Jump to content

Welcome to MSFN Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message will be removed once you have signed in.
Login to Account Create an Account



Photo

LDAP in Win PE 2.0

- - - - -

  • Please log in to reply
22 replies to this topic

#1
TofuBug

TofuBug

    Newbie

  • Member
  • 33 posts
  • Joined 26-December 06
Quick question does anyone know how to get LDAP queries in WIN PE 2.0 to work

or another way to validate an AD account from PE through VBScript

Cheers,

Ryan Strope
Distributed Services
(Software package development/testing)
Lockheed Martin Systems Integration Owego
(Cyber City Computers)

ryan.strope@lmco.com
(607)751-1164

Quid quid latine dictum sit, altum videtur



How to remove advertisement from MSFN

#2
mats

mats

    Member

  • Member
  • PipPip
  • 206 posts
  • Joined 10-May 05
Have you checked that you got the adsi dll files in your PE image and that they are registred?

#3
TofuBug

TofuBug

    Newbie

  • Member
  • 33 posts
  • Joined 26-December 06

Have you checked that you got the adsi dll files in your PE image and that they are registred?



where would i find a complete list of dll files needed, all i can find on microsoft's site is example scripts and some adsi tools

Cheers,

Ryan Strope
Distributed Services
(Software package development/testing)
Lockheed Martin Systems Integration Owego
(Cyber City Computers)

ryan.strope@lmco.com
(607)751-1164

Quid quid latine dictum sit, altum videtur


#4
Br4tt3

Br4tt3

    World famous sausage eater...

  • Member
  • PipPipPipPip
  • 566 posts
  • Joined 20-April 04
Hi!

I have never done it for WinPE 2.0 but I did it for WinPE 2005 (2003 SP1) and I used Johan Arwidmarks guide on MyITForum to acchieve it: I dunno if the same .dll files and so on are ported over to WinPE 2.0 (Vista) but why not go ahead and try it out, and report back if it works..... :)

The following files are needed within WinPE 2005:

1. activeds.tlb
2. adsldp.dll

And the guide link is:

http://www.myitforum...iew.asp?id=8810

Hope it solves it for u...
Sponsored by Swedish Meat!
Tha Sausage Eater...

Please read before posting in forums: http://support.microsoft.com/kb/555375

#5
TofuBug

TofuBug

    Newbie

  • Member
  • 33 posts
  • Joined 26-December 06

Hi!

I have never done it for WinPE 2.0 but I did it for WinPE 2005 (2003 SP1) and I used Johan Arwidmarks guide on MyITForum to acchieve it: I dunno if the same .dll files and so on are ported over to WinPE 2.0 (Vista) but why not go ahead and try it out, and report back if it works..... :)

The following files are needed within WinPE 2005:

1. activeds.tlb
2. adsldp.dll

And the guide link is:

http://www.myitforum...iew.asp?id=8810

Hope it solves it for u...



Thanks a bunch that looks like something i can get to work.

I'll post again and let everyone know how it goes when i get in my office monday.

Cheers,

Ryan Strope
Distributed Services
(Software package development/testing)
Lockheed Martin Systems Integration Owego
(Cyber City Computers)

ryan.strope@lmco.com
(607)751-1164

Quid quid latine dictum sit, altum videtur


#6
TofuBug

TofuBug

    Newbie

  • Member
  • 33 posts
  • Joined 26-December 06
well i tried copying over those dll files and noticed that the PE 2.0 CD already contains the Type library left it along on one cd and replaced it with the old Type Library from XP.

I have scripting and everything installed and working, i even have msjetoledb40.dll registered for database calls but i always get the same error

Error: Invalid Syntax

Code: 800401E4

here's some of the variations i've tried all work normally under windows

Dim objRootDSE
Set objRootDSE = GetObject("LDAP://ACCT05.us.lmco.com/rootDSE")

Dim objRootDSE
Set objRootDSE = GetObject("LDAP://rootDSE")

and a few other's i don't have the scripts handy for to copy them in.

it does not like the Set objRootDSE line at all no matter how i change things around.

all of them work in windows xp but refuse to work in pe 2.0

any thoughts?

Cheers,

Ryan Strope
Distributed Services
(Software package development/testing)
Lockheed Martin Systems Integration Owego
(Cyber City Computers)

ryan.strope@lmco.com
(607)751-1164

Quid quid latine dictum sit, altum videtur


#7
Br4tt3

Br4tt3

    World famous sausage eater...

  • Member
  • PipPipPipPip
  • 566 posts
  • Joined 20-April 04
You say they all work in WinXP! Is that WinPE based on WinXP or on a full blown domain joined XP box? Cause the only thing that I have seen is that, if you try to access the LDAP service (AD) from a workgrouped machine (which WinPE is) then u also need to supply a connection context (user and pass) for the adsi script. Another thing that I had some problems with earlier was that I could not request the RootDSE object (which is used for binds) until I had autenticated.... I connected to my LDAP using: LDAP://<domain.com> format to get it to work...

If u are having troubble connecting from ur WinPE to the AD, then maby u wanna add a little LDAP browser so that u can more easily see if also fails, or it works, then u know that the underlying LDAP support is in place. I recommend a tool called: adsvw.exe (MS - Active Directory Browser) which is a single .exe file.
Sponsored by Swedish Meat!
Tha Sausage Eater...

Please read before posting in forums: http://support.microsoft.com/kb/555375

#8
contra

contra
  • Member
  • 3 posts
  • Joined 18-December 06

Quick question does anyone know how to get LDAP queries in WIN PE 2.0 to work

or another way to validate an AD account from PE through VBScript

Cheers,



I called MS support and MS told me that WIN PE 2.0 doesn't support ADSI. :( I'm trying to find a way to query AD in Win PE.

#9
Br4tt3

Br4tt3

    World famous sausage eater...

  • Member
  • PipPipPipPip
  • 566 posts
  • Joined 20-April 04
Dont buy into what they say.... ;)

I dont think they supported ADSI below WinPE based on XP or 2003 either (if I am not mistaken), that does not mean it does not work..... like I said, I have not tried it but I can for example see that they are using some kind of provide within WinPE 2.0 that comes with BDD 2007. For example, they try to use the WinNT provide which is not ADSI but anyway....
Sponsored by Swedish Meat!
Tha Sausage Eater...

Please read before posting in forums: http://support.microsoft.com/kb/555375

#10
mattffrost

mattffrost

    Newbie

  • Member
  • 34 posts
  • Joined 18-July 06
I have got LDAP to work in WINPE.

From the Vista install.wim I added the follwoing files to the WINPE 2.0 boot.wim

adsldp.dll
adsnt.dll
mscoree.dll
mscorier.dll
mscories.dll

I then added to the sofware hive of WINPE 2.0 boot.wim the follwowing entries. Note you can load the hive and call int PE_software. You could cut and paste this into a .reg file and execute it.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\ADs]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\ADs\Clsid]
@="{4753da60-5b71-11cf-b035-00aa006e0975}"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\ADsDSOObject]
@="OLE DB Provider for Microsoft Directory Services"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\ADsDSOObject\Clsid]
@="{549365d0-ec26-11cf-8310-00aa00b505db}"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\ADsNamespaces]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\ADsNamespaces\Clsid]
@="{233664b0-0367-11cf-abc4-02608c9e7553}"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\ADsSecurityUtility]
@="ADs Security Utility Object"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\ADsSecurityUtility\Clsid]
@="{f270c64a-ffb8-4ae4-85fe-3a75e5347966}"
[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\ADSystemInfo]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\ADSystemInfo\Clsid]
@="{50B6327F-AFD1-11d2-9CB9-0000F87A369E}"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{4753da60-5b71-11cf-b035-00aa006e0975}]
@="ADs Provider Object"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{4753da60-5b71-11cf-b035-00aa006e0975}\InprocServer32]
@="activeds.dll"
"ThreadingModel"="Both"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{4753da60-5b71-11cf-b035-00aa006e0975}\ProgID]
@="ADs"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{4753da60-5b71-11cf-b035-00aa006e0975}\TypeLib]
@="{97d25db0-0363-11cf-abc4-02608c9e7553}"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{4753da60-5b71-11cf-b035-00aa006e0975}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{549365d0-ec26-11cf-8310-00aa00b505db}]
@="ADsDSOObject"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{549365d0-ec26-11cf-8310-00aa00b505db}\InprocServer32]
@="activeds.dll"
"ThreadingModel"="Both"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{549365d0-ec26-11cf-8310-00aa00b505db}\OLE DB Provider]
@="OLE DB Provider for Microsoft Directory Services"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{549365d0-ec26-11cf-8310-00aa00b505db}\ProgID]
@="ADsDSOObject"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{233664b0-0367-11cf-abc4-02608c9e7553}]
@="ADs Namespaces Object"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{233664b0-0367-11cf-abc4-02608c9e7553}\InprocServer32]
@="activeds.dll"
"ThreadingModel"="Both"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{233664b0-0367-11cf-abc4-02608c9e7553}\ProgID]
@="ADsNamespaces"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{233664b0-0367-11cf-abc4-02608c9e7553}\TypeLib]
@="{97d25db0-0363-11cf-abc4-02608c9e7553}"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{233664b0-0367-11cf-abc4-02608c9e7553}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{f270c64a-ffb8-4ae4-85fe-3a75e5347966}]
@="ADs Security Utility Object"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{f270c64a-ffb8-4ae4-85fe-3a75e5347966}\InprocServer32]
@="activeds.dll"
"ThreadingModel"="Both"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{f270c64a-ffb8-4ae4-85fe-3a75e5347966}\ProgID]
@="ADsSecurityUtility"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{f270c64a-ffb8-4ae4-85fe-3a75e5347966}\TypeLib]
@="{97d25db0-0363-11cf-abc4-02608c9e7553}"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{f270c64a-ffb8-4ae4-85fe-3a75e5347966}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{50B6327F-AFD1-11d2-9CB9-0000F87A369E}]
@="AD System Info Object"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{50B6327F-AFD1-11d2-9CB9-0000F87A369E}\InprocServer32]
@="adsldp.dll"
"ThreadingModel"="Both"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{50B6327F-AFD1-11d2-9CB9-0000F87A369E}\ProgID]
@="ADSystemInfo"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{50B6327F-AFD1-11d2-9CB9-0000F87A369E}\TypeLib]
@="{97d25db0-0363-11cf-abc4-02608c9e7553}"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{50B6327F-AFD1-11d2-9CB9-0000F87A369E}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{4de7016c-5ef9-11d1-8c13-00c04fd8d503}]
@="Microsoft User Extension"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{4de7016c-5ef9-11d1-8c13-00c04fd8d503}\InprocServer32]
@="adsmsext.dll"
"ThreadingModel"="Both"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{4de7016c-5ef9-11d1-8c13-00c04fd8d503}\ProgID]
@="MSExtUser"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{4de7016c-5ef9-11d1-8c13-00c04fd8d503}\TypeLib]
@="{97d25db0-0363-11cf-abc4-02608c9e7553}"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{4de7016c-5ef9-11d1-8c13-00c04fd8d503}\Version]
@="1.0"


[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{94a909a5-6f52-11d1-8c18-00c04fd8d503}]
@="Microsoft Group Extension"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{94a909a5-6f52-11d1-8c18-00c04fd8d503}\InprocServer32]
@="adsmsext.dll"
"ThreadingModel"="Both"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{94a909a5-6f52-11d1-8c18-00c04fd8d503}\ProgID]
@="MSExtGroup"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{94a909a5-6f52-11d1-8c18-00c04fd8d503}\TypeLib]
@="{97d25db0-0363-11cf-abc4-02608c9e7553}"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{94a909a5-6f52-11d1-8c18-00c04fd8d503}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{2dfb3a35-6071-11d1-8c13-00c04fd8d503}]
@="Microsoft Locality Extension"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{2dfb3a35-6071-11d1-8c13-00c04fd8d503}\InprocServer32]
@="adsmsext.dll"
"ThreadingModel"="Both"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{2dfb3a35-6071-11d1-8c13-00c04fd8d503}\ProgID]
@="MSExtLocality"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{2dfb3a35-6071-11d1-8c13-00c04fd8d503}\TypeLib]
@="{97d25db0-0363-11cf-abc4-02608c9e7553}"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{2dfb3a35-6071-11d1-8c13-00c04fd8d503}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{dccc0bed-6066-11d1-8c13-00c04fd8d503}]
@="Microsoft Organization Extension"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{dccc0bed-6066-11d1-8c13-00c04fd8d503}\InprocServer32]
@="adsmsext.dll"
"ThreadingModel"="Both"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{dccc0bed-6066-11d1-8c13-00c04fd8d503}\ProgID]
@="MSExtOrganization"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{dccc0bed-6066-11d1-8c13-00c04fd8d503}\TypeLib]
@="{97d25db0-0363-11cf-abc4-02608c9e7553}"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{dccc0bed-6066-11d1-8c13-00c04fd8d503}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{fd8d3a5f-6066-11d1-8c13-00c04fd8d503}]
@="Microsoft OrganizationUnit Extension"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{fd8d3a5f-6066-11d1-8c13-00c04fd8d503}\InprocServer32]
@="adsmsext.dll"
"ThreadingModel"="Both"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{fd8d3a5f-6066-11d1-8c13-00c04fd8d503}\ProgID]
@="MSExtOrganizationUnit"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{fd8d3a5f-6066-11d1-8c13-00c04fd8d503}\TypeLib]
@="{97d25db0-0363-11cf-abc4-02608c9e7553}"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{fd8d3a5f-6066-11d1-8c13-00c04fd8d503}\Version]
@="1.0"


[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{9f37f39c-6f49-11d1-8c18-00c04fd8d503}]
@="Microsoft PrintQueue Extension"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{9f37f39c-6f49-11d1-8c18-00c04fd8d503}\InprocServer32]
@="adsmsext.dll"
"ThreadingModel"="Both"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{9f37f39c-6f49-11d1-8c18-00c04fd8d503}\ProgID]
@="MSExtPrintQueue"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{9f37f39c-6f49-11d1-8c18-00c04fd8d503}\TypeLib]
@="{97d25db0-0363-11cf-abc4-02608c9e7553}"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\CLSID\{9f37f39c-6f49-11d1-8c18-00c04fd8d503}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\TypeLib\{97d25db0-0363-11cf-abc4-02608c9e7553}]

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\TypeLib\{97d25db0-0363-11cf-abc4-02608c9e7553}\1.0]
@="Active DS Type Library"

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\TypeLib\{97d25db0-0363-11cf-abc4-02608c9e7553}\1.0]

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\TypeLib\{97d25db0-0363-11cf-abc4-02608c9e7553}\1.0\win32]
@=hex(2):43,00,3a,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,5c,00,73,\
00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,61,00,63,00,74,00,69,00,\
76,00,65,00,64,00,73,00,2e,00,74,00,6c,00,62,00,00,00

[HKEY_LOCAL_MACHINE\pe_SOFTWARE\Classes\TypeLib\{97d25db0-0363-11cf-abc4-02608c9e7553}\1.0\FLAGS]
@="0"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{228D9A81-C302-11cf-9AA4-00AA004A5691}]
@="LDAP Provider Object"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{228D9A81-C302-11cf-9AA4-00AA004A5691}\InprocServer32]
@="adsldp.dll"
"ThreadingModel"="Both"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{228D9A81-C302-11cf-9AA4-00AA004A5691}\ProgID]
@="LDAP"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{228D9A81-C302-11cf-9AA4-00AA004A5691}\TypeLib]
@="{97d25db0-0363-11cf-abc4-02608c9e7553}"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{228D9A81-C302-11cf-9AA4-00AA004A5691}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{228D9A82-C302-11cf-9AA4-00AA004A5691}]
@="LDAP Namespace Object"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{228D9A82-C302-11cf-9AA4-00AA004A5691}\InprocServer32]
@="adsldp.dll"
"ThreadingModel"="Both"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{228D9A82-C302-11cf-9AA4-00AA004A5691}\ProgID]
@="LDAPNamespace"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{228D9A82-C302-11cf-9AA4-00AA004A5691}\TypeLib]
@="{97d25db0-0363-11cf-abc4-02608c9e7553}"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{228D9A82-C302-11cf-9AA4-00AA004A5691}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{274fae1f-3626-11d1-a3a4-00c04fb950dc}]
@="ADs LDAP NameTranslate Object"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{274fae1f-3626-11d1-a3a4-00c04fb950dc}\InprocServer32]
@="adsldp.dll"
"ThreadingModel"="Both"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{274fae1f-3626-11d1-a3a4-00c04fb950dc}\ProgID]
@="NameTranslate"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{274fae1f-3626-11d1-a3a4-00c04fb950dc}\TypeLib]
@="{97d25db0-0363-11cf-abc4-02608c9e7553}"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{274fae1f-3626-11d1-a3a4-00c04fb950dc}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{50B6327F-AFD1-11d2-9CB9-0000F87A369E}]
@="AD System Info Object"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{50B6327F-AFD1-11d2-9CB9-0000F87A369E}\InprocServer32]
@="adsldp.dll"
"ThreadingModel"="Both"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{50B6327F-AFD1-11d2-9CB9-0000F87A369E}\ProgID]
@="ADSystemInfo"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{50B6327F-AFD1-11d2-9CB9-0000F87A369E}\TypeLib]
@="{97d25db0-0363-11cf-abc4-02608c9e7553}"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{50B6327F-AFD1-11d2-9CB9-0000F87A369E}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP]
@="LDAPNamespace"
"Aliases"="GC"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\Computer]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\Computer\{4de7016c-5ef9-11d1-8c13-00c04fd8d503}]
"Interfaces"=hex(7):7b,00,33,00,65,00,33,00,37,00,65,00,33,00,32,00,30,00,2d,\
00,31,00,37,00,65,00,32,00,2d,00,31,00,31,00,63,00,66,00,2d,00,61,00,62,00,\
63,00,34,00,2d,00,30,00,32,00,36,00,30,00,38,00,63,00,39,00,65,00,37,00,35,\
00,35,00,33,00,7d,00,00,00,00,00

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\Group]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\Group\{94a909a5-6f52-11d1-8c18-00c04fd8d503}]
"Interfaces"=hex(7):7b,00,32,00,37,00,36,00,33,00,36,00,62,00,30,00,30,00,2d,\
00,34,00,31,00,30,00,66,00,2d,00,31,00,31,00,63,00,66,00,2d,00,62,00,31,00,\
66,00,66,00,2d,00,30,00,32,00,36,00,30,00,38,00,63,00,39,00,65,00,37,00,35,\
00,35,00,33,00,7d,00,00,00,00,00

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\groupOfNames]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\groupOfNames\{94a909a5-6f52-11d1-8c18-00c04fd8d503}]
"Interfaces"=hex(7):7b,00,32,00,37,00,36,00,33,00,36,00,62,00,30,00,30,00,2d,\
00,34,00,31,00,30,00,66,00,2d,00,31,00,31,00,63,00,66,00,2d,00,62,00,31,00,\
66,00,66,00,2d,00,30,00,32,00,36,00,30,00,38,00,63,00,39,00,65,00,37,00,35,\
00,35,00,33,00,7d,00,00,00,00,00

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\groupOfUniqueNames]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\groupOfUniqueNames\{94a909a5-6f52-11d1-8c18-00c04fd8d503}]
"Interfaces"=hex(7):7b,00,32,00,37,00,36,00,33,00,36,00,62,00,30,00,30,00,2d,\
00,34,00,31,00,30,00,66,00,2d,00,31,00,31,00,63,00,66,00,2d,00,62,00,31,00,\
66,00,66,00,2d,00,30,00,32,00,36,00,30,00,38,00,63,00,39,00,65,00,37,00,35,\
00,35,00,33,00,7d,00,00,00,00,00

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\Locality]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\Locality\{2dfb3a35-6071-11d1-8c13-00c04fd8d503}]
"Interfaces"=hex(7):7b,00,61,00,30,00,35,00,65,00,30,00,33,00,61,00,32,00,2d,\
00,65,00,66,00,66,00,65,00,2d,00,31,00,31,00,63,00,66,00,2d,00,38,00,61,00,\
62,00,63,00,2d,00,30,00,30,00,63,00,30,00,34,00,66,00,64,00,38,00,64,00,35,\
00,30,00,33,00,7d,00,00,00,00,00

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\Organization]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\Organization\{dccc0bed-6066-11d1-8c13-00c04fd8d503}]
"Interfaces"=hex(7):7b,00,61,00,31,00,63,00,64,00,32,00,64,00,63,00,36,00,2d,\
00,65,00,66,00,66,00,65,00,2d,00,31,00,31,00,63,00,66,00,2d,00,38,00,61,00,\
62,00,63,00,2d,00,30,00,30,00,63,00,30,00,34,00,66,00,64,00,38,00,64,00,35,\
00,30,00,33,00,7d,00,00,00,00,00

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\Organizational Unit]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\Organizational Unit\{fd8d3a5f-6066-11d1-8c13-00c04fd8d503}]
"Interfaces"=hex(7):7b,00,61,00,32,00,66,00,37,00,33,00,33,00,62,00,38,00,2d,\
00,65,00,66,00,66,00,65,00,2d,00,31,00,31,00,63,00,66,00,2d,00,38,00,61,00,\
62,00,63,00,2d,00,30,00,30,00,63,00,30,00,34,00,66,00,64,00,38,00,64,00,35,\
00,30,00,33,00,7d,00,00,00,00,00

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\organizationalPerson]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\organizationalPerson\{4de7016c-5ef9-11d1-8c13-00c04fd8d503}]
"Interfaces"=hex(7):7b,00,33,00,65,00,33,00,37,00,65,00,33,00,32,00,30,00,2d,\
00,31,00,37,00,65,00,32,00,2d,00,31,00,31,00,63,00,66,00,2d,00,61,00,62,00,\
63,00,34,00,2d,00,30,00,32,00,36,00,30,00,38,00,63,00,39,00,65,00,37,00,35,\
00,35,00,33,00,7d,00,00,00,00,00

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\OrganizationalUnit]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\OrganizationalUnit\{fd8d3a5f-6066-11d1-8c13-00c04fd8d503}]
"Interfaces"=hex(7):7b,00,61,00,32,00,66,00,37,00,33,00,33,00,62,00,38,00,2d,\
00,65,00,66,00,66,00,65,00,2d,00,31,00,31,00,63,00,66,00,2d,00,38,00,61,00,\
62,00,63,00,2d,00,30,00,30,00,63,00,30,00,34,00,66,00,64,00,38,00,64,00,35,\
00,30,00,33,00,7d,00,00,00,00,00

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\person]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\person\{4de7016c-5ef9-11d1-8c13-00c04fd8d503}]
"Interfaces"=hex(7):7b,00,33,00,65,00,33,00,37,00,65,00,33,00,32,00,30,00,2d,\
00,31,00,37,00,65,00,32,00,2d,00,31,00,31,00,63,00,66,00,2d,00,61,00,62,00,\
63,00,34,00,2d,00,30,00,32,00,36,00,30,00,38,00,63,00,39,00,65,00,37,00,35,\
00,35,00,33,00,7d,00,00,00,00,00

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\PrintQueue]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\PrintQueue\{9f37f39c-6f49-11d1-8c18-00c04fd8d503}]
"Interfaces"=hex(7):7b,00,62,00,31,00,35,00,31,00,36,00,30,00,64,00,30,00,2d,\
00,31,00,32,00,32,00,36,00,2d,00,31,00,31,00,63,00,66,00,2d,00,61,00,39,00,\
38,00,35,00,2d,00,30,00,30,00,61,00,61,00,30,00,30,00,36,00,62,00,63,00,31,\
00,34,00,39,00,7d,00,00,00,7b,00,31,00,32,00,34,00,62,00,65,00,35,00,63,00,\
30,00,2d,00,31,00,35,00,36,00,65,00,2d,00,31,00,31,00,63,00,66,00,2d,00,61,\
00,39,00,38,00,36,00,2d,00,30,00,30,00,61,00,61,00,30,00,30,00,36,00,62,00,\
63,00,31,00,34,00,39,00,7d,00,00,00,00,00

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\residentialPerson]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\residentialPerson\{4de7016c-5ef9-11d1-8c13-00c04fd8d503}]
"Interfaces"=hex(7):7b,00,33,00,65,00,33,00,37,00,65,00,33,00,32,00,30,00,2d,\
00,31,00,37,00,65,00,32,00,2d,00,31,00,31,00,63,00,66,00,2d,00,61,00,62,00,\
63,00,34,00,2d,00,30,00,32,00,36,00,30,00,38,00,63,00,39,00,65,00,37,00,35,\
00,35,00,33,00,7d,00,00,00,00,00

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\User]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\LDAP\Extensions\User\{4de7016c-5ef9-11d1-8c13-00c04fd8d503}]
"Interfaces"=hex(7):7b,00,33,00,65,00,33,00,37,00,65,00,33,00,32,00,30,00,2d,\
00,31,00,37,00,65,00,32,00,2d,00,31,00,31,00,63,00,66,00,2d,00,61,00,62,00,\
63,00,34,00,2d,00,30,00,32,00,36,00,30,00,38,00,63,00,39,00,65,00,37,00,35,\
00,35,00,33,00,7d,00,00,00,00,00

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\WinNT]
@="WinNTNamespace"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\WinNT\Extensions]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Microsoft\ADs\Providers\WinNT\Extensions\User]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\LDAP]
@="URL:LDAP Protocol"
"EditFlags"=hex:02,00,00,00
"URL Protocol"=""

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\LDAP\Clsid]
@="{228D9A81-C302-11cf-9AA4-00AA004A5691}"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\LDAP\shell]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\LDAP\shell\open]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\LDAP\shell\open\command]
@=hex(2):22,00,25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,6c,\
00,65,00,73,00,25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,\
4d,00,61,00,69,00,6c,00,5c,00,77,00,61,00,62,00,2e,00,65,00,78,00,65,00,22,\
00,20,00,22,00,2f,00,6c,00,64,00,61,00,70,00,3a,00,25,00,31,00,22,00,00,00,\
00,00


[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\LDAPNamespace]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\LDAPNamespace\Clsid]
@="{228D9A82-C302-11cf-9AA4-00AA004A5691}"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\WinNT]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\WinNT\Clsid]
@="{8b20cd60-0f29-11cf-abc4-02608c9e7553}"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\WinNTNamespace]

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\WinNTNamespace\Clsid]
@="{250e91a0-0367-11cf-abc4-02608c9e7553}"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{250e91a0-0367-11cf-abc4-02608c9e7553}]
@="WinNT Namespace Object"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{250e91a0-0367-11cf-abc4-02608c9e7553}\InprocServer32]
@="adsnt.dll"
"ThreadingModel"="Both"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{250e91a0-0367-11cf-abc4-02608c9e7553}\ProgID]
@="WinNTNamespace"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{250e91a0-0367-11cf-abc4-02608c9e7553}\TypeLib]
@="{97d25db0-0363-11cf-abc4-02608c9e7553}"

[HKEY_LOCAL_MACHINE\PE_SOFTWARE\Classes\CLSID\{250e91a0-0367-11cf-abc4-02608c9e7553}\Version]
@="1.0"


I also install the wmi, scritping, xml, hta and mdac packates to Winpe 2.0 boot.wim.

When you boot into winpe with the new boot.wim the network must be running along with DNS to bind.

Matt

#11
Br4tt3

Br4tt3

    World famous sausage eater...

  • Member
  • PipPipPipPip
  • 566 posts
  • Joined 20-April 04
n1....
Sponsored by Swedish Meat!
Tha Sausage Eater...

Please read before posting in forums: http://support.microsoft.com/kb/555375

#12
Typewriter

Typewriter
  • Member
  • 6 posts
  • Joined 15-March 07
EDIT: After turning on my brain, I got it to work by using your example matt.

However, you have to edit the SOFTWARE hive in offline mode, because the WinPE regestry is locked when the OS is running, thus you can't just run a .reg file and hope that it would work.

And, its not even needed to register the added dlls, it just works.

Edited by Typewriter, 16 March 2007 - 04:46 AM.

If Batch can't handle it, its not worth doing.

#13
mattffrost

mattffrost

    Newbie

  • Member
  • 34 posts
  • Joined 18-July 06
TofuBug,

Yes that is correct edit the software hive in offline mode. Sorry I did not specify this better, glad you got it to work and that is good to know you do not need those dll's for some reason in my testing I thought you did but I will take your work for it.

Matt

#14
dem3tre

dem3tre
  • Member
  • 2 posts
  • Joined 08-April 05
Matt could you quickly describe the process you followed to identify the registry settings that needed to be added to the software hive? This is the one part I continually struggle with....identifying files needed pretty easy, catching registry settings from all the chaff seems a bit like voodoo magic.

Thanks!

#15
TofuBug

TofuBug

    Newbie

  • Member
  • 33 posts
  • Joined 26-December 06
To All,

I'm kind of excited but kind it's sort of surreal that this is my first Post of a fix to my own problem

First off I would like to thank everyone who took the time to comment and help out with this especially Br4tt3

Turns out ADSI was functioning just fine in PE (after adding the required files and registry updates to the WIM)

The problem as Br4tt3 alluded to was in the script itself. Unfortunately I do not know EVERYTHING about ADSI... :blushing: ...Yet... :sneaky: So I completely missed the relevance

Also apparently looking at the date of this first post it's been almost a year of leaving this on the back burner while I cooked up other tools and utilities for the corporation. So cue the Elton John Lion King theme song (just trust me it will make sense later)

I would like to share with anyone who is interested briefly how I came to the stunningly obvious "WOW I'm an ID10T!!!!" epiphany

I had been tasked middle of the year to develop a tool to allow our Computer Imaging Administrators to be able to quickly and efficiently create computer accounts in AD with specific security groups assigned to its ACE's for stuff like Joining the domain, rename etc.

In the end I came up with a centralized HTA which allowed for traversing the active OU structure in either direction. The tool also defaulted to use cached credentials for ADSI operations but had the option to enter a domain User Name and Password to validate using the OpenDSObject() method so the tool can be run on an account that may not have the same level of permissions needed to create a computer in AD

Long story short works like a charm and even after 6 months of minor OU restructuring I haven't had to modify the code once (if you can't tell I strive to develop tools that can adapt within reason to environmental changes)

The biggest thing I took out of that project was how to consistently validate a domain user name and password in a script using LDAP

Function ValidLogin(UserName,Password)
	On Error Resume Next
	Set ValidLogin= GetObject("LDAP:").OpenDSObject("LDAP://" & GetObject("LDAP://rootDSE").Get("defaultNamingContext"), UserName, Password, 1)
	ValidLogin = (Err.Number = 0)
End Function

Anything I develop now that requires a user name and password I use that function or a variation on it (really makes it nicer on the technicians who have to use my tools so they don't have to remember other passwords and logins)

Fast Forward to about a week ago....

I was again tasked with creating a similar tool this time to allow a computer in a workgroup to both create its own account in AD and join itself to its domain.

So... being the lazy developer I am :whistle:

I ripped out the core code for creating the computer accounts in AD from my other tool, wrapped it in a simple HTA with a login prompt using the same LDAP based validation (to allow for entering a user's credentials with enough privileges to actually create the account in AD) and an Add Computer button.

I tossed it all on a test machine I had deliberately deleted from AD

Ran it and...........

"Invalid user name or password?"........... :angry:

Retried password ........

"Invalid user name or password??"...........

Tried another login.......

"Enough already with the Invalid user name or password!!!!!".......... :realmad:

Finally had the clarity to load up Visual Studio 2005, attach to the HTA's process and debug the sucker.

That's when I realized I wasn't even getting an object back from the GetObject("LDAP://RootDSE") method....... :blushing: might explain why nothing is working right.

Shortly thereafter I had the "You dumb a** the computer isn't even part of the domain so AD is OBLIVIOUS to its LDAPesque attempts to talk to the domain" moment

A few Google searches later and I had my answer, server binding directly to a domain controller

In a nutshell

Set Domain = GetObject("LDAP:").OpenDSObject("LDAP://DC=MyDomain,DC=com",UserName,Password,1)

becomes...

Set Domain = GetObject("LDAP:").OpenDSObject("LDAP://MyDomainController/DC=MyDomain,DC=Com",MyDomain\UserName,Password,1 + 512)

where the three important changes are

  • LDAP:// -> LDAP://MyDomainController/
  • UserName -> MyDomain\UserName
  • 1 -> 1 + 512 (1 is ADSI Secure Authentication, and 512 is ADSI Server Bind)

Once I had updated the code to bind to the domain controller viola suddenly my tool liked my user name and passwords again and it was able to create the computer account in AD without a hitch.

Fast forward again to a few hours ago.

Booted up PE 2.0 to reimage my laptop (I had fried the OS testing piloted software for the corporation) symbolically beginning the end of the obligatory circle of life for me this year. (told you it would make sense later... the background music in your head should now be raising to that nice crescendo during the bridge, you know the part where you're supposed to get all emotional and "identify" with the main character as he stuggles to overcome....yeah......never mind.)

As I was waiting for Ghost to backup my exiting data I finally put 2 and 2 together,

Thank you high school logic chapter in math...

If computer is in a WORKGROUP then it must use a server bind to a domain controller to access AD

PE 2.0 loads in a WORKGROUP

So...... drum roll please,

If a computer is running PE 2.0 then it must use a server bind to a domain controller to access AD

Seemed simple enough logic in my head, so while I waited for ghost to backup my data from the laptop I tossed open VBSEdit in PE's command prompt and mashed together a quick and dirty script to return a computer with a distinguished name I already knew of the top of my head using the domain controller server binding. A few lines of code later and a quick running of the script and all I can really say is.

:w00t: Yay......It works!!!!!

So that's my long drawn out story.

In the end I have learned 3 infallible truths out of this experience

  • Even plastic soft touch keyboards will make your forehead bleed if you beat it against it enough
  • If you lose enough blood it’s hard to focus on your computer screen or remember things like your name.
  • Keyboard keys tend to stick when blood dries under them

I'm hoping it will at least help someone avoid having to clean and disinfect their keyboard... or at the very least give someone a cheap laugh at my expense

Cheers,

Quick question does anyone know how to get LDAP queries in WIN PE 2.0 to work

or another way to validate an AD account from PE through VBScript

Cheers,


Ryan Strope
Distributed Services
(Software package development/testing)
Lockheed Martin Systems Integration Owego
(Cyber City Computers)

ryan.strope@lmco.com
(607)751-1164

Quid quid latine dictum sit, altum videtur


#16
shawn_wall

shawn_wall
  • Member
  • 1 posts
  • Joined 20-July 06
I'm having an issue getting ADO to work correctly under Windows PE 2.0, I've added the files above modified the software hive and still can't get this to work. What I'm trying to do is run a query against a AD server to determine if a computer account exists in the directory. And even after following the steps above I'm still getting a "ActiveX component can't create object: 'ADOBD.Connection'". I've also noticed that if I try to regsvr32 the added DLL's I get a "The module <dllname>.dll was loaded but the entry-point DllRegisterServer was not found". I'm including the script I'm working on assuming that it's something I messed up as other people have gotten this working.

Many thanks in advance
Shawn

 
Set args = WScript.Arguments
If Wscript.Arguments.Count = 0 Then
Wscript.echo "No server name supplied"
Wscript.Quit 2
End If

strCompName = args.Item(0)

Set conn = CreateObject("ADODB.Connection")
Set cmd = CreateObject("ADODB.Command")
conn.provider = "adsdsoobject"
Conn.Properties("User ID") = "<Serviceacct>"
Conn.Properties("Password") = "<Password>"
Conn.Properties("Encrypt Password") = TRUE
Conn.Properties("ADSI Flag") = 3
conn.open "Active Directory Provider"

Set cmd.activeconnection = conn
cmd.commandtext = "<LDAP://hqdc01.nvidia.com/DC=nvidia,DC=com>;(&(objectcategory=computer)(objectclass=computer)(cn=" & strCompName & "));cn;subtree"
Set rs = cmd.Execute
If rs.recordcount <> 0 Then
Wscript.echo "Server already exists in the domain"
Wscript.Quit 1
End If


#17
gadget

gadget

    Member

  • Member
  • PipPip
  • 197 posts
  • Joined 02-January 04
I take it you like typing TofuBug. It's nice when a plan comes together.

#18
TofuBug

TofuBug

    Newbie

  • Member
  • 33 posts
  • Joined 26-December 06

I take it you like typing TofuBug. It's nice when a plan comes together.


It's not so much that I like typing just my fingers tend to ramble on and on (usually because they're trying to play catch-up to my thought process)

I just need fingers that have the same reaction time as oh say a synapse firing.

And Yes Yes it is. :)

Ryan Strope
Distributed Services
(Software package development/testing)
Lockheed Martin Systems Integration Owego
(Cyber City Computers)

ryan.strope@lmco.com
(607)751-1164

Quid quid latine dictum sit, altum videtur


#19
justinp

justinp
  • Member
  • 1 posts
  • Joined 17-July 08
No luck for me :(

 
Set Domain = GetObject("LDAP:").OpenDSObject("LDAP://MyDomainController/DC=MyDomain,DC=Com",MyDomain\UserName,Password,1 + 512) 


...gets me an "Invalid Syntax" message.

Any suggestions?

Thanks

Justin

#20
TofuBug

TofuBug

    Newbie

  • Member
  • 33 posts
  • Joined 26-December 06

No luck for me :(

Set Domain = GetObject("LDAP:").OpenDSObject("LDAP://MyDomainController/DC=MyDomain,DC=Com",MyDomain\UserName,Password,1 + 512)

...gets me an "Invalid Syntax" message.

Any suggestions?

Thanks

Justin


Justin

Can't really tell you what specifically is causing this since i'm not going to ask you what DC's you are using and what User Name and password you are using but I'm assuming you know what one of your domain controllers are and the domain you are on and have a user name and password with at the lest read access to the LDAP protocol

Let me put out an example semi stolen from MS's technet examples

say your domain is RVB.US.COM

Say your domain controllers are RVB_DC1, RVB_DC2 and RVB_DC3

Now say you have a logon of SARGE

with a password of D1rtb@g

your code from above would look like this

Set Domain = GetObject("LDAP:").OpenDSObject("LDAP://RVB_DC2/DC=RVB,DC=US,DC=Com","RVB\SARGE","D1rtb@g",1 + 512)

or this

Set Domain = GetObject("LDAP:").OpenDSObject("LDAP://RVB_DC1/DC=RVB,DC=US,DC=Com","RVB\SARGE","D1rtb@g",1 + 512)

or this

Set Domain = GetObject("LDAP:").OpenDSObject("LDAP://RVB_DC3/DC=RVB,DC=US,DC=Com","RVB\SARGE","D1rtb@g",1 + 512)

The one thing I've found people i work with for this stuff forget is that every section of text seperated by a . or the beginning or end of the domain has to have its own DC=

Other than that it might be the account does not have permissions on the server or the plugin did not work

i would try the same code on a windows system that you know you can get to AD manually with the ADSI Administrative tools or some third party software I use Softerra's LDAP Browser 2.6 because unlike MS's admin tool kit it lists everything as a details list view which if you know what you are looking for makes it faster to get to things than the tabbed approach does.

Anyway hope that helps a little

Cheers

Ryan Strope
Distributed Services
(Software package development/testing)
Lockheed Martin Systems Integration Owego
(Cyber City Computers)

ryan.strope@lmco.com
(607)751-1164

Quid quid latine dictum sit, altum videtur


#21
JamesOFarrell

JamesOFarrell
  • Member
  • 2 posts
  • Joined 15-January 09
We have been using this to enable ADSI in WinPE for a few months now. This has been working flawlessly for creating computer objects in AD and setting some attributes (like guid/description).

I tried to update my code to allow the new computer object to be added to groups after it has been created. This works fine under Vista/XP but fails under WinPE.

I get the error "Object does not support this property or method."

 
set objLDAP = GetObject("LDAP:")

PreStageUsername = "DOMAIN\username"
PreStagePassword = "password"

GroupPath = "LDAP://Domain.Com/CN=GroupName,OU=Groups,DC=Domain,DC=com"
Set objGroup = objLDAP.OpenDSObject(GroupPath, PreStageUsername, PreStagePassword, 0)

ComputerPath = "LDAP://Domain.Com/CN=ComputerName,OU=Computers,DC=Domain,DC=com"
Set objComp = objLDAP.OpenDSObject(ComputerPath, PreStageUsername, PreStagePassword, 0)

msgbox objGroup.Get("sAMAccountName")
objGroup.Add(objComp.ADsPath)
msgbox objGroup.IsMember(objComp.ADsPath)


In Vista/XP this displays the "sAMAccountName" of the Group Object, adds the Computer Object as a member of the Group Object then displays "True"

In WinPE this displays the "sAMAccountName" of the Group Object, then crashes out with the above error. If you remove the objGroup.Add(objComp.ADsPath) line then the scripts will error out on the msgbox objGroup.IsMember(objComp.ADsPath) line with the same error.

If I replace objComp.ADsPath with the ADs Path "LDAP://Domain.Com/CN=ComputerName,OU=Computers,DC=Domain,DC=com" it still bombs out.

Does anyone know what is going on here?

#22
JamesOFarrell

JamesOFarrell
  • Member
  • 2 posts
  • Joined 15-January 09
I fixed this issue by including the file adsmsext.dll on the WinPE disk.

EDIT: Typo

Edited by JamesOFarrell, 22 January 2009 - 09:54 PM.


#23
smallbyt

smallbyt
  • Member
  • 1 posts
  • Joined 09-August 09
Hi All

Hoping someone can help me out, I am trying to get LDAP working within WinPE and am so happy I found this forum because I was totally lost at the beginning.

I have added the dll's and the registry key into my WinPE 2.0 boot image so thats all fine.

I have a HTA that runs as part of our imaging process that promtps for various details about the machine, one thing I am trying to do is get a few of the drop down menus populated directly from AD. My HTA works fine when I run it on a normal Windows XP or Windows Server 2003 machine but when I run it from within WinPE I get the following error:

"The specified domain either does not exist or could not be contacted"

My code that executes the AD authentication and binding is below:

Const ADS_SCOPE_SUBTREE = 2
Const ADS_SECURE_AUTHENTICATION = 1 
Const ADS_SERVER_BIND = 200 

Set objShell = CreateObject("Wscript.Shell")

objShell.regWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1406", 0, "REG_DWORD" 
objShell.regWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1406", 0, "REG_DWORD" 
		
Set objDomain = GetObject("LDAP:").OpenDSObject("LDAP://ptcdcco1." & strDomainName & ".wa.gov.au/DC=" & strDomainName & ",DC=WA,DC=GOV,DC=AU" , strDomainMaster , strDomainMasterPwd ,1 + 512)

Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Properties("User ID") = strDomainMaster
objConnection.Properties("Password") = strDomainMasterPwd
objConnection.Properties("Encrypt Password") = TRUE
objConnection.Properties("ADSI Flag") = ADS_SERVER_BIND Or ADS_SECURE_AUTHENTICATION
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection

objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE

Can anyone help me out with that error?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users