Re: Cross Child-Domain Scripting

Forum Lurkers!!!! HELP!!!!

:)

I know you guys are good... i'm sure someone has tried to do cross-
child domain scripting and has run across this issue!

any help?

-Sonny


On Mar 21, 1:47 pm, scriptNooB <sonny.mcmani...@xxxxxxxxx> wrote:
Hello,

I am attempting to write a .vbs or .hta or .asp to serve my purpose.
Simply enough, i need a user in sub1.dom.com to be able to write to a
group in sub1.dom.com and sub2.dom.com... my issue is that i'm getting
referrals from the secondary server.  basically i'm simply passing in
the domain by user input, then connecting to the correct domain... I'm
using service accounts in each subdomain.  I am having issues
launching the vbscript from sub1.dom.com domain using a user residing
in sub1... if i use a user in sub2.dom.com in the script running on
sub1.dom.com, it will add...

i'm at a loss as to the proper way to add users to universal groups...
OR to be able to span child domain LDAP look ups in the same script.

as simple as it is... here is an HTA snippet of my testing syntax.

If choices.value = "sub1" Then
strHTML = "<br> Adding User to Group "

Const ADS_SCOPE_SUBTREE = 2
'###################################################################
' By: Sonny McManigle | <company>
'###################################################################

'On Error Resume Next
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Properties("User ID") = "sub1\usr1"
objConnection.Properties("Password") = "djsLS7@9d2"
objConnection.Properties("Encrypt Password") = TRUE
objConnection.Properties("ADSI Flag") = 3
objConnection.Open "Active Directory Provider"
Set objCOmmand.ActiveConnection = objConnection
objCommand.CommandText = "SELECT distinguishedName FROM 'LDAP://
dc=sub1,dc=dom,dc=com' WHERE objectCategory='user'AND
sAMAccountName='" & tmpusr & "'"
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
Set objRecordSet = objCommand.Execute
if err then wscript.echo err.number
objRecordSet.MoveFirst
                If Err Then strHTML = strHTML & "<br> User not found in Domain"
Do Until objRecordSet.EOF
                StrFullDN = objRecordSet.Fields("distinguishedName").Value
Set objGroup = GetObject ("LDAP://
CN=Users_SUB1,CN=Users,DC=sub1,DC=dom,DC=com")
Set objUser = GetObject ("LDAP://"; & strFullDN)
objGroup.Add(objUser.ADsPath)
If Err = "0" Then
strHTML = strHTML & "<br> Successfully wrote to Group"
        Else
strHTML = strHTML & "<br> Failed writing to Group"
                End If
                If Err.number = "-2147019886" Then
strHTML = strHTML & "<br> This user: " & tmpusr & " is already a
member of the Group"
                End If
    strfulldn = ""
    tmpit = ""
    objRecordSet.MoveNext
loop

End If

If choices.value = "sub2" Then
'###################################################################
' By: Sonny McManigle
|'###################################################################

'On Error Resume Next
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Properties("User ID") = "sub2\usr2"
objConnection.Properties("Password") = "7S&29ddo!"
objConnection.Properties("Encrypt Password") = TRUE
objConnection.Properties("ADSI Flag") = 3
objConnection.Open "Active Directory Provider"
Set objCOmmand.ActiveConnection = objConnection
objCommand.CommandText = "SELECT distinguishedName FROM 'LDAP://
dc=sub2,dc=dom,dc=com' WHERE objectCategory='user'AND
sAMAccountName='" & tmpusr & "'"
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
Set objRecordSet = objCommand.Execute
if err then wscript.echo err.number
objRecordSet.MoveFirst
                If Err Then strHTML = strHTML & "<br> User not found in Domain"
Do Until objRecordSet.EOF
                StrFullDN = objRecordSet.Fields("distinguishedName").Value
Set objGroup = GetObject ("LDAP://
CN=Users_SUB2,CN=Users,DC=sub2,DC=ae,DC=com")
Set objUser = GetObject ("LDAP://"; & strFullDN)
objGroup.Add(objUser.ADsPath)

Any Help would be GREAT!!!!!!!!!!!!!

.

Relevant Pages

  • Re: Query AD and for each machine frin out the adobe version
    ... Const ForWriting = 2 ... Set objConnection = CreateObject ... When I run the script it goes to the first machine and echos the version ... almost always is the same as the NetBIOS name, ...
    (microsoft.public.scripting.vbscript)
  • Re: VBS Logon and move computer script
    ... tested the script below, but it uses ADO to retrieve info on all computer ... Set objConnection = CreateObject ... Set objRecordSet = Nothing ... > Wscript.Echo strComputer & "Computer exists in Computers" ...
    (microsoft.public.windows.server.scripting)
  • Re: Error handling in vbscript.
    ... Here is my standard schpeal on VBS error handling. ... The Err object appears to be somewhat incorrectly documented in the MS VBS ... look back along the call stack to the global script, ...
    (microsoft.public.scripting.vbscript)
  • Re: PHP file download counter
    ... This will log the request to a flat file then redirect the ... // Class SimpleRedirectLog ... $err = false; ... Write a script that supplies the file download with the correct mime type ...
    (comp.lang.php)
  • Re: Adding Multiple Users to Multiple Groups.
    ... then did not pull the array content down to the second part of the script. ... Finance Managers and Department Managers groups: ... Set objConnection = CreateObject ...
    (microsoft.public.scripting.vbscript)
Loading