Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Create user in another AD

Status
Not open for further replies.
sn0rg

sn0rg

IS-IT--Management
Aug 5, 2005
95
GB
Hi all,

I've got to create a user account (with vbscript) in a different Forest. I know the account I'm using has the relevant permission in that Forest, but am struggling to create the object.

On the objUser.setinfo line, I get the error:
-2147016651
The server is unwilling to process the request

I suspect that the credentials are not being passed to the other forest properly (we have a trust), so it may be able to connect using my logged on credentials)

Here's my script:

Code: 
Const ForReading = 1, ForAppending = 8
Const ADS_SECURE_AUTHENTICATION = &H1
Const ADS_SERVER_BIND = &H200

strUser = "domain\whatever"
strPassword = "thePassword"


Set objCommand = CreateObject("ADODB.Command")
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"

objConnection.Properties("User ID") = strUser
objConnection.Properties("Password") = strPassword
objConnection.Properties("Encrypt Password") = True
objConnection.Properties("ADSI Flag") = ADS_SECURE_AUTHENTICATION and ADS_SERVER_BIND
objConnection.Open "Active Directory Provider"
objCommand.ActiveConnection = objConnection
strBase = "<LDAP://192.168.0.1:3268/DC=company1,DC=com>"
strAttributes = "adspath"
strFilter = "(&(distinguishedname=OU=Users,DC=Company1,DC=com))"
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
objCommand.CommandText = strQuery

objCommand.Properties("Page Size") = 500
objCommand.Properties("Timeout") = 120
objCommand.Properties("Cache Results") = True

Set objRecordSet = objCommand.Execute

	Do Until objRecordSet.EOF
		For each oField in objRecordSet.Fields
			set objOU = Getobject(oField.value)
			Set objUser = objOU.Create("User", "cn=zzTestuser")

			objUser.put "samAccountName", "testing.testing"
			objUser.setinfo

			Next

		objRecordSet.MoveNext
	
	Loop
 
Sort by date Sort by votes
What is the value of oField.value? Where is that being pulled from?

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at
Work SMARTER not HARDER. The Spider's Parlor's Admin Script Pack is a collection of Administrative scripts designed to make IT Administration easier! Save time, get more work done, get the Admin Script Pack.
 
Upvote 0 Downvote
Thanks for the help - solution turned out to be:

Code: 
Set objNamespace = GetObject("LDAP:")
Set objOU = objNamespace.OpenDSObject("LDAP://otherforest.com/OU=TheOUToCreateTheUserIn,DC=otherforest,DC=com", strUsername, strPassword, 0)
 
objOU.Create("user", "CN=Username")
Where 0 is the encryption flag
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

bdwilcox
  • Locked
  • Question
Trying to adapt VBScript to search if machine is in an AD group 6
Replies
8
Views
963
SoftwareRT
SoftwareRT
lunter
  • Locked
  • Question
How to create vbArray+vbByte (8209) in *.vbs stript
Replies
0
Views
219
lunter
lunter
skrall
  • Locked
  • Question
script to create shortcuts of several folders in another folder
Replies
1
Views
158
Don Child
Don Child
Z3braa
  • Locked
  • Question
Remove specific computer name in Logon Workstation from from all users in AD, with VBScript
Replies
0
Views
165
Z3braa
Z3braa
TvdH1981
  • Locked
  • Question
vbs script to create folders + subfolders by input foldernames 1
2
Replies
32
Views
1K
mikrom
mikrom

Part and Inventory Search

Sponsor

Back
Top