modify AD computer script to run from locally authenticated account on server

Hello,

I have a script that I want to modify but am lost in applying the
correct syntax to move a computer object in Active Directory.  Based
on what I have found in my searches I will need to bind directly to a
DC with alternate credentials.  I have tried multiple iterations but
can't get it to work.  Below is the original un-altered script that I
am trying improve upon.

------begin paste-----------
'get computer name
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root
\cimv2")
Set colItems = objWMIService.ExecQuery("Select Name from
Win32_ComputerSystem",,48)
For Each objItem in colItems
strPCName = objItem.Name
Next

'move computer object
Set objNewOU = GetObject("LDAP://OU=New
Container,DC=sub,DC=root,DC=local")
Set objMoveComputer = objNewOU.MoveHere _
("LDAP://CN=" & strPCName & ",CN=Computers,DC=sub,DC=root,DC=local",
"CN=" & strPCName)


--------end paste-----------
0
worldzfree
12/9/2009 10:28:43 PM
windows.server.active_director 902 articles. 0 followers. Follow

7 Replies
1670 Views

Similar Articles

[PageSpeed] 5

"worldzfree" <arosette@gmail.com> wrote in message 
news:35b466e3-7bec-46ef-8f77-3d82cd551f79@u1g2000pre.googlegroups.com...
> Hello,
>
> I have a script that I want to modify but am lost in applying the
> correct syntax to move a computer object in Active Directory.  Based
> on what I have found in my searches I will need to bind directly to a
> DC with alternate credentials.  I have tried multiple iterations but
> can't get it to work.  Below is the original un-altered script that I
> am trying improve upon.
>
> ------begin paste-----------
> 'get computer name
> strComputer = "."
> Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root
> \cimv2")
> Set colItems = objWMIService.ExecQuery("Select Name from
> Win32_ComputerSystem",,48)
> For Each objItem in colItems
> strPCName = objItem.Name
> Next
>
> 'move computer object
> Set objNewOU = GetObject("LDAP://OU=New
> Container,DC=sub,DC=root,DC=local")
> Set objMoveComputer = objNewOU.MoveHere _
> ("LDAP://CN=" & strPCName & ",CN=Computers,DC=sub,DC=root,DC=local",
> "CN=" & strPCName)
>
>
> --------end paste-----------

First, you can retrieve the local computer name (the NetBIOS name) from the 
wshNetwork object.

' Retrieve local computer name.
Set objNetwork = CreateObject("Wscript.Network")
strPCName = objNetwork.ComputerName

Next, use the OpenDSObject method of the LDAP namespace to bind to an object 
with alternate credentials. Also, when moving an object, instead of 
specifying the Common Name in the MoveHere method, use vbNullString. 
Finally, the NetBIOS name of the computer, whether retrieved using WMI or 
wshNetwork, may not match the common name of the computer object (the value 
of the cn attribute). Instead, use the ADSystemInfo object to retrieve the 
Distinguished Name of the computer. For example:
==========
Const ADS_SECURE_AUTHENTICATION = &H1

' Specify username to connect.
strUser = "MyDomain\JSMith"

' Specify password.
strPassword = "xzy321w

' Specify DN of new OU container.
strOU = "ou=New Container,dc=sub,dc=root,dc=local"

' Retrieve DN of local computer.
Set objSysInfo = CreateObject("ADSystemInfo")
strComputerDN = objSysInfo.ComputerName

' Bind to new OU object in AD with alternate credentials.
Set objNS = GetObject("LDAP:")
Set objNewOU = objNS.OpenDSObject("LDAP://" & strOU, strUser, strPassword, 
ADS_SECURE_AUTHENTICATION)

' Move the computer object in AD.
objNewOU.MoveHere "LDAP://" & strComputerDN, vbNullString

-- 
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
-- 


0
Richard
12/10/2009 3:34:52 AM
On Dec 9, 7:34=A0pm, "Richard Mueller [MVP]" <rlmueller-
nos...@ameritech.nospam.net> wrote:
> "worldzfree" <arose...@gmail.com> wrote in message
>
> news:35b466e3-7bec-46ef-8f77-3d82cd551f79@u1g2000pre.googlegroups.com...
>
>
>
> > Hello,
>
> > I have a script that I want to modify but am lost in applying the
> > correct syntax to move a computer object in Active Directory. =A0Based
> > on what I have found in my searches I will need to bind directly to a
> > DC with alternate credentials. =A0I have tried multiple iterations but
> > can't get it to work. =A0Below is the original un-altered script that I
> > am trying improve upon.
>
> > ------begin paste-----------
> > 'get computer name
> > strComputer =3D "."
> > Set objWMIService =3D GetObject("winmgmts:\\" & strComputer & "\root
> > \cimv2")
> > Set colItems =3D objWMIService.ExecQuery("Select Name from
> > Win32_ComputerSystem",,48)
> > For Each objItem in colItems
> > strPCName =3D objItem.Name
> > Next
>
> > 'move computer object
> > Set objNewOU =3D GetObject("LDAP://OU=3DNew
> > Container,DC=3Dsub,DC=3Droot,DC=3Dlocal")
> > Set objMoveComputer =3D objNewOU.MoveHere _
> > ("LDAP://CN=3D" & strPCName & ",CN=3DComputers,DC=3Dsub,DC=3Droot,DC=3D=
local",
> > "CN=3D" & strPCName)
>
> > --------end paste-----------
>
> First, you can retrieve the local computer name (the NetBIOS name) from t=
he
> wshNetwork object.
>
> ' Retrieve local computer name.
> Set objNetwork =3D CreateObject("Wscript.Network")
> strPCName =3D objNetwork.ComputerName
>
> Next, use the OpenDSObject method of the LDAP namespace to bind to an obj=
ect
> with alternate credentials. Also, when moving an object, instead of
> specifying the Common Name in the MoveHere method, use vbNullString.
> Finally, the NetBIOS name of the computer, whether retrieved using WMI or
> wshNetwork, may not match the common name of the computer object (the val=
ue
> of the cn attribute). Instead, use the ADSystemInfo object to retrieve th=
e
> Distinguished Name of the computer. For example:
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> Const ADS_SECURE_AUTHENTICATION =3D &H1
>
> ' Specify username to connect.
> strUser =3D "MyDomain\JSMith"
>
> ' Specify password.
> strPassword =3D "xzy321w
>
> ' Specify DN of new OU container.
> strOU =3D "ou=3DNew Container,dc=3Dsub,dc=3Droot,dc=3Dlocal"
>
> ' Retrieve DN of local computer.
> Set objSysInfo =3D CreateObject("ADSystemInfo")
> strComputerDN =3D objSysInfo.ComputerName
>
> ' Bind to new OU object in AD with alternate credentials.
> Set objNS =3D GetObject("LDAP:")
> Set objNewOU =3D objNS.OpenDSObject("LDAP://" & strOU, strUser, strPasswo=
rd,
> ADS_SECURE_AUTHENTICATION)
>
> ' Move the computer object in AD.
> objNewOU.MoveHere "LDAP://" & strComputerDN, vbNullString
>
> --
> Richard Mueller
> MVP Directory Services
> Hilltop Lab -http://www.rlmueller.net
> --

Thanks Richard!  I have tried that code but I receive the following
error.

Line:  14
Char:  1
Error:  Logon failure:  account currently disabled
Code:  80070533
Source:  Null

I have double-verified that the account credentials are entered
properly and the AD account is not disabled.  Any ideas?
0
worldzfree
12/10/2009 6:34:20 PM
On Dec 10, 10:34=A0am, worldzfree <worldzf...@gmail.com> wrote:
> On Dec 9, 7:34=A0pm, "Richard Mueller [MVP]" <rlmueller-
>
>
>
> nos...@ameritech.nospam.net> wrote:
> > "worldzfree" <arose...@gmail.com> wrote in message
>
> >news:35b466e3-7bec-46ef-8f77-3d82cd551f79@u1g2000pre.googlegroups.com...
>
> > > Hello,
>
> > > I have a script that I want to modify but am lost in applying the
> > > correct syntax to move a computer object in Active Directory. =A0Base=
d
> > > on what I have found in my searches I will need to bind directly to a
> > > DC with alternate credentials. =A0I have tried multiple iterations bu=
t
> > > can't get it to work. =A0Below is the original un-altered script that=
 I
> > > am trying improve upon.
>
> > > ------begin paste-----------
> > > 'get computer name
> > > strComputer =3D "."
> > > Set objWMIService =3D GetObject("winmgmts:\\" & strComputer & "\root
> > > \cimv2")
> > > Set colItems =3D objWMIService.ExecQuery("Select Name from
> > > Win32_ComputerSystem",,48)
> > > For Each objItem in colItems
> > > strPCName =3D objItem.Name
> > > Next
>
> > > 'move computer object
> > > Set objNewOU =3D GetObject("LDAP://OU=3DNew
> > > Container,DC=3Dsub,DC=3Droot,DC=3Dlocal")
> > > Set objMoveComputer =3D objNewOU.MoveHere _
> > > ("LDAP://CN=3D" & strPCName & ",CN=3DComputers,DC=3Dsub,DC=3Droot,DC=
=3Dlocal",
> > > "CN=3D" & strPCName)
>
> > > --------end paste-----------
>
> > First, you can retrieve the local computer name (the NetBIOS name) from=
 the
> > wshNetwork object.
>
> > ' Retrieve local computer name.
> > Set objNetwork =3D CreateObject("Wscript.Network")
> > strPCName =3D objNetwork.ComputerName
>
> > Next, use the OpenDSObject method of the LDAP namespace to bind to an o=
bject
> > with alternate credentials. Also, when moving an object, instead of
> > specifying the Common Name in the MoveHere method, use vbNullString.
> > Finally, the NetBIOS name of the computer, whether retrieved using WMI =
or
> > wshNetwork, may not match the common name of the computer object (the v=
alue
> > of the cn attribute). Instead, use the ADSystemInfo object to retrieve =
the
> > Distinguished Name of the computer. For example:
> > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> > Const ADS_SECURE_AUTHENTICATION =3D &H1
>
> > ' Specify username to connect.
> > strUser =3D "MyDomain\JSMith"
>
> > ' Specify password.
> > strPassword =3D "xzy321w
>
> > ' Specify DN of new OU container.
> > strOU =3D "ou=3DNew Container,dc=3Dsub,dc=3Droot,dc=3Dlocal"
>
> > ' Retrieve DN of local computer.
> > Set objSysInfo =3D CreateObject("ADSystemInfo")
> > strComputerDN =3D objSysInfo.ComputerName
>
> > ' Bind to new OU object in AD with alternate credentials.
> > Set objNS =3D GetObject("LDAP:")
> > Set objNewOU =3D objNS.OpenDSObject("LDAP://" & strOU, strUser, strPass=
word,
> > ADS_SECURE_AUTHENTICATION)
>
> > ' Move the computer object in AD.
> > objNewOU.MoveHere "LDAP://" & strComputerDN, vbNullString
>
> > --
> > Richard Mueller
> > MVP Directory Services
> > Hilltop Lab -http://www.rlmueller.net
> > --
>
> Thanks Richard! =A0I have tried that code but I receive the following
> error.
>
> Line: =A014
> Char: =A01
> Error: =A0Logon failure: =A0account currently disabled
> Code: =A080070533
> Source: =A0Null
>
> I have double-verified that the account credentials are entered
> properly and the AD account is not disabled. =A0Any ideas?

Ok, I found references here (http://www.robvanderwoude.com/
vbstech_network_names_computer.php) on how to retrieve a name.  I
changed:

Set objSysInfo =3D CreateObject("ADSystemInfo")

to

Set objSysInfo =3D CreateObject("WinNTSystemInfo")

and my script got farther along but then I have the same old error
that I was getting before which makes me think I need to do a DC
server bind earlier in the script.  Thoughts?


Line:  18
Char:  1
Error:  The specified domain either does not exist or could not be
contacted
Code:  8007054B
Source:  (null)
0
worldzfree
12/10/2009 6:44:16 PM
"worldzfree" <worldzfree@gmail.com> wrote in message 
news:9dcceb0e-9ab9-4cb8-ae99-ef0258fbf7ec@13g2000prl.googlegroups.com...
On Dec 10, 10:34 am, worldzfree <worldzf...@gmail.com> wrote:
> On Dec 9, 7:34 pm, "Richard Mueller [MVP]" <rlmueller-
>
>
>
> nos...@ameritech.nospam.net> wrote:
> > "worldzfree" <arose...@gmail.com> wrote in message
>
> >news:35b466e3-7bec-46ef-8f77-3d82cd551f79@u1g2000pre.googlegroups.com...
>
> > > Hello,
>
> > > I have a script that I want to modify but am lost in applying the
> > > correct syntax to move a computer object in Active Directory. Based
> > > on what I have found in my searches I will need to bind directly to a
> > > DC with alternate credentials. I have tried multiple iterations but
> > > can't get it to work. Below is the original un-altered script that I
> > > am trying improve upon.
>
> > > ------begin paste-----------
> > > 'get computer name
> > > strComputer = "."
> > > Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root
> > > \cimv2")
> > > Set colItems = objWMIService.ExecQuery("Select Name from
> > > Win32_ComputerSystem",,48)
> > > For Each objItem in colItems
> > > strPCName = objItem.Name
> > > Next
>
> > > 'move computer object
> > > Set objNewOU = GetObject("LDAP://OU=New
> > > Container,DC=sub,DC=root,DC=local")
> > > Set objMoveComputer = objNewOU.MoveHere _
> > > ("LDAP://CN=" & strPCName & ",CN=Computers,DC=sub,DC=root,DC=local",
> > > "CN=" & strPCName)
>
> > > --------end paste-----------
>
> > First, you can retrieve the local computer name (the NetBIOS name) from 
> > the
> > wshNetwork object.
>
> > ' Retrieve local computer name.
> > Set objNetwork = CreateObject("Wscript.Network")
> > strPCName = objNetwork.ComputerName
>
> > Next, use the OpenDSObject method of the LDAP namespace to bind to an 
> > object
> > with alternate credentials. Also, when moving an object, instead of
> > specifying the Common Name in the MoveHere method, use vbNullString.
> > Finally, the NetBIOS name of the computer, whether retrieved using WMI 
> > or
> > wshNetwork, may not match the common name of the computer object (the 
> > value
> > of the cn attribute). Instead, use the ADSystemInfo object to retrieve 
> > the
> > Distinguished Name of the computer. For example:
> > ==========
> > Const ADS_SECURE_AUTHENTICATION = &H1
>
> > ' Specify username to connect.
> > strUser = "MyDomain\JSMith"
>
> > ' Specify password.
> > strPassword = "xzy321w
>
> > ' Specify DN of new OU container.
> > strOU = "ou=New Container,dc=sub,dc=root,dc=local"
>
> > ' Retrieve DN of local computer.
> > Set objSysInfo = CreateObject("ADSystemInfo")
> > strComputerDN = objSysInfo.ComputerName
>
> > ' Bind to new OU object in AD with alternate credentials.
> > Set objNS = GetObject("LDAP:")
> > Set objNewOU = objNS.OpenDSObject("LDAP://" & strOU, strUser, 
> > strPassword,
> > ADS_SECURE_AUTHENTICATION)
>
> > ' Move the computer object in AD.
> > objNewOU.MoveHere "LDAP://" & strComputerDN, vbNullString
>
> > --
> > Richard Mueller
> > MVP Directory Services
> > Hilltop Lab -http://www.rlmueller.net
> > --
>
> Thanks Richard! I have tried that code but I receive the following
> error.
>
> Line: 14
> Char: 1
> Error: Logon failure: account currently disabled
> Code: 80070533
> Source: Null
>
> I have double-verified that the account credentials are entered
> properly and the AD account is not disabled. Any ideas?

Ok, I found references here (http://www.robvanderwoude.com/
vbstech_network_names_computer.php) on how to retrieve a name.  I
changed:

Set objSysInfo = CreateObject("ADSystemInfo")

to

Set objSysInfo = CreateObject("WinNTSystemInfo")

and my script got farther along but then I have the same old error
that I was getting before which makes me think I need to do a DC
server bind earlier in the script.  Thoughts?


Line:  18
Char:  1
Error:  The specified domain either does not exist or could not be
contacted
Code:  8007054B
Source:  (null)

The WinNTSystemInfo object returns the NT name (pre-Windows 2000 logon name) 
of the user, not the Distinguished Name (DN). This makes sense, but does not 
help you, you need the DN. I've heard that a server bind is sometimes 
necessary, the only drawback is that you need to specify a server. The 
following might help:

' Add the following.
Const ADS_SERVER_BIND = &H200

' Then use:
strServer = "MyServer"
Set objNewOU = objNS.OpenDSObject("LDAP://" & strServer & "/" & strOU, 
strUser, strPassword, _
    ADS_SECURE_AUTHENTICATION Or ADS_SERVER_BIND)

-- 
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
-- 


0
Richard
12/10/2009 8:44:31 PM
>
> The WinNTSystemInfo object returns the NT name (pre-Windows 2000 logon na=
me)
> of the user, not the Distinguished Name (DN). This makes sense, but does =
not
> help you, you need the DN. I've heard that a server bind is sometimes
> necessary, the only drawback is that you need to specify a server. The
> following might help:
>
> ' Add the following.
> Const ADS_SERVER_BIND =3D &H200
>
> ' Then use:
> strServer =3D "MyServer"
> Set objNewOU =3D objNS.OpenDSObject("LDAP://" & strServer & "/" & strOU,
> strUser, strPassword, _
> =A0 =A0 ADS_SECURE_AUTHENTICATION Or ADS_SERVER_BIND)
>
> --
> Richard Mueller
> MVP Directory Services
> Hilltop Lab -http://www.rlmueller.net
> --

Richard,

I am still stuck.  I switched back to the "ADSystemInfo" but I assume
I will need to pass credentials to run ADSystemInfo from AD?  Here is
the code as it stands.


------begin paste ---------

Const ADS_SERVER_BIND =3D &H200
Const ADS_SECURE_AUTHENTICATION =3D &H1

' DC to bind to
strServer =3D "domaincontroller"

' Specify username to connect.
strUser =3D "domain\account"

' Specify password.
strPassword =3D "password"

' Specify DN of new OU container.
strOU =3D "OU=3DNew Container,DC=3Dsub,DC=3Droot,DC=3Dlocal"

' Retrieve DN of local computer.
Set objSysInfo =3D CreateObject("ADSystemInfo")
strComputerDN =3D objSysInfo.ComputerName

' Bind to new OU object in AD with alternate credentials.
Set objNS =3D GetObject("LDAP:")
Set objNewOU =3D objNS.OpenDSObject("LDAP://" & strServer & "/" & strOU,
strUser, strPassword, _
    ADS_SECURE_AUTHENTICATION Or ADS_SERVER_BIND)

' Move the computer object in AD.
objNewOU.MoveHere "LDAP://" & strComputerDN, vbNullString

--------end paste----------


The error I get is:

Line:  18
Char:  1
Error:  Logon failure:  account currently disabled
Code:  80070533
Source:  Null


Frustrating.

0
worldzfree
12/11/2009 2:23:39 AM
"worldzfree" <worldzfree@gmail.com> wrote in message 
news:470d8eee-0dbf-429f-9d1f-94c4b5ce26fe@x25g2000prf.googlegroups.com...
>
> The WinNTSystemInfo object returns the NT name (pre-Windows 2000 logon 
> name)
> of the user, not the Distinguished Name (DN). This makes sense, but does 
> not
> help you, you need the DN. I've heard that a server bind is sometimes
> necessary, the only drawback is that you need to specify a server. The
> following might help:
>
> ' Add the following.
> Const ADS_SERVER_BIND = &H200
>
> ' Then use:
> strServer = "MyServer"
> Set objNewOU = objNS.OpenDSObject("LDAP://" & strServer & "/" & strOU,
> strUser, strPassword, _
> ADS_SECURE_AUTHENTICATION Or ADS_SERVER_BIND)
>
> --
> Richard Mueller
> MVP Directory Services
> Hilltop Lab -http://www.rlmueller.net
> --

Richard,

I am still stuck.  I switched back to the "ADSystemInfo" but I assume
I will need to pass credentials to run ADSystemInfo from AD?  Here is
the code as it stands.


------begin paste ---------

Const ADS_SERVER_BIND = &H200
Const ADS_SECURE_AUTHENTICATION = &H1

' DC to bind to
strServer = "domaincontroller"

' Specify username to connect.
strUser = "domain\account"

' Specify password.
strPassword = "password"

' Specify DN of new OU container.
strOU = "OU=New Container,DC=sub,DC=root,DC=local"

' Retrieve DN of local computer.
Set objSysInfo = CreateObject("ADSystemInfo")
strComputerDN = objSysInfo.ComputerName

' Bind to new OU object in AD with alternate credentials.
Set objNS = GetObject("LDAP:")
Set objNewOU = objNS.OpenDSObject("LDAP://" & strServer & "/" & strOU,
strUser, strPassword, _
    ADS_SECURE_AUTHENTICATION Or ADS_SERVER_BIND)

' Move the computer object in AD.
objNewOU.MoveHere "LDAP://" & strComputerDN, vbNullString

--------end paste----------


The error I get is:

Line:  18
Char:  1
Error:  Logon failure:  account currently disabled
Code:  80070533
Source:  Null


Frustrating.
===========
Yes, that makes sense. You cannot use ADSystemInfo if you are not 
authenticated to the domain.

I would try again, but reversing the steps, so you bind to the OU object 
with alternate credentials first, then use ADSystemInfo to retrieve the DN 
of the local computer. Hopefully, once you are authenticated, you can do 
this.

Otherwise, it becomes difficult to retrieve the DN of the local computer. 
The only other reliable solution is to use the NameTranslate object to 
convert the NetBIOS name of the computer retrieved from the wshNetwork 
object into the DN. You can use alternate credentials with NameTranslate. 
This is getting complicated, but that's what happens when you aren't 
authenticated. The final solution, if the suggestion above does not work, 
would be:
========
Const ADS_SECURE_AUTHENTICATION = &H1
' Constants for the NameTranslate object.
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1

' Specify NetBIOS name of domain.
strDomain = "MyDomain"

' Specify username to connect.
strUser = "JSMith"

' Specify password.
strPassword = "xzy321w

' Retrieve NetBIOS name of local computer.
Set objNetwork = CreateObject("Wscript.Network")
strComputer = objNetwork.ComputerName

' Use NameTranslate to convert NT form of computer name into DN.
Set objTrans = CreateObject("NameTranslate")
' Initialize by locating Global Catalog. Specify credentials.
objTrans.InitEx ADS_NAME_INITTYPE_GC, "", strUser, strDomain, strPassword
' Use the Set method to specify the NT format of the name.
objTrans.Set ADS_NAME_TYPE_NT4, strDomain & "\" & strComputer
' Use the Get method to retrieve the DN.
strComputerDN = objTrans.Get(ADS_NAME_TYPE_1779)

' Specify DN of new OU container.
strOU = "ou=New Container,dc=sub,dc=root,dc=local"

' Bind to new OU object in AD with alternate credentials.
Set objNS = GetObject("LDAP:")
Set objNewOU = objNS.OpenDSObject("LDAP://" & strOU, _
    strDomain & "\" & strUser, strPassword, ADS_SECURE_AUTHENTICATION)

' Move the computer object in AD.
objNewOU.MoveHere "LDAP://" & strComputerDN, vbNullString
========
I haven't tested the above, but I've done similar work with alternate 
credentials. Notice I've changed the meaning of strUser and added strDomain, 
to accomodate the NameTranslate object.

-- 
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
-- 


0
Richard
12/11/2009 3:46:59 AM
Thanks Richard.  I got something hobbled together to get it to work.
I had to add a "$" at the end of the computer name translation and
then add the server bind code further down.  There may be a cleaner
approach but this works for me.  Again, thanks.

-------begin paste---------

' Constants for the NameTranslate object and server-bind
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1
Const ADS_SERVER_BIND = &H200
Const ADS_SECURE_AUTHENTICATION = &H1

' DC to bind to
strServer = "domaincontroller"

' Specify NetBIOS name of domain.
strDomain = "domain"

' Specify username to connect.
strUser = "moveaccount"

' Specify password.
strPassword = "123456"

' Retrieve NetBIOS name of local computer.
Set objNetwork = CreateObject("Wscript.Network")
strComputer = objNetwork.ComputerName

' Use NameTranslate to convert NT form of computer name into DN.
Set objTrans = CreateObject("NameTranslate")
' Initialize by locating Global Catalog. Specify credentials.
objTrans.InitEx ADS_NAME_INITTYPE_GC, "", strUser, strDomain,
strPassword
' Use the Set method to specify the NT format of the name.
objTrans.Set ADS_NAME_TYPE_NT4, strDomain & "\" & strComputer & "$"
' Use the Get method to retrieve the DN.
strComputerDN = objTrans.Get(ADS_NAME_TYPE_1779)

' Specify DN of new OU container.
strOU = "OU=New Container,DC=sub,DC=root,DC=local"

' Bind to new OU object in AD with alternate credentials.
Set objNS = GetObject("LDAP:")
Set objNewOU = objNS.OpenDSObject("LDAP://" & strServer & "/" & strOU,
strUser, strPassword, _
    ADS_SECURE_AUTHENTICATION Or ADS_SERVER_BIND)

' Move the computer object in AD.
objNewOU.MoveHere "LDAP://" & strComputerDN, vbNullString

---------end paste--------------
0
worldzfree
12/11/2009 7:22:59 PM
Reply:

Similar Artilces:

Outlook will not login to Exchange 2k server
I'm running Outlook 2002 on a WinXP box, new build. The user is on a roaming profile and can log into their Exchange email from just about any other box. On the box in question, after logging into the domain successfully and running Outlook, Outlook keeps on asking for her login information again and says that it is invalid. The Exchange 2k server was an upgrade from Exchange 5.5 last April so I don't know if the Outlook is for some reason looking for the old Exchange 5.5 server somehow, but her profile works on other boxes. Any ideas? Thanks! Ken Wheeler kwheeler@netlink...

2003 Excel Macros Run Slowly
I upgraded to Office 2003 and have a macro in one of my spreadsheets. When I execute this macro it runs very, very slowly i.e. mulitple minutes vs 2 sec on Office 2000. Is there anything I should be doing to improve the speed? Regards, Ed Close excel, clean up your windows temp folder. set calculation to manual, run your code, reset it to what it was. Turn screenupdating off when you start and on when you finish. turn the display of pagebreaks off when you start. Lots of my macros have this at the top: Dim CalcMode As Long CalcMode = Application.Calculation Applicatio...

Could Excel be used as accounting software?
If so, any tutorials. (I don't want to learn or bky quick books) I jus want to keep tabs on business expenses and I would rather not do it o paper -- Freddy_Kruge ----------------------------------------------------------------------- Freddy_Kruger's Profile: http://www.excelforum.com/member.php?action=getinfo&userid=2962 View this thread: http://www.excelforum.com/showthread.php?threadid=52382 Theoretically yes but practically no. There a lot of other softwares particularly databases that could do a lot than Excel. These include SAP,Oracle etc., Are you saying that excel wou...

How do I clear passwords from Outlook Account Manager protected storage?
I've found plenty of utilities to retrieve them from Protected Storage. But if I want to clear them out, I have found no way to do so with any utilites, or a way already built into Windows. I'm using Windows XP SP2 with Outlook 2003 SP2. thanks. ...

Changing computer
Hi, I'm about to sell my Dell pc on which I recently installed Microsoft Home & Student 2007. Do I just un-install it and then re-install it on the new one? Is it illegal (or stupid) to leave it on the computer? And how would I go about moving my Word files from old to new? Any advice much appreciated. Thanks Sal If you leave it installed, you must also give them the disks. (And yes, that would be stupid - sorry.) If you intend to keep the disks and the license for yourself, you must uninstall it. Move your files with a USB drive or burn them to a CD. You could...

Two Crm Servers 08-19-05
What are the implications of having two CRM servers on the same AD? Meaning two different CRM Servers Looking at there Own SQL Databases One implication is that only one of your CRM systems will be email enabled. The CRM router can only handle one CRM system in the AD Forest "Need Some Help" <Need@news.microsoft.com> wrote in message news:Oa9oeCKpFHA.1304@TK2MSFTNGP10.phx.gbl... > What are the implications of having two CRM servers on the same AD? > > Meaning two different CRM Servers Looking at there Own SQL Databases > > Another implication is that ...

OWA - Form Based Authentication
Hello All: Have OWA setup for form based authentication and works fine. What I have noticed is that it is not dropping a cookie on the clients machine for either private or public selection. I'd really like to do away with this altogether if possible but it looks like not an option. Why would the server no generate the appropriate cookie? Client machine is setup to accept cookies so it looks to be a server side issue. Any help apprecaited. ...

Balances in Investment Account Don't Match Reality
Folks, How to change the account details in an investment account (IRA) where the some of the quantities of shares don't match the account? I don't see easy way to "correct", vs. Add Shares, Transfer, etc. I don't want to delete the account (to avoid having history disappear), Well, the first thing to do is probably to figure out where the difference came from. Is downloaded data involved? Also, what's wrong with Add/Remove Shares? "Rob Schneider" <rmschne@removetheones_b1e1e1b.net.net> wrote in message news:uBGVjgu$FHA.2996@TK2MSFTNGP09.phx...

Update Outlook Profile Outgoing Mail Server Settings
I need to create a PRF file that is generated on the fly for my users to just update the outgoing mail server settings for already present profiles - is this possible? If so, is it possible to do this for all versions of Outlook (2000, XP, 2003, Express)? Does anyone have any hints on how to accomplish this? Thanks, Jason Not possible. A PRF file can add a new Internet account, but it cannot = modify or delete an account.=20 --=20 Sue Mosher, Outlook MVP Author of Configuring Microsoft Outlook 2003 http://www.turtleflock.com/olconfig/index.htm and Microsoft Outlook Programmin...

Trouble Installing CRM - SQL Server
The CRM install gets stuck trying to find the SQL Server. Errors: "Can't find" or "SQL Agent must be on" yet it is on - I can SQL ping the server from the CRM server. The CRM admin has top Forest access to the SQL server. I've recycled the SQL services, rebooted booth CRM and SQL servers. Very misterious. Anybody have any ideas? I had some issues with this. I re-installed SQL server. It seems there is any issue with CRM and SQL if you add active directory to a server after you install SQL. "Darryl" wrote: > The CRM install gets stuck trying to...

Move Exchange to new server
Hello all Currently we have exchange 2003 sp2 installed on one of our 2000 DC\GC We have bought a new server that we will dedicate to Exchange only. After I move all the mailboxes, public folders, and system folders from the DC\GC\Exchange box to the dedicated server, can i then remove Exchange 2003 from the 2000 DC? If so could you please point me to the article on how to move exchange to another server, and how also how to remove exchange ? The dedicated server running Exhchagne will be 2003 sp1. We have 3 2000 DC in the forest that i will upgrade to 2003 Thanks Follow this artic...

Warning 1025 on exchange 2003 enterprise server
Hi Just today I saw a warning showing up in application log of my exchange server. I have exchange 2003 enterprise server with sp1. It is running on a dual processor server with storage connected to it. Since the upgrade from 5.5 (a month back) everything has been going very smooth. I tried to find a solution for this warning on Microsoft KB and eventid.net but cannot find the real cause/solution for 2003 exchange as all those Kbs are for 2000 or 5.5 exchange. The error exactly looks like this: Source: MSExchnageIS mailbox, Type: warning, category: general, eventid: 1025 An error occurred on...

Pivottables adding datafields not to be "counted"
Hi all! I use a pivottable to make a summary bestseller list Two columns [procuctname and sold]. No problem. The product that sells most at the top, but I would like to add fields to the right of productname like productnumber, productdetails etc. When I do I get all kinds of strange sums. I just want to add the fields for information not sums. Any advanced pivottable flyers out there? TIA /Mats ** Posted via: http://www.ozgrid.com Excel Templates, Training, Add-ins & Business Software Galore! Free Excel Forum http://www.ozgrid.com/forum *** Drag the Field from the Field Table to the ...

Migrating 3 GB Database to SQL Server Express
Here is an interesting situation. We need to migrate a customer from GP 7.5 on Pervasive to GP 9 on SQL Server 2005 Express. They have a number of 1 GB databases. No problem there. However they have an old database of 3.2 GB which has historical information. We need to move them to GP 7.5 on SQL Server 2000 before upgrading to GP 9.0 on SQL Server 2005. The historical database is larger than MSDE's 2 GB database limit. Is it possible to migrate them to SQL Server 2000 Standard, upgrade to version 9 and then copy the databases from SQL Server Standard to SQL Server Express 2005? I ...

About to upgrade Exchange server and want to double check!
All, I'm in the process of planning an upgrade for my Exchange server. I've searched and read on how I should go about this task, and I've settled on buying another server, build another Exchange server in my domain, test it, and slowly move my mailbox from the old server to the new server. Any pitfalls i should be aware of? Do you think this is a good plan? I've read somwhere that installing another Exchange server in the same domain might cause some problems, cause it messes with the schema and what not. Any opinions, thoughts and ideas is greatly appreciated! Thanks!...

Program works when running from debugger but not as an .EXE
Hi have a MFC program that reads voltage measurements from a mulitmeter via GPIB using VISA API. The program works find when running from the debugger but crash with the following error when running from the actual generated executable (and I even Debug executable not the Release executable). I using Visual C++ 6.0 running on Windows XP. I got the following error signature: AppName: arc.exe (this is my program) AppVer: 1.0.0.1 ModName: ntdll.dll ModVer: 5.1.2600.1217 Offset: 000085c0 any ideas? Please any advice would be greatly appreciated. Thanks. Have a look at this Article, it...

Adding a contact in Excel 2003
Hello All, Does anyone Knows how to add a contact to know his / her online presense in Excel 2003 / Word 2003. Any suggestions would be much helpful. Thanks John ...

Microsoft RMS and SQL Server 2000 (MSDE) or Server
Is it feasible to use SQL Server Replication or Merge processing to: 1. Do the initial load of a RMS items from a given suppliers set of 'Item' and 'Suppliers' records? 2. Maintain 'cost' or other data changes via SQL Server Replicaition or Merge. 3. Using SQL Server (bcp, utilities, etc) to do a correctly matched import of records into RMS as part of the initial install. 4. What tables record entries are needed to import bulk records into the 'item' table? (I know that the supplier table must have a record that matches...

How do I set up an account I don't know if it is a pop3, http,etc
I am trying to set up my e-mail accounts and all I keep getting are error messages. How do I know if it is a pop3, http, etc. and what do I do after that? Check your ISP website for details or call their technical support line. They will have all the information you require in order to set up your account. -- Kathleen Orland Blessed are the cracked, for it is they who let in the light Outlook Tips: http://www.outlook-tips.net/ http://www.howto-outlook.com/ "Lost" wrote: > I am trying to set up my e-mail accounts and all I keep getting are error > messages. How do...

Send email from SPECIFIC account only
I'm using Outlook 2002. I have three accounts: 1. myname@wherever.net -- used for personal emails 2. my.full.name@wherever.net -- used for business emails 3. name@school.edu -- still used for school emails (will be phased out) Accounts 1 & 2 use the same ISP. They are both alias addresses for <my.mungedname@wherever.net>. Account 3 is an IMAP account from a different ISP. I have rules to sort mail to separate folders: MYNAME folder and MY.FULL.NAME folder. They work. What I want is this: I want to work from the MYNAME folder, create a new email, and have it sent...

Can't Save Mail Accounts
Outlook Express 6.0 using XP won't let me save Mail Account Settings. They somehow disappeared off my computer and won't let me save them upon trying to reenter. Jeff Kahn <anonymous@discussions.microsoft.com> wrote: > Outlook Express 6.0 using XP won't let me save Mail > Account Settings. They somehow disappeared off my > computer and won't let me save them upon trying to > reenter. Ask in an Outlook Express newsgroup. -- Brian Tillman ...

Exchange 2003 Secondary Server Help!!!
Hi I have Exchange 2003 and Windows 2003 Active directory in the same machine I need a Failover system for this Clustring I know is the solution but it is hig expensive and we are not able to invest at this stage So is there a another solution for this Like installing a Secondary domain controller and Installing a Second Exchanhe Server on it Cna i able to replicate my database to the new build Exchange Server and bring it alive when my Primary goes down In Exchange 2003 There is recovery Storage Group but I tried this in the new exchange server and restoing the primary database Is this...

account register report
I am trying to find a way to develop a report that looks exactly like the account register and I'm going nuts trying. Is there a way to do this? There should be :-) -- Hank In microsoft.public.money, Hank wrote: >I am trying to find a way to develop a report that looks exactly like the >account register and I'm going nuts trying. > >Is there a way to do this? There should be :-) You can File->Print your account register. You could print it to a pretend "printer" that is really a text file. Thanks Cal, but I don't know how to do that. Print to Fil...

Message queue in local delivery
Dear all, I m having a problem with the message queue.Sometimes it could reach about 400 mails.So basically the server doesnt work.User couldnt see their mail or sent out in time. I got this report generated by www.dnsreport.com:"MAIL.gprotechnologies.com claims to be non-existent host certsvr.gprotechnologies.com:" So do you guys think this could be the cause of the problem?The server has been down for 4 days and I desprately need help. Thanks in advance On 30 May 2006 22:58:57 -0700, "hygan" <gansword@yahoo.com> wrote: >Dear all, > > I m havi...

Adding text in Publisher before the actual html e-mail message?
I am trying to send out an e-mail made in Publisher. It's a newsletter, but in case some people can not view the actual html image, I want to have a link to a page on our website with the same content. The only way I have been able to add this text prior to the message is to send it to myself and then fwd it with the appropriate message about the link. "if you cannot see the following message, click here." Does anyone know a way to add this additional message from the Publisher document? I would greatly appreciate some advice. Hi Camil- If I understand you correctly, y...