listmail
Posts:824
| | 08/31/2005 9:33 AM |
| I would wonder if the Name Translation is failing, does it have the security
context to do the lookup? I am not in a position to test it at the moment
but I would make sure it is working properly.
-----Original Message-----
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Shawn Hayes
Sent: Wednesday, August 31, 2005 3:33 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx; Alm@xxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] VBscript to set a password for a user in AD but ran
from a non domain member
Thanks for the reply Al.
strNetbiosdomain is a variable I set
script dies before line 61
A web front-end is where we were leaning.
Shawn
>>> "Al Mulnick" 08/31/05 03:19PM >>>
How does the non-domain member find strNetBIOSDomain ?
On line 61, how about having it echo to the user what the strNetBIOSDomain
and strUserName1 variables result in?
Does it match what you think it should be? Is it possible to find that
information from the workstation it's running on? Any reason you wouldn't
run this as a web page from a domain member instead?
Al
________________________________
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx on behalf of Shawn Hayes
Sent: Wed 8/31/2005 2:26 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: [ActiveDir] VBscript to set a password for a user in AD but ran
from a non domain member
I am trying to write a script to set a user password and the script must be
run from a machine that is not a domain member.
Background:
We are migrating to Exchange from Groupwise in 12 days. We still have a ton
of machines that are not part of AD, still in NDS. Users all have accounts
and mailboxes in AD. Many Novell users have not logged into AD. During our
migration we would like the techs to quickly reset user passwords for those
that do not know their AD passwords. Techs will be in the field at
distributed locations to help with outlook connectivity. They will not know
the existing password.
When i run this from a non domain member I get "The specified domain either
does not exist or could not be contacted". It runs fine from a domain
member
Here is the code - thanks to anyone that can help.
'Set a Users password
'Written by: Shawn Hayes
'Date: 8-31-05
'Variables
Dim strUserName, strUserDN, strDNSDomain, strNetBiosDomain, strpassword,
strpassword1, strpassword2 Dim strUserName1, strUserName2, strmsgresult,
strcontinue, stradminID, stradminpwd, stradminpwd1, stradminpwd2
strNetBiosDomain = "ourdomainname\"
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1
Const ADS_PROPERTY_CLEAR = 1
Const ADS_SECURE_AUTHENTICATION = 1
'Input box prompts for UserID
msgbox ("You must enter a userid with privledges in AD to change user
passwords!")
stradminID = InputBox ("Enter Your Admin account name used to connect to
AD", "Enter Your Admin account name used to connect to AD", "")
'Input box prompts for admins password
Do
stradminpwd1 = InputBox ("Enter the Admin Password", " Admin Password",
"")
stradminpwd2 = InputBox ("Reenter the Admin password", "Admin Password",
"")
If stradminpwd1 stradminpwd2 then
msgbox ("Admin Passwords do not match")
strpassword = "nothing"
Else
strpassword = "equal"
End IF
Loop until strpassword = "equal"
strpassword = "nothing"
'User information
Do
'Input box prompts for UserID
strUsername1 = InputBox ("Enter the Active Directory UserID", "Enter the
Users Active Directory UserID", "")
'Input box prompts for users new password
Do
strPassword1 = InputBox ("Enter the new Password", "Password", "")
strPassword2 = InputBox ("Reenter the password", "Password", "")
If strpassword1 strpassword2 then
msgbox ("Passwords do not match")
strpassword = "nothing"
Else
strpassword = "equal"
End IF
Loop until strpassword = "equal"
Set objNetwork = CreateObject("Wscript.Network")
'Connect to RootDSE
'Set objRoot = GetObject("LDAP://domaincontroller.ourdomain.com/RootDSE")
'Set objroot = GetObject("LDAP:")
'Set objDomain = objRoot.OpenDSObject("LDAP://cn=domain
controller,OU=domain controllers,dc=ourdomain,dc=com", strNetBiosDomain &
stradminID, stradminpwd1, ADS_SECURE_AUTHENTICATION)
'Set objDomain = objRoot.OpenDSObject("LDAP://dc=ourdomain,dc=com",
strNetBiosDomain & stradminID, stradminpwd1, ADS_SECURE_AUTHENTICATION)
'strDNSDomain = objRootDSE.Get("defaultNamingContext")
'strDNSDomain = objdomain.Get("defaultNamingContext")
'Determine UsersDN from netbios name
Set objTrans = CreateObject("NameTranslate")
objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & strUserName1
strUserDN = objTrans.Get(ADS_NAME_TYPE_1779)
strmsgresult = msgbox ("OK to change this user's password? " & struserdn,
vbyesno)
'msgbox (strmsgresult)
If strmsgresult = "6" then
'Set the Users Password
'Set objUser = GetObject ("LDAP://" & strUserDN)
Set ObjDomain = GetObject ("LDAP:")
Set objuser =
ObjDomain.OpenDSObject("LDAP://domaincontroller.ourdomain.com/" & strUserDN,
strNetBiosDomain & stradminID, stradminpwd1, ADS_SECURE_AUTHENTICATION)
objUser.SetPassword strpassword1
Msgbox ("Password Set!")
wscript.quit
Else
strcontinue = Msgbox ("Password not set, would you like to reenter the
UserID?", vbyesno)
If strcontinue "6" then
wscript.quit
End IF
End IF
Loop
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ | | | |
| darren.marelia@xxxx.yyy
| | 08/31/2005 10:20 AM |
| I wonder if, in this case, it might not be easier to just use the
WINNT:// ADSI provider to reset the user's password? You might avoid
some of these issues.
-----Original Message-----
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of joe
Sent: Thursday, September 01, 2005 7:18 AM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] VBscript to set a password for a user in AD but
ran from a non domain member
I would wonder if the Name Translation is failing, does it have the
security context to do the lookup? I am not in a position to test it at
the moment but I would make sure it is working properly.
-----Original Message-----
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Shawn Hayes
Sent: Wednesday, August 31, 2005 3:33 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx; Alm@xxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] VBscript to set a password for a user in AD but
ran from a non domain member
Thanks for the reply Al.
strNetbiosdomain is a variable I set
script dies before line 61
A web front-end is where we were leaning.
Shawn
>>> "Al Mulnick" 08/31/05 03:19PM >>>
How does the non-domain member find strNetBIOSDomain ?
On line 61, how about having it echo to the user what the
strNetBIOSDomain and strUserName1 variables result in?
Does it match what you think it should be? Is it possible to find that
information from the workstation it's running on? Any reason you
wouldn't run this as a web page from a domain member instead?
Al
________________________________
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx on behalf of Shawn Hayes
Sent: Wed 8/31/2005 2:26 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: [ActiveDir] VBscript to set a password for a user in AD but ran
from a non domain member
I am trying to write a script to set a user password and the script must
be run from a machine that is not a domain member.
Background:
We are migrating to Exchange from Groupwise in 12 days. We still have a
ton of machines that are not part of AD, still in NDS. Users all have
accounts and mailboxes in AD. Many Novell users have not logged into
AD. During our migration we would like the techs to quickly reset user
passwords for those that do not know their AD passwords. Techs will be
in the field at distributed locations to help with outlook connectivity.
They will not know the existing password.
When i run this from a non domain member I get "The specified domain
either does not exist or could not be contacted". It runs fine from a
domain member
Here is the code - thanks to anyone that can help.
'Set a Users password
'Written by: Shawn Hayes
'Date: 8-31-05
'Variables
Dim strUserName, strUserDN, strDNSDomain, strNetBiosDomain, strpassword,
strpassword1, strpassword2 Dim strUserName1, strUserName2, strmsgresult,
strcontinue, stradminID, stradminpwd, stradminpwd1, stradminpwd2
strNetBiosDomain = "ourdomainname\"
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1
Const ADS_PROPERTY_CLEAR = 1
Const ADS_SECURE_AUTHENTICATION = 1
'Input box prompts for UserID
msgbox ("You must enter a userid with privledges in AD to change
user
passwords!")
stradminID = InputBox ("Enter Your Admin account name used to
connect to AD", "Enter Your Admin account name used to connect to AD",
"")
'Input box prompts for admins password
Do
stradminpwd1 = InputBox ("Enter the Admin Password", " Admin
Password",
"")
stradminpwd2 = InputBox ("Reenter the Admin password", "Admin
Password",
"")
If stradminpwd1 stradminpwd2 then
msgbox ("Admin Passwords do not match")
strpassword = "nothing"
Else
strpassword = "equal"
End IF
Loop until strpassword = "equal"
strpassword = "nothing"
'User information
Do
'Input box prompts for UserID
strUsername1 = InputBox ("Enter the Active Directory UserID", "Enter
the Users Active Directory UserID", "")
'Input box prompts for users new password
Do
strPassword1 = InputBox ("Enter the new Password", "Password", "")
strPassword2 = InputBox ("Reenter the password", "Password", "")
If strpassword1 strpassword2 then
msgbox ("Passwords do not match")
strpassword = "nothing"
Else
strpassword = "equal"
End IF
Loop until strpassword = "equal"
Set objNetwork = CreateObject("Wscript.Network")
'Connect to RootDSE
'Set objRoot =
GetObject("LDAP://domaincontroller.ourdomain.com/RootDSE")
'Set objroot = GetObject("LDAP:")
'Set objDomain = objRoot.OpenDSObject("LDAP://cn=domain
controller,OU=domain controllers,dc=ourdomain,dc=com", strNetBiosDomain
& stradminID, stradminpwd1, ADS_SECURE_AUTHENTICATION)
'Set objDomain = objRoot.OpenDSObject("LDAP://dc=ourdomain,dc=com",
strNetBiosDomain & stradminID, stradminpwd1, ADS_SECURE_AUTHENTICATION)
'strDNSDomain = objRootDSE.Get("defaultNamingContext")
'strDNSDomain = objdomain.Get("defaultNamingContext")
'Determine UsersDN from netbios name
Set objTrans = CreateObject("NameTranslate")
objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & strUserName1
strUserDN = objTrans.Get(ADS_NAME_TYPE_1779)
strmsgresult = msgbox ("OK to change this user's password? " &
struserdn,
vbyesno)
'msgbox (strmsgresult)
If strmsgresult = "6" then
'Set the Users Password
'Set objUser = GetObject ("LDAP://" & strUserDN)
Set ObjDomain = GetObject ("LDAP:")
Set objuser =
ObjDomain.OpenDSObject("LDAP://domaincontroller.ourdomain.com/" &
strUserDN, strNetBiosDomain & stradminID, stradminpwd1,
ADS_SECURE_AUTHENTICATION)
objUser.SetPassword strpassword1
Msgbox ("Password Set!")
wscript.quit
Else
strcontinue = Msgbox ("Password not set, would you like to reenter
the UserID?", vbyesno)
If strcontinue "6" then
wscript.quit
End IF
End IF
Loop
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ | | | |
| Alm@xxxx.yyy
| | 08/31/2005 11:18 AM |
| '// This is where you can open the object. You have to know the DN of the object which infers that you've
'// previously searched and found the object DN. I didn't include that here, but it wouldn't be too tough.
Set objUser = objRoot.OpenDSObject("LDAP://SRVR/cn=Student2,OU=Students,dc=Clusterdomain,dc=com", _
strUserDN, strPassword, ADS_SECURE_AUTHENTICATION)
objUser.setpassword ("slslslslsls.1")
If it's not in the domain, you must use a method that allows you to pass credentials. OpenDSObject is that method.
Winnt provider might work so long as you can pass the credentials properly, but I hate to look back and use it that way. Easier to search for the object and return the DN and then set the password.
Note that iads::setpassword was used vs. changepassword. I think Shawn mentioned that the user does not know the password.
Al
________________________________
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx on behalf of Darren Mar-Elia
Sent: Wed 8/31/2005 6:15 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] VBscript to set a password for a user in AD but ran from a non domain member
I wonder if, in this case, it might not be easier to just use the
WINNT:// ADSI provider to reset the user's password? You might avoid
some of these issues.
-----Original Message-----
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of joe
Sent: Thursday, September 01, 2005 7:18 AM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] VBscript to set a password for a user in AD but
ran from a non domain member
I would wonder if the Name Translation is failing, does it have the
security context to do the lookup? I am not in a position to test it at
the moment but I would make sure it is working properly.
-----Original Message-----
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Shawn Hayes
Sent: Wednesday, August 31, 2005 3:33 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx; Alm@xxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] VBscript to set a password for a user in AD but
ran from a non domain member
Thanks for the reply Al.
strNetbiosdomain is a variable I set
script dies before line 61
A web front-end is where we were leaning.
Shawn
>>> "Al Mulnick" 08/31/05 03:19PM >>>
How does the non-domain member find strNetBIOSDomain ?
On line 61, how about having it echo to the user what the
strNetBIOSDomain and strUserName1 variables result in?
Does it match what you think it should be? Is it possible to find that
information from the workstation it's running on? Any reason you
wouldn't run this as a web page from a domain member instead?
Al
________________________________
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx on behalf of Shawn Hayes
Sent: Wed 8/31/2005 2:26 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: [ActiveDir] VBscript to set a password for a user in AD but ran
from a non domain member
I am trying to write a script to set a user password and the script must
be run from a machine that is not a domain member.
Background:
We are migrating to Exchange from Groupwise in 12 days. We still have a
ton of machines that are not part of AD, still in NDS. Users all have
accounts and mailboxes in AD. Many Novell users have not logged into
AD. During our migration we would like the techs to quickly reset user
passwords for those that do not know their AD passwords. Techs will be
in the field at distributed locations to help with outlook connectivity.
They will not know the existing password.
When i run this from a non domain member I get "The specified domain
either does not exist or could not be contacted". It runs fine from a
domain member
Here is the code - thanks to anyone that can help.
'Set a Users password
'Written by: Shawn Hayes
'Date: 8-31-05
'Variables
Dim strUserName, strUserDN, strDNSDomain, strNetBiosDomain, strpassword,
strpassword1, strpassword2 Dim strUserName1, strUserName2, strmsgresult,
strcontinue, stradminID, stradminpwd, stradminpwd1, stradminpwd2
strNetBiosDomain = "ourdomainname\"
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1
Const ADS_PROPERTY_CLEAR = 1
Const ADS_SECURE_AUTHENTICATION = 1
'Input box prompts for UserID
msgbox ("You must enter a userid with privledges in AD to change
user
passwords!")
stradminID = InputBox ("Enter Your Admin account name used to
connect to AD", "Enter Your Admin account name used to connect to AD",
"")
'Input box prompts for admins password
Do
stradminpwd1 = InputBox ("Enter the Admin Password", " Admin
Password",
"")
stradminpwd2 = InputBox ("Reenter the Admin password", "Admin
Password",
"")
If stradminpwd1 stradminpwd2 then
msgbox ("Admin Passwords do not match")
strpassword = "nothing"
Else
strpassword = "equal"
End IF
Loop until strpassword = "equal"
strpassword = "nothing"
'User information
Do
'Input box prompts for UserID
strUsername1 = InputBox ("Enter the Active Directory UserID", "Enter
the Users Active Directory UserID", "")
'Input box prompts for users new password
Do
strPassword1 = InputBox ("Enter the new Password", "Password", "")
strPassword2 = InputBox ("Reenter the password", "Password", "")
If strpassword1 strpassword2 then
msgbox ("Passwords do not match")
strpassword = "nothing"
Else
strpassword = "equal"
End IF
Loop until strpassword = "equal"
Set objNetwork = CreateObject("Wscript.Network")
'Connect to RootDSE
'Set objRoot =
GetObject("LDAP://domaincontroller.ourdomain.com/RootDSE")
'Set objroot = GetObject("LDAP:")
'Set objDomain = objRoot.OpenDSObject("LDAP://cn=domain
controller,OU=domain controllers,dc=ourdomain,dc=com", strNetBiosDomain
& stradminID, stradminpwd1, ADS_SECURE_AUTHENTICATION)
'Set objDomain = objRoot.OpenDSObject("LDAP://dc=ourdomain,dc=com",
strNetBiosDomain & stradminID, stradminpwd1, ADS_SECURE_AUTHENTICATION)
'strDNSDomain = objRootDSE.Get("defaultNamingContext")
'strDNSDomain = objdomain.Get("defaultNamingContext")
'Determine UsersDN from netbios name
Set objTrans = CreateObject("NameTranslate")
objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & strUserName1
strUserDN = objTrans.Get(ADS_NAME_TYPE_1779)
strmsgresult = msgbox ("OK to change this user's password? " &
struserdn,
vbyesno)
'msgbox (strmsgresult)
If strmsgresult = "6" then
'Set the Users Password
'Set objUser = GetObject ("LDAP://" & strUserDN)
Set ObjDomain = GetObject ("LDAP:")
Set objuser =
ObjDomain.OpenDSObject("LDAP://domaincontroller.ourdomain.com/" &
strUserDN, strNetBiosDomain & stradminID, stradminpwd1,
ADS_SECURE_AUTHENTICATION)
objUser.SetPassword strpassword1
Msgbox ("Password Set!")
wscript.quit
Else
strcontinue = Msgbox ("Password not set, would you like to reenter
the UserID?", vbyesno)
If strcontinue "6" then
wscript.quit
End IF
End IF
Loop
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
> | | | |
|
|