Re: Wscript within VBA

From: Mark J. McGinty (mmcginty_at_spamfromyou.com)
Date: 11/06/04 

Date: Sat, 6 Nov 2004 01:55:12 -0800

Tim,

Ok I get the picture... In a nutshell it all boils down to whatever the
limitations
of your security scenario happen to be. The link below would seem to solve
the problem,
except that it requires the caller to have admin privileges on the
host/callee.

http://msdn.microsoft.com/msdnmag/issues/02/05/wsh/ Jump down to where is
says:
Remote Script Execution
The WshController object is the WSH element that governs the implementation
of remote tasks. It does this by instantiating script programs directly on
remote computers.

Assumptions:
-------------
One box is running VBA code (I'll call it VBASrvr),.
One box is a domain controller, or has an account trusted to manipulate AD
via VBS (I'll call it ADSrvr).
I'm assuming that VBASrvr and ADSrvr are 2 different machines, otherwise
this would be way too easy...

So the core questions would be:
------------------------------
1. Do VBASrvr and ADSrvr both have machine accounts in the same domain?
2. Does the acct on VBASrvr under which the VBA code is executing have
access to ADSrvr?
3. Does the account on VBASrvr hold enough privileges on the domain to
manipulate AD?

Almost all of the AD object calls accept a machine name, or act on the
current domain, iirc...

Pointless to speculate without knowing

-Mark

"Tim pd UK" <Tim pd UK@discussions.microsoft.com> wrote in message
news:50CB3FDD-1E01-402C-BD61-EFF1F31DEB9F@microsoft.com...
> Hi Mark.
>
> I think you understand what i'm after and I see the points your making are
> valid.
> However i'll explain exactly what i'm trying to achieve.
>
> "In a college"
> Students to log to network under guest and enter personal detail plus
> password into html page.
> then to have/call a asp file (and yes via ado to MS Access) insert the
> record. Then on a timed basis the vba code checks for new entries. if new
> then, do check against Oracle to see if student details are correct (ie
> current student and person detail are correct, incase of pranks)
>
> the vba code then (THIS WHAT I DONT KNOW) Launch Wscript passing varibles
> from vba into a *.vbs file (held on the server loggin as admin) to update
> the
> AD
>
> end of the vba code populates another table which hold results (ie if
> account has been created or if errors in details given) of which on the
> client end (the html/asp page rechecks the second table with tthe result
> in
> it and then displays it to the students
>
> once again thanks for your time on this.
>
> cheer Tim
>
> "Mark J. McGinty" wrote:
>
>>
>> "TimD@Derby" <TimDDerby@discussions.microsoft.com> wrote in message
>> news:C48F2507-A0C2-4F20-99D8-738AEFF43426@microsoft.com...
>> > Hi Mark, Thanks for your help and patience, however, through lack of
>> > knowledge on WSH still not sure. If I explain what i have and want it
>> > maybe
>> > clearer to you.
>> > 1. a htlm input page (launching asp)
>>
>> It posts a form to an ASP page, I assume?
>>
>> > 2. an ASP which creates a connection to a MS Access db and inserts a
>> > new
>> > rec
>> > into a table
>>
>> Via ADO I assume.. your algorithm is clear to this point (choice of
>> components getting shaky.)
>>
>> > 3. vba code which checks that table entry agaist an Oracle db to
>> > validate
>> > and updates table
>>
>> VBA code defined in the MDB file? So does Access run as out-proc COM?
>> What
>> are your concurrency expectations?
>>
>> Main question, what is the execution context for the VBA code?
>>
>> > 4. If true continue
>> > 5. < this bit not worked out> pass two para (Person code & Password) to
>> > the
>> > "Wscript"
>>
>> By "the WScript" you mean you have client-side VBS code written that
>> works
>> with the scripting host, and you're looking for a server-side execution
>> context? You can code it statically or Exec dynamic VBS code in ASP; you
>> can create a WScript object in ASP -- you're trying to manipulate AD on
>> the
>> server side, right?
>>
>> Since what you want to do sounds like it will require admin privileges,
>> so
>> unless the users of this are admins you've got a nasty little security
>> dilemma... for non-admin users to do this you'd need a service or DCOM
>> server to impersonate an admin account.
>>
>> Or have I missed the objective? (Could easily be the case, I feel like
>> I'm
>> lost in a fog today.)
>>
>> One thing I don't get is why you need the Access database in the mix,
>> wouldn't it be better to just go straight to Oracle?
>>
>> Personally I wouldn't touch Access/Jet from an ASP file with a 50m pole,
>> but
>> that might just be me. If you're using it as a local log, there must be
>> a
>> dozen alternatives...
>>
>>
>> > 6. <This bit ok> Use Wscipt to talk to "Active Directory" to create
>> > network
>> > account/ e-mail account
>>
>> So this is currently a .VBS file that you execute via association with
>> wscript.exe (so client side on a box that happens to be a server)
>> correct?
>>
>>
>> > 7. <This bit ok> Second html page to diplay results from MS Access db
>> > table
>>
>> I'm lost again, how do you display results from Access in an HTML file?
>> This is redirected-to by the ASP file?
>>
>>
>> > Alternative.......
>> >
>> > to do section (5 & 6) from second html/ASP page
>>
>> As I mentioned above this is viable from ASP, provided the ASP is
>> executing
>> in an admin context. If you have anonymous access disabled (or
>> sufficiently
>> restrictive NTFS permissions set on the folder or files, so as to force
>> http-auth) and the users are admins, then no issue. If this is to be
>> used
>> by non-admin users, the only suggestion I have is to re-think that
>> decision.
>> :-)
>>
>> If the ASP server does not happen to be the AD server too, the ASP
>> server's
>> machine acct and the accounts of the admins that will use this have to
>> marked 'trusted for delegation' (or something like that) because the
>> security context must be delegated to perform remote actions.
>>
>>
>> Hope I at least came close to comprehending.
>>
>>
>> -Mark
>>
>>
>>
>> > Here's Hoping and many thanks
>> > Tim
>> >
>> > 5 & 6
>> > "Mark J. McGinty" wrote:
>> >
>> >>
>> >>
>> >> "Mark J. McGinty" <mmcginty@spamfromyou.com> wrote in message
>> >> news:FJwhd.89597$hj.78643@fed1read07...
>> >>
>> >> > I seem to remember that Eval will do compound JScript statements,
>> >> > but
>> >> > no
>> >> > simple way to check at my fingertips.
>> >>
>> >> Yes I do too, the small project I offered you does it... duh! :-)
>> >> (And
>> >> Eval does do compound JScript statements.)
>> >>
>> >> > expectation of a VNS file so you should be fine. (ExecuteStatement
>> >> > will
>> >>
>> >> That of course should be VBS....
>> >>
>> >> > I have a small project that I sometimes use to syntax check script,
>> >> > if
>> >> > you'd like a copy let me know.
>> >>
>> >> I tried to attached it to this, guess posts with attachments are
>> >> discarded?
>> >> It's only
>> >> form class is all of 90 lines long, and is included below. Add
>> >> references
>> >> to MSScriptControl and the MS Common Dialog control, cut the stuff
>> >> between
>> >> the dashed lines, save it to a text file with .frm as the extension,
>> >> and
>> >> it
>> >> *should* work. (If not let me know and I'll put it on a web site
>> >> somewhere.)
>> >>
>> >> -Mark
>> >>
>> >> ----------------------------------
>> >> VERSION 5.00
>> >> Object = "{0E59F1D2-1FBE-11D0-8FF2-00A0D10038BC}#1.0#0";
>> >> "msscript.ocx"
>> >> Object = "{F9043C88-F6F2-101A-A3C9-08002B2F49FB}#1.2#0";
>> >> "COMDLG32.OCX"
>> >> Begin VB.Form Main
>> >> Caption = "Script Executor"
>> >> ClientHeight = 3510
>> >> ClientLeft = 165
>> >> ClientTop = 450
>> >> ClientWidth = 7710
>> >> LinkTopic = "Form1"
>> >> ScaleHeight = 3510
>> >> ScaleWidth = 7710
>> >> StartUpPosition = 2 'CenterScreen
>> >> Begin MSComDlg.CommonDialog CommonDialog1
>> >> Left = 0
>> >> Top = 2295
>> >> _ExtentX = 847
>> >> _ExtentY = 847
>> >> _Version = 393216
>> >> End
>> >> Begin VB.TextBox ScriptSource
>> >> Height = 2400
>> >> Left = 0
>> >> MultiLine = -1 'True
>> >> ScrollBars = 2 'Vertical
>> >> TabIndex = 1
>> >> Top = 0
>> >> Width = 7710
>> >> End
>> >> Begin VB.PictureBox Picture1
>> >> Align = 2 'Align Bottom
>> >> Height = 690
>> >> Left = 0
>> >> ScaleHeight = 630
>> >> ScaleWidth = 7650
>> >> TabIndex = 0
>> >> Top = 2820
>> >> Width = 7710
>> >> Begin VB.TextBox Results
>> >> BackColor = &H80000013&
>> >> Height = 510
>> >> Left = 4365
>> >> Locked = -1 'True
>> >> MultiLine = -1 'True
>> >> ScrollBars = 2 'Vertical
>> >> TabIndex = 4
>> >> ToolTipText = "Results/Error message"
>> >> Top = 60
>> >> Width = 3165
>> >> End
>> >> Begin VB.CommandButton btnEval
>> >> Caption = "Eval"
>> >> Height = 375
>> >> Left = 2295
>> >> TabIndex = 3
>> >> Top = 135
>> >> Width = 2000
>> >> End
>> >> Begin VB.CommandButton btnExec
>> >> Caption = "Execute Statement"
>> >> Height = 375
>> >> Left = 180
>> >> TabIndex = 2
>> >> Top = 135
>> >> Width = 2000
>> >> End
>> >> End
>> >> Begin MSScriptControlCtl.ScriptControl ScriptControl1
>> >> Left = 495
>> >> Top = 2295
>> >> _ExtentX = 1005
>> >> _ExtentY = 1005
>> >> End
>> >> Begin VB.Menu mnuFile
>> >> Caption = "&File"
>> >> Begin VB.Menu mnuOpen
>> >> Caption = "&Open"
>> >> End
>> >> Begin VB.Menu mnuBreak
>> >> Caption = "-"
>> >> End
>> >> Begin VB.Menu mnuExit
>> >> Caption = "E&xit"
>> >> End
>> >> End
>> >> Begin VB.Menu mnuLanguage
>> >> Caption = "&Language"
>> >> Begin VB.Menu mnuVBS
>> >> Caption = "&VBScript"
>> >> Checked = -1 'True
>> >> End
>> >> Begin VB.Menu mnuJScript
>> >> Caption = "&JScript"
>> >> End
>> >> End
>> >> End
>> >> Attribute VB_Name = "Main"
>> >> Attribute VB_GlobalNameSpace = False
>> >> Attribute VB_Creatable = False
>> >> Attribute VB_PredeclaredId = True
>> >> Attribute VB_Exposed = False
>> >> Option Explicit
>> >>
>> >> Private Sub btnEval_Click()
>> >>
>> >> On Error GoTo Handler
>> >> SetLanguage
>> >> Results.Text = ScriptControl1.Eval(ScriptSource.Text)
>> >>
>> >> ExitPoint:
>> >> Exit Sub
>> >>
>> >> Handler:
>> >> Results.Text = "Error #" & Err.Number & ": " & Err.Description
>> >> Resume ExitPoint
>> >> End Sub
>> >>
>> >> Private Sub btnExec_Click()
>> >>
>> >> On Error GoTo Handler
>> >>
>> >> SetLanguage
>> >> ScriptControl1.ExecuteStatement ScriptSource.Text
>> >> Results.Text = "(no error)"
>> >>
>> >> ExitPoint:
>> >> Exit Sub
>> >>
>> >> Handler:
>> >> Results.Text = "Error #" & Err.Number & ": " & Err.Description
>> >> Resume ExitPoint
>> >> End Sub
>> >>
>> >> Private Sub Form_Load()
>> >> ScriptControl1.Language = "vbscript"
>> >> End Sub
>> >>
>> >> Private Sub Form_Resize()
>> >> On Error Resume Next
>> >>
>> >> ScriptSource.Width = ScaleWidth - (ScriptSource.Left * 2)
>> >> ScriptSource.Height = ScaleHeight - (ScriptSource.Top * 2) -
>> >> Picture1.Height
>> >>
>> >> End Sub
>> >>
>> >> Private Sub mnuExit_Click()
>> >> Unload Me
>> >> End Sub
>> >>
>> >> Private Sub mnuJScript_Click()
>> >> mnuJScript.Checked = True
>> >> mnuVBS.Checked = False
>> >> SetLanguage
>> >> End Sub
>> >>
>> >> Private Sub mnuOpen_Click()
>> >> On Error GoTo Handler
>> >>
>> >> Dim FileNumber, Ln As Long
>> >>
>> >> CommonDialog1.ShowOpen
>> >> If CommonDialog1.FileName = Empty Then Exit Sub
>> >>
>> >> FileNumber = FreeFile
>> >> Open CommonDialog1.FileName For Input As #FileNumber
>> >> Ln = LOF(FileNumber)
>> >> Me.ScriptSource.Text = Input(Ln, #FileNumber)
>> >> Close #FileNumber ' Close file.
>> >>
>> >> ExitPoint:
>> >> Exit Sub
>> >>
>> >> Handler:
>> >> Results.Text = "Error #" & Err.Number & ": " & Err.Description
>> >> Resume ExitPoint
>> >> End Sub
>> >>
>> >> Private Sub mnuVBS_Click()
>> >> mnuJScript.Checked = False
>> >> mnuVBS.Checked = True
>> >> SetLanguage
>> >> End Sub
>> >>
>> >> Private Sub SetLanguage()
>> >> ScriptControl1.Reset
>> >> If (mnuJScript.Checked = True) Then
>> >> ScriptControl1.Language = "JScript"
>> >> Else
>> >> ScriptControl1.Language = "VBScript"
>> >> End If
>> >> End Sub
>> >>
>> >> ----------------------------------
>> >>
>> >>
>> >> >>> "Mark J. McGinty" wrote:
>> >> >>>
>> >> >>>>
>> >> >>>> "TimD@Derby" <TimDDerby@discussions.microsoft.com> wrote in
>> >> >>>> message
>> >> >>>> news:38D5C698-5251-4794-BA82-70ED29ED639E@microsoft.com...
>> >> >>>> > Does anyone know how to launch wscript from within MS Access
>> >> >>>> > vba,
>> >> >>>> > so
>> >> >>>> > I
>> >> >>>> > can
>> >> >>>> > pass a varible from the access to the Wscript/Active directory?
>> >> >>>> >
>> >> >>>> > Thanks
>> >> >>>> > --
>> >> >>>> > Tim - Systems Analyst
>> >> >>>>
>> >> >>>>
>> >> >>>> Add a reference to the Microsoft Script Control (msscript.ocx),
>> >> >>>> and
>> >> >>>> use
>> >> >>>> code
>> >> >>>> similar to the following:
>> >> >>>>
>> >> >>>> Dim oScript as MSScriptControl.ScriptControl
>> >> >>>> Set oScript = New MSScriptControl.ScriptControl
>> >> >>>> oScript.Language = "vbscript" ' jscript is also valid
>> >> >>>>
>> >> >>>> You can then call oScript.Eval or oScript.ExecuteStatement to run
>> >> >>>> generated
>> >> >>>> script within your app.
>> >> >>>>
>> >> >>>>
>> >> >>>> Good Luck,
>> >> >>>> Mark
>> >> >>>>
>> >> >>>>
>> >> >>>>
>> >> >>
>> >> >>
>> >> >
>> >> >
>> >>
>> >>
>> >>
>>
>>
>>