Connect a AD from a computer of an other domain

rikho · June 18, 2009

Hello,

I want to connect an active directory with this comande line

$Userobj = ObjGet("LDAP://" & $strDomain & "/" & $strComputer) ;& " ,user")

in this script.

$File = FileOpen($srv_list, 0)
    While 1
        $strDomain = FileReadLine($File)
        If @error = -1 Then ExitLoop
        $tt = $tt + 1
        $p1 = ($tt * 100) / ($total)
        GUICtrlSetData($Progress1, $p1)
        GUICtrlSetData($info, 'Analyse on  ' & $strDomain)

        $Userobj = ObjGet("winnt://" & $strDomain & "/" & $strComputer);& " ,user")
        If Not IsObj($Userobj) Then
            $error = 1
            ExitLoop
        Else
            $error = 0
            If $Userobj.IsAccountLocked = 0 Then
                GUICtrlSetData($state, "Not locked")
                GUICtrlSetFont($state, 10, 800, 0, "Arial")
            Else
                $srv_found = @ScriptDir & '\srv_found.txt'
                $fop_srv_found = FileOpen($srv_found, 1)
                FileWriteLine($fop_srv_found, '->> ' & $strDomain & @CRLF)
                FileClose($fop_srv_found)
                GUICtrlSetData($state, "Locked")
                GUICtrlSetFont($state, 10, 800, 0, "Arial")
                $locked = $locked + 1
            EndIf
        EndIf
        If $error = 0 Then
            $1 = $Userobj.description
            GUICtrlSetData($description, $1)
            $2 = $Userobj.Name
            GUICtrlSetData($fullname, $2)
            $3 = $Userobj.Profile
            GUICtrlSetData($profile, $3)
        EndIf
    WEnd

Unfortunatly, this is works only on a computer that is IN the domain and not in an other

Can u help me to connect an AD via LDAP command from a computer that is not in the domain but in an other ??

Thx a lot to my savers

rikho · June 18, 2009

Need Guru help plz

water · June 18, 2009

I would first check if you can access the other domain using a tool like ADExplorer. It's free and it doesn't need an installation. Just run it and check if you have the correct rights to access the other domain.

If you can access this domain then the adfunctions.udf can help you access the needed information.

rikho · June 18, 2009

I would first check if you can access the other domain using a tool like ADExplorer. It's free and it doesn't need an installation. Just run it and check if you have the correct rights to access the other domain.
If you can access this domain then the adfunctions.udf can help you access the needed information.

The connexion is successfully on the domain with ADExplorer on a computer that is not on the same domain

i got adfunction.au3 UDF, i don't use it anymore in my previous script.

Anyway thx for ure responding.

Edited June 18, 2009 by rikho

PsaltyDS · June 18, 2009

I can't test this right now, but it should get a connection to LDAP using alternative credentials. It's just AutoIt conversion of some VBScript examples floating around on MSDN via Google:

Global Const $ADS_SECURE_AUTHENTICATION  = 0x1
Global Const $ADS_SERVER_BIND = 0x200

Global $sLDAPServer = "MyServerName"
Global $sLDAPPath = "LDAP://" & $sLDAPServer & "/DC=MySubDomain,DC=MyDomain,DC=com"
Global $sUserName = "MyUser"
Global $sPassword = "MyPa$$word"
Global $iFlags = $ADS_SECURE_AUTHENTICATION + $ADS_SERVER_BIND

Global $oDSO = ObjGet("LDAP:")
Global $oLDAP = $oDSO.OpenDSObject($sLDAPPath, $sUserName, $sPassword, $iFlags)

Post the results if you get to try it.

water · June 19, 2009

You can use adfunctions.au3 to connect to a different AD. Adfunctions by default uses the current AD domain your computer is connected to.

If you change the following lines in adfunctions.au3 (comment out the first three lines, uncomment the last three lines and change the values of $strDNSDomain, $strHostServer and $strConfigruation) all functions in the udf should access the new AD domain.

Global $strDNSDomain = $objRootDSE.Get("defaultNamingContext"); Retrieve the current AD domain name
Global $strHostServer = $objRootDSE.Get("dnsHostName"); Retrieve the name of the connected DC
Global $strConfiguration = $objRootDSE.Get("ConfigurationNamingContext"); Retrieve the Configuration naming context

; Or use comment out above 3 lines and uncomment below to specify settings:
;Global $strDNSDomain = "DC=subdomain,DC=example,DC=com"
;Global $strHostServer = "servername.subdomain.example.com"
;Global $strConfiguration = "CN=Configuration,DC=subdomain,DC=example,DC=com"

rikho · June 22, 2009

I can't test this right now, but it should get a connection to LDAP using alternative credentials. It's just AutoIt conversion of some VBScript examples floating around on MSDN via Google:
Global Const $ADS_SECURE_AUTHENTICATION  = 0x1
Global Const $ADS_SERVER_BIND = 0x200

Global $sLDAPServer = "MyServerName"
Global $sLDAPPath = "LDAP://" & $sLDAPServer & "/DC=MySubDomain,DC=MyDomain,DC=com"
Global $sUserName = "MyUser"
Global $sPassword = "MyPa$$word"
Global $iFlags = $ADS_SECURE_AUTHENTICATION + $ADS_SERVER_BIND

Global $oDSO = ObjGet("LDAP:")
Global $oLDAP = $oDSO.OpenDSObject($sLDAPPath, $sUserName, $sPassword, $iFlags)
Post the results if you get to try it.

i try this asap !

Thx alot to all !

Sign In

Connect a AD from a computer of an other domain

Recommended Posts

rikho

Link to comment

Share on other sites

rikho

Link to comment

Share on other sites

water

Link to comment

Share on other sites

rikho

Link to comment

Share on other sites

PsaltyDS

Link to comment

Share on other sites

water

Link to comment

Share on other sites

rikho

Link to comment

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Recently Browsing 0 members

Browse

AutoIt Resources

Release

Beta