0

I pasted this script into a .vbs file and ran it our domain controller (with our username, ou, and domain info):

Set objUser = GetObject _
  ("LDAP://cn=Ken Myer,ou=Finance,dc=fabrikam,dc=com")

objUser.Put "userWorkstations", "atl-ws-01,atl-ws-02,atl-ws-03"
objUser.SetInfo

And receive the error:

No such user object on the server.

However, I've double checked the username, ou, and domain several times. Any idea what's wrong?

Ansgar Wiechers
  • 193,178
  • 25
  • 254
  • 328
blashmet
  • 13
  • 4
  • The code should work. Not much we could do without seeing your real code. What do you get when running `WScript.Echo TypeName(objUser)` and `WScript.Echo objUser.sAMAccountName`? Did you make sure the protocol specifier (`LDAP://`) is in all-caps? – Ansgar Wiechers Aug 13 '13 at 18:56

1 Answers1

0

if you install adsiedit it will help you get the appropriate LDAP string to use. it's easy to get tripped up with this stuff, so i'd verify that the object you're looking for really is located where you think it is.

for instance, i open adsiedit.msc (by ctrl+r adsiedit.msc enter) right click, choose connect to. then under computer i choose default. then i hit ok.

i can then dig around the folder structure of AD for the object (person) i'm looking for. in my AD Schema, my user account can be navigated to using LDAP://CN=greenierb,OU=TSG,OU=Users,OU=Accounts,OU=Boston,OU=Offices,DC=domain,DC=com

which is the reverse of the folder structure you navigate through in adsiedit (from the bottom of the hierachy (ie the user) up).

bengreenier
  • 285
  • 2
  • 9
  • 1
    You don't need `Adsiedit` for this. In `AD Users and Computers` enable advanced features (in the `View` menu) and you'll get a tab `Attribute Editor` in the user's properties, which will list all attributes including the distinguished name. – Ansgar Wiechers Aug 13 '13 at 18:49