Joystik59 Posted January 18, 2011 Share Posted January 18, 2011 Hi all, Have a problem with authenticating to a different domain. Have searched the forums, but could not find a solution. Preliminary info: DomainA - Server 2003 R2 - Functional Level 2003 DomainB - Server 2003 - Functional Level 2000 User ID and PW's are the same in both domains. My XP workstation is in DomainA Using the following code, I do get back an array of information for my user ID when using the vars for DomainA. If I switch the vars to DomainB, I get a return code of '0' (failure) on the _ad_open, and an error code of '8'. I did run Water's little script to get the $sAD_ConfigurationParam info on the DomainB DC, so I believe it is correct. I have been able to get information from both domains using an ADODB connection and setting the appropriate properties, however I would rather use the ad.au3 functions, as they are much simpler to use. Any assistance would be appreciated. Thanx in advance. $strUserID = "myuserid" $strPW = "mypassword" $strDomain = "dc=DomainA,dc=org" $strDomainController = "DC-A.DomainA.org" ;$strDomain = "dc=DomainB,dc=org" ;$strDomainController = "DC-B.DomainB.org" $intADOpenRet = _AD_Open($strUserID, $strPW, $strDomain, $strDomainController, "CN=Configuration," & $strDomain) $intADOpenErr = @Error Consolewrite("$intADOpenRet = " & $intADOpenRet & @CRLF) Consolewrite("$intADOpenErr = " & $intADOpenErr & @CRLF) $aProperties = _AD_GetObjectProperties($strUserID) _ArrayDisplay($aProperties) _AD_Close() Link to comment Share on other sites More sharing options...
water Posted January 18, 2011 Share Posted January 18, 2011 do you have a windows vista or windows 7 client in domain a? You can get detailed error information as described in the _ad_open example. My UDFs and Tutorials: Spoiler UDFs:Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - WikiExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example ScriptsOutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - WikiOutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - DownloadOutlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - WikiPowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - WikiTask Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs:Excel - Example Scripts - WikiWord - Wiki Tutorials:ADO - WikiWebDriver - Wiki Link to comment Share on other sites More sharing options...
Joystik59 Posted January 18, 2011 Author Share Posted January 18, 2011 I ran the example script on a Windows 2008 server. Got @error 8; @extended -2147352567. I'll have to keep searching if you still want me to run it on Win 7. BTW - thanx for the incredibly fast response. Link to comment Share on other sites More sharing options...
water Posted January 19, 2011 Share Posted January 19, 2011 (edited) There seems to be a problem with OpenDsObject. Could you please set line 159 toGlobal Const $ADS_USE_ENCRYPTION = 0x0and comment (deactivate) line$oAD_Connection.Properties("Encrypt Password") = True ; Encrypts userid and password Edited January 19, 2011 by water My UDFs and Tutorials: Spoiler UDFs:Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - WikiExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example ScriptsOutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - WikiOutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - DownloadOutlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - WikiPowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - WikiTask Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs:Excel - Example Scripts - WikiWord - Wiki Tutorials:ADO - WikiWebDriver - Wiki Link to comment Share on other sites More sharing options...
Joystik59 Posted January 19, 2011 Author Share Posted January 19, 2011 There seems to be a problem with OpenDsObject. Could you please set line 159 toGlobal Const $ADS_USE_ENCRYPTION = 0x0and comment (deactivate) line$oAD_Connection.Properties("Encrypt Password") = True ; Encrypts userid and password Same error. Link to comment Share on other sites More sharing options...
water Posted January 19, 2011 Share Posted January 19, 2011 (edited) Could you please insert the following code before$iAD_Debug = 2 Local $sAD_Hive = "HKLM" If @OSArch = "IA64" Or @OSArch = "X64" Then $sAD_Hive = "HKLM64" Local $sAD_OSVersion = RegRead($sAD_Hive & "\SOFTWARE\Microsoft\Windows NT\CurrentVersion", "CurrentVersion") $sAD_OSVersion = StringSplit($sAD_OSVersion, ".") Msgbox(0,"", "Osversion: " & $sAD_OSVersion)and after your call to _AD_Open and post the results?Global $aError = _AD_GetLastADSIError() _ArrayDisplay($aError)Edit: What comes to my mind: Could you please use the NetBIOS name to login?$strUserID = "DomainB\myuserid" Edited January 19, 2011 by water My UDFs and Tutorials: Spoiler UDFs:Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - WikiExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example ScriptsOutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - WikiOutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - DownloadOutlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - WikiPowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - WikiTask Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs:Excel - Example Scripts - WikiWord - Wiki Tutorials:ADO - WikiWebDriver - Wiki Link to comment Share on other sites More sharing options...
Joystik59 Posted January 19, 2011 Author Share Posted January 19, 2011 Did some more playing. Seems to be the $bAD_BindFlags parm and encryption. I replaced $bAD_BindFlags = BitOR($ADS_SECURE_AUTH, $ADS_SERVER_BIND, $ADS_USE_ENCRYPTION) with $bAD_BindFlags = BitOR($ADS_SECURE_AUTH, $ADS_SERVER_BIND) And it seems to work fine. Link to comment Share on other sites More sharing options...
water Posted January 20, 2011 Share Posted January 20, 2011 (edited) Did some more playing. Seems to be the $bAD_BindFlags parm and encryption. I replaced $bAD_BindFlags = BitOR($ADS_SECURE_AUTH, $ADS_SERVER_BIND, $ADS_USE_ENCRYPTION) with$bAD_BindFlags = BitOR($ADS_SECURE_AUTH, $ADS_SERVER_BIND) And it seems to work fine. But removing the $ADS_USE_ENCRYPTION flag or setting it to 0x0 (as I suggested ) should yield the same result. Don't understand the difference The next version will include a new flag to use SSL and password encryption (as soon as I find a good docu on the internet - because M$s docu is very, very bad on this flags). Edited January 23, 2011 by water My UDFs and Tutorials: Spoiler UDFs:Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - WikiExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example ScriptsOutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - WikiOutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - DownloadOutlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - WikiPowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - WikiTask Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs:Excel - Example Scripts - WikiWord - Wiki Tutorials:ADO - WikiWebDriver - Wiki Link to comment Share on other sites More sharing options...
bluechipps Posted February 7, 2011 Share Posted February 7, 2011 Did some more playing. Seems to be the $bAD_BindFlags parm and encryption. I replaced $bAD_BindFlags = BitOR($ADS_SECURE_AUTH, $ADS_SERVER_BIND, $ADS_USE_ENCRYPTION) with $bAD_BindFlags = BitOR($ADS_SECURE_AUTH, $ADS_SERVER_BIND) And it seems to work fine. Thank you thank you! Spent all day trying to figure out why it wasn't working. I could get it working on same server using a simple vb script with same parameters, but _AD_Open() kept throwing errors like yours. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now