Monday, January 5, 2009

How Can I Run a Script Under Alternate Credentials?

Note: A script CANNOT provide domain credentials if you are logged in as a local account on the workstation. To use alternate domain credentials you must be logged in using domain user account.

URL: http://www.microsoft.com/technet/scriptcenter/resources/qanda/dec04/hey1213.mspx

For WMI...


-----------------------------------------------------------------------------------------
Const WbemAuthenticationLevelPktPrivacy = 6

strComputer = "atl-ws-01"
strNamespace = “root\cimv2”
strUser = "Administrator"
strPassword = "4rTGh2#1"

Set objWbemLocator = CreateObject("WbemScripting.SWbemLocator")
Set objWMIService = objwbemLocator.ConnectServer _
(strComputer, strNamespace, strUser, strPassword)
objWMIService.Security_.authenticationLevel = WbemAuthenticationLevelPktPrivacy

Set colItems = objWMIService.ExecQuery _
("Select * From Win32_OperatingSystem")
For Each objItem in ColItems
Wscript.Echo strComputer & ": " & objItem.Caption

-----------------------------------------------------------------------------------------

OR

For ADSI

-----------------------------------------------------------------------------------------

Const ADS_SECURE_AUTHENTICATION = 1
Const ADS_USE_ENCRYPTION = 2

strPath = "LDAP://cn=kenmyer,ou=Finance,dc=fabrikam,dc=com"
strUser = "fabrikam\Administrator"
strPassword = "4rTGh2#1"

Set objDSO = GetObject("LDAP:")
Set objUser = objDSO.OpenDSObject _
(strPath, strUser, strPassword, _
ADS_USE_ENCRYPTION OR ADS_SECURE_AUTHENTICATION)

Wscript.Echo objUser.AccountDisabled

Next
-----------------------------------------------------------------------------------------

No comments: