在VBScript中测试Active Directory域的用户名/密码?

时间:2010-10-04 15:04:42

标签: vbscript active-directory

我需要针对VBScript中的给定域测试用户名和密码对。该脚本将知道需要检查访问权限的用户名,密码和域,并且我需要返回的是关于帐户是否有效的真实或错误。

有人能建议一个很好的方法来实现这个目标吗?谢谢!

4 个答案:

答案 0 :(得分:5)

由于我的域OU结构在OU = Users中没有用户,因此发布的fnCheckAccess(strDomain,strUserID,strUserPWD)出现问题。根据MSDN文章提出的以下内容应适用于任何域:

    'http://msdn.microsoft.com/en-us/library/windows/desktop/aa706065%28v=vs.85%29.aspx
    Set objNetwork = CreateObject("WScript.Network")
    strDomain = objNetwork.UserDomain
    Const ADS_SECURE_AUTHENTICATION = 1
    strUsername=InputBox("Enter Username:")
    strPassword=InputBox("Enter Password:")
    Set objDS = GetObject("LDAP:")
    On Error Resume Next
    Set objDomain = objDS.OpenDSObject("LDAP://" & strDomain, strUsername, strPassword, ADS_SECURE_AUTHENTICATION)
    If Err.Number Then
        WScript.Echo _
            "For user:" & vbCrLf & _
            "   " & strDomain & "\" & strUsername & vbCrLf & _ 
            "Error Number:" & vbCrLf & _
            "   " & Err.Number & vbCrLf & _
            "Error Description:" & vbCrLf & _
            "   " & Err.Description
    Else
        WScript.Echo _
            "Valid password entered for user" & vbCrLf & _
            "   " & strDomain & "\" & strUsername
    End If
    On Error Goto 0

答案 1 :(得分:4)

以下函数将测试针对给定域的用户名/密码:

function fnCheckAccess(strDomain, strUserID, strUserPWD)

const ADS_SECURE_AUTHENTICATION = &h0001
const ADS_CHASE_REFERRALS_ALWAYS = &H60

dim objDSO
dim objUser
dim strPath

strPath = "LDAP://" & strDomain & "/OU=Users,DC=" & strDomain

On Error Resume Next
set objDSO = GetObject("LDAP:")
set objUser = objDSO.OpenDSObject (strPath, strUserID, strUserPWD, ADS_SECURE_AUTHENTICATION OR ADS_CHASE_REFERRALS_ALWAYS)
if Err.Number <> 0 then
    MsgBox "Incorrect Password for " & g_strDomain & "\" & g_strUserID & "." & vbCRLF & vbCRLF & "Error " & Err.Number & ": " & Err.Description, 16, "Access Denied"
    fnCheckAccess = False
else
    fnCheckAccess = True
end if
Err.Clear
On Error Goto 0

set objDSO = Nothing
set objUser = Nothing

end function

答案 2 :(得分:2)

这不是“Microsoft批准的”凭证验证方法:

http://msdn.microsoft.com/en-us/library/windows/desktop/aa706065(v=vs.85).aspx

“登录用户”API应该适用于XP +操作系统。

以下文章对于解决这个问题非常有帮助(VB.NET):

http://codingforpassion.blogspot.com/2011/07/windows-logon-api-for-net.html

答案 3 :(得分:0)

runas /u:domain\user notepad.exe

诀窍

相关问题
最新问题