Jump to content

Active Directory Ldap password change


Agent Orange
 Share

Recommended Posts

Hey all-

I really need some help on this.

I have a bunch of PC that are not in our AD domain (and won't be)...they login using NDS (Novell)

However, the users do have AD accounts they use to access some web based apps.

I need to write an app that will authenticate the user to the domain using their username and password...then allow them to change that password.

Most of the scripts examples I've seen seem to assume that the PC the user is on is already in the domain...which of course makes sense, but is not the case in my example.

Is this possible? Any help would be appreciated.

Link to comment
Share on other sites

You know Helge if you spent a fraction of the time trying to help....which is what I thought a forum like this is for....instead of making comments about me trying to posting this a few times to get an answer, I might be on the road to solving this.

The only reason I posted this a few times is because I was seeing 50+ views of the thread and no responses....I thought maybe I should try it in a different forum a try rewording it.

Link to comment
Share on other sites

I don't have a problem with anyone posting a few times to get an answer,

it's just that it's so unnecessary to make another topic instead of just

doing what a lot of other people do : bump it. Instead you create three

new topics because you're not satisified with the views/response-ratio.

50+ views and no responses ?! Oh damn.

Link to comment
Share on other sites

Helge

I see your point but it seems you're missing mine. This forum is here for one reason (ok maybe two)....or it least it should be....for scriptors to get help on issues they are having and to share what they have accomplished. It really isn't necessary for you or anyone else here to badger someone just for a couple of extra posts....it not like I'm a serial reposter or something.

Now that said I have made some headway on this script using ADSI. I can't quite figure out why I'm getting an error at this line however

$UserObj.ChangePassword($currentpassword, $newpassword)

If I replace this line with

$UserObj.SetPassword($newpassword) it works...but not with the ChangePassword command.

This is the error I get with ChangePassword...see attached file for screen shot.

$UserObj.ChangePassword($currentpassword, $newpassword)^Error

Error: The requested action with this object has failed.

Any ideas?

adsierror.zip

Edited by Agent Orange
Link to comment
Share on other sites

  • Developers

@Agent Orange, when you stop posting your "single" question fragmented over 4-5 threads you might get some better help.

I for one don't feel like reading the same question from the same person at different places/forums and eveytime find one piece of the puzzle. It just makes me close the post and move on....

So please stop posting your questions multiple times and stick to one thread.....

SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Link to comment
Share on other sites

JdeB-

Agreed....I will make sure in the future to keep my post to one thread when they are on the same topic.

Could you take a look the above "active" thread on my question at and see if you have any insight to my issue.

Any help/guidance would be appreciated.

Thanks

Edited by Agent Orange
Link to comment
Share on other sites

  • Developers

JdeB-

Agreed....I will make sure in the future to keep my post to one thread when they are on the same topic.

Could you take a look the above "active" thread on my question at and see if you have any insight to my issue.

Any help/guidance would be appreciated.

Thanks

I don't understand why you don't use the SetPassword since it can change the password of the current user..

Anyway, show a short script you are testing with and we might be able to assist.

SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Link to comment
Share on other sites

My thought on using ChangePassword instead of SetPassword is it would be a little safer in that with ChangePassword the person changing the password would at least need to know the current password to change it. My testing of SetPassword is that any user would technically be able to reset any password using the script as long as they knew the username. Here is the code I'm working with....

; Getting a users current name and password then allowing them to change the password
; Password update using ADSI
; 9/30/06
Dim $lastlogin, $DomainString, $newpassword, $currentpassword, $UserString, $sNewUsrDesc
$UserString = InputBox("Username","Please enter your username")
$currentpassword = InputBox("Current Password","Please enter your current password","","*")
$newpassword = InputBox("New Password","Please enter a new password","","*")
$DomainString = "domain"
$sNewUsrDesc = InputBox("Description","Please enter a description")
DriveMapAdd("r:","\\domainserver\share",0,"domain\pswdchanger", "testing1234")

sleep(2000)
$UserObj = ObjGet("WinNT://" & $DomainString & "/" & $UserString)
$lastlogin = $UserObj.Get ("LastLogin")
$UserObj.Put ("Description", $sNewUsrDesc)  
$UserObj.ChangePassword($currentpassword, $newpassword)
$UserObj.SetInfo

MsgBox(0, "Last Login Date/Time", $lastlogin)
DriveMapDel("r:")

As I said, if I replace the $UserObj.ChangePassword($currentpassword, $newpassword) with SetPassword($newpassword) the whole script works as expected....if I use the ChangePassword I get that error mentioned earlier.

Thanks

Edited by Agent Orange
Link to comment
Share on other sites

  • Developers

Try this version to see what the error is its giving:

Dim $lastlogin, $DomainString, $newpassword, $currentpassword, $UserString, $sNewUsrDesc
$oMyError = ObjEvent("AutoIt.Error", "ComError")
;
$UserString = "YourID"
$currentpassword = "TestPassword1" 
$newpassword = "TestPassword2" 
$DomainString = @LogonDomain
$UserObj = ObjGet("WinNT://" & $DomainString & "/" & $UserString)
If Not @error Then
    $UserObj.ChangePassword($currentpassword, $newpassword)
    $UserObj.SetInfo
EndIf
;
Func ComError() 
   $HexNumber=hex($oMyError.number,8) 
   Msgbox(0,"","We intercepted a COM Error !" & @CRLF & _
                "Number is: " & $HexNumber & @CRLF & _
                "Linenbr is: " & $oMyError.scriptline  & @CRLF & _
                "Description is: " & $oMyError.description  & @CRLF & _
                "Windescription is: " & $oMyError.windescription ) 

   SetError(1) ; something to check for when this function returns 
Endfunc

SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Link to comment
Share on other sites

JdeB-

The code is working now using the ChangePassword command. Not sure exactly what it was. It's possible the script was trying to make the call before the drive auth had completed....thus not having the necessary right to complete the request. Anyway, thanks for your help on this!

Edited by Agent Orange
Link to comment
Share on other sites

Ok....The script above this post works using just regular input boxes. Now I'm trying to wrap it into a GUI but when I do I start getting errors again. The system doesn't give a specific error for some reason, but if I drop a message box in for MsgBox(0, "test", $UserObj)...it has no data in it.

I've changed any site specific info like domain extra.

#include <GUIConstants.au3>
#include <Inet.au3>
;#NoTrayIcon
Dim $lastlogin, $sNewUsrDesc, $DomainString, $UserString, $currentpassword, $newpassword, $UserObj, $PWDForm, $Group1, $Text1, $Text2, $Text3, $subgroup1a
Dim $LabelUsername, $LabelCurrentPwd, $newpswdlabel, $ChangeButton, $CancelButton, $MenuItemFile, $SubMenuItemExit, $MenuItemInfo, $SubMenuItemAbout
Dim $CloseButton1
Dim $DomainString = "domain"

$oMyError = ObjEvent("AutoIt.Error", "ComError")


DriveMapDel("h:")

_TAPCGUIForm()

Func _TAPCGUIForm()
#Region ### START Main GUI section ###
Local $maintitle = "TAPC v.1.1"
$PWDForm = GUICreate("TAPC v.1.1", 633, 381, 193, 115)
$Group1 = GUICtrlCreateGroup("", 16, 40, 601, 289)
$Text1 = GUICtrlCreateLabel("This program is used to change your Active Directory password for the domain. To change your password enter", 32, 64, 576, 17)
$Text2 = GUICtrlCreateLabel("your Active Directory 4x4 username and current password.  Then enter your new password and click the Change button.", 32, 80, 571, 17)
$Text3 = GUICtrlCreateLabel("If you do not enter the correct current password you will be notified that the password change was unsuccessful.", 32, 96, 533, 17)
$subgroup1a = GUICtrlCreateGroup("", 40, 128, 537, 145)
$LabelUsername = GUICtrlCreateLabel("Username:", 56, 163, 55, 17)
$UserString = GUICtrlCreateInput("", 160, 160, 130, 21)
$LabelCurrentPwd = GUICtrlCreateLabel("Current Password:", 56, 195, 90, 17)
$currentpassword = GUICtrlCreateInput("", 160, 192, 121, 21, BitOR($ES_PASSWORD,$ES_AUTOHSCROLL))
$newpswdlabel = GUICtrlCreateLabel("New Password:", 56, 227, 78, 17)
$newpassword = GUICtrlCreateInput("", 160, 224, 121, 21, BitOR($ES_PASSWORD,$ES_AUTOHSCROLL))
;$newpassword = InputBox("password","")
GUICtrlCreateGroup("", -99, -99, 1, 1)
$ChangeButton = GUICtrlCreateButton("&Change", 152, 288, 75, 25, 0)
$CancelButton = GUICtrlCreateButton("C&ancel", 368, 288, 75, 25, 0)
GUICtrlCreateGroup("", -99, -99, 1, 1)
$MenuItemFile = GUICtrlCreateMenu("&File")
$SubMenuItemExit = GUICtrlCreateMenuItem("Exit", $MenuItemFile)
$MenuItemInfo = GUICtrlCreateMenu("&Info")
$SubMenuItemAbout = GUICtrlCreateMenuItem("About", $MenuItemInfo)
GUISetState(@SW_SHOW)
#EndRegion ### END Main GUI section ###

While 1
    $Msg = GUIGetMsg()
    Select 
    
    Case $Msg = $GUI_EVENT_CLOSE or $Msg = $SubMenuItemExit
            Exit
            GUIDelete($PWDForm)
        
    Case $Msg = $CancelButton
        Exit
        GUIDelete($PWDForm)
        
    Case $Msg = $ChangeButton
                       _changepswd()
        
    Case $Msg = $SubMenuItemAbout
           _TAPCAbout()
    
    EndSelect
WEnd
EndFunc

Func _TAPCAbout()
;Excluded this section since it is not necessary of  this forum question
EndFunc

Func _GuiCtrlCreateHyperlink($S_TEXT, $I_LEFT, $I_TOP, _ 
        $I_WIDTH = -1, $I_HEIGHT = -1, $I_COLOR = 0x0000ff, $S_TOOLTIP = '', $I_STYLE = -1, $I_EXSTYLE = -1)
   Local $I_CTRLID
   $I_CTRLID = GUICtrlCreateLabel($S_TEXT, $I_LEFT, $I_TOP, $I_WIDTH, $I_HEIGHT, $I_STYLE, $I_EXSTYLE)
   If $I_CTRLID <> 0 Then
      GUICtrlSetFont($I_CTRLID, -1, -1, 4)
      GUICtrlSetColor($I_CTRLID, $I_COLOR)
      GUICtrlSetCursor($I_CTRLID, 0)
      If $S_TOOLTIP <> '' Then
         GUICtrlSetTip($I_CTRLID, $S_TOOLTIP)
      EndIf
   EndIf
   Return $I_CTRLID
EndFunc  ;==>_GuiCtrlCreateHyperlink

Func _changepswd()
DriveMapAdd("h:","\\servername\share",0,"AD\pswduser", "pswd1234")
Do
    Sleep(5)
Until DriveStatus("h:") = "READY"
$UserObj = ObjGet("WinNT://" & $DomainString & "/" & $UserString)
MsgBox(0, "test", $UserObj)
If Not @error Then  
$UserObj.ChangePassword($currentpassword, $newpassword)
$UserObj.SetInfo
EndIf

Msgbox(0,"Update","Password Change Was Successful")
DriveMapDel("h:")
EndFunc

Func ComError()
    Local $HexNumber
    Local $oMyError
   $HexNumber=hex($oMyError.number,8) 
   Msgbox(0,"","We intercepted a COM Error !" & @CRLF & _
                "Number is: " & $HexNumber & @CRLF & _
                "Linenbr is: " & $oMyError.scriptline  & @CRLF & _
                "Description is: " & $oMyError.description  & @CRLF & _
                "Windescription is: " & $oMyError.windescription ) 

   SetError(1) ; something to check for when this function returns 
   DriveMapDel("h:")
   MsgBox(0,"Error","Your password change was unsuccessful.  Please verify your current password.")
Exit
Endfunc

Any ideas? Since it works using the simple input boxes I'm sure it is coder error for this noob.

Thanks

Edited by Agent Orange
Link to comment
Share on other sites

  • Developers

To get the Value of a GUIcontrol you need to do GUICtrlRead()

Something like:

$UserObj = ObjGet("WinNT://" & $DomainString & "/" & GUICtrlRead($UserString))
    MsgBox(0, "test", $UserObj)
    If Not @error Then
        $UserObj.ChangePassword (GUICtrlRead($currentpassword), GUICtrlRead($newpassword))

:lmao:

SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Link to comment
Share on other sites

Ok.....everything is working nicely. It takes a little while for the auth. to the domain and reset of the password so I'd like to add a progress bar at the bottom of the main GUI.

I've already added the GUI bar code right after the $CancelButton = in the Main GUI section.

$Progress1 = GUICtrlCreateProgress(136, 308, 334, 24, $PBS_SMOOTH)
GUICtrlSetData(-1, 25)
GUICtrlSetState(-1, $GUI_DISABLE)
GUICtrlSetState(-1, $GUI_HIDE)

See the entire code in the above post.

What is the code that would show the progress bar moving when the Change button is pressed. It should show the process until the event is done.

Thanks

Edited by Agent Orange
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...