+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 16
Scripts Thread, Password reset script, why does it not work? in Coding and Web Development; Hi This is our script that will allow teachers to reset student passwords. It stopped working some time ago and ...
  1. #1

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,819
    Thank Post
    873
    Thanked 1,675 Times in 1,458 Posts
    Blog Entries
    12
    Rep Power
    444

    Password reset script, why does it not work?

    Hi

    This is our script that will allow teachers to reset student passwords. It stopped working some time ago and i can't understand why. The reset is being logged in the text documents, the script says its been rest but it simply doesn't work. Teachers are in the right group etc.

    Your help will be appreciated.

    Thanks

    Dim sUserName, sDomain, oUser, oNet, sComputer, pw, vbClrf, _
    sPword2, sPword3, oComputer, serverpath, filename, objshell

    Dim namecheck, nameexists, userou, ou

    Set objNetwork = CreateObject ("WScript.Network")
    While objNetwork.Username = ""
    WScript.Delay (100)
    Wend
    strComputerName = objNetwork.ComputerName
    strUserName = objNetwork.UserName

    IF NOT ISMEMBER ("CN=PasswordResettingAccess") THEN
    wscript.echo "You do not have permission to change student passwords" & VBCR & VBCR & "Please speak to IT Support if your require this permission"
    wscript.quit
    END IF

    sUserName = InputBox("Please type Username" & chr(13) & "in the format" & chr(13) & "hc<1stinitial><2ndinitial><surname><year>", "Heywood Community HS Password Change", "")
    IF sUserName = "" THEN wscript.quit
    call checkname

    if nameexists = "yes" then call resetpassword

    if nameexists = "no" then call noaccount

    wscript.quit

    sub resetpassword

    call checkstudent

    if NOT userou = "Students" then call notstudentaccount

    bConfirm = MsgBox ("Password to be reset, are you sure?", 4, sUsername)
    If bConfirm = 7 then call nochange
    Set oNet = CreateObject("Wscript.Network")

    serverpath = "\\hc-print\Computer Use Logs\PasswordReset\"
    filename = "password_change1.txt"

    dim filesys, filetxt
    Const ForReading = 1, ForWriting = 2, ForAppending = 8
    Set filesys = CreateObject("Scripting.FileSystemObject")
    Set filetxt = filesys.OpenTextFile(serverpath+filename, ForAppending, True)
    filetxt.WriteLine sUsername
    filetxt.WriteLine "Reset by " & strUserName & " from " & strComputerName
    filetxt.Close

    'wscript.echo time

    IF time<"16:00:00" THEN WScript.Echo "The password for user account " & chr(13) & chr(13) & sUserName & chr(13) & chr(13) & " will be reset to ' football ' within the next 2 minutes." & VBCR & VBCR & "Please wait 2 minutes before attempting to log on with this account"
    IF time>"16:00:00" THEN WScript.Echo "User accounts cannot be changed by using this script after 4:00pm" & vbcr & "The password for user account " & chr(13) & chr(13) & sUserName & chr(13) & chr(13) & " will be reset to ' football ' tomorrow morning at 9:00am"

    wscript.quit

    end sub

    sub nochange

    wscript.echo sUsername & " - Password Change aborted"

    wscript.quit

    end sub

    sub noaccount

    wscript.echo "Username - " & sUsername & " - does not exist in this Domain." & vbcr & "Please check that you have entered it correctly and try again"

    wscript.quit

    end sub

    sub checkname


    'if domainname = "" then
    set objRoot = getobject("LDAP://RootDSE")
    domainname = objRoot.get("defaultNamingContext")
    'end if

    if sUserName <> "" then
    namecheck = finduser(sUserName,domainname)
    end if

    if namecheck = "Not Found" then nameexists = "no" ELSE nameexists = "yes"

    end sub

    sub checkstudent

    ou = mid(namecheck,instr(namecheck,",")+1,len(namecheck )-instr(namecheck,","))
    ou = split(ou, ",")
    userou = mid(ou(2),4,(len(ou(2))))

    end sub

    sub notstudentaccount

    wscript.echo "This is not a student account" & vbcr & "This script can only be used to change passwords for student accounts" & vbcr & vbcr & vbcr & "Please contact IT Support for assistance if you wish to reset the password on this account"

    wscript.quit

    end sub


    Function FindUser(Byval UserName, Byval Domain)
    on error resume next

    set cn = createobject("ADODB.Connection")
    set cmd = createobject("ADODB.Command")
    set rs = createobject("ADODB.Recordset")

    cn.open "Provider=ADsDSOObject;"

    cmd.activeconnection=cn
    cmd.commandtext="SELECT ADsPath FROM 'LDAP://" & Domain & _
    "' WHERE sAMAccountName = '" & UserName & "'"

    set rs = cmd.execute

    if err<>0 then
    FindUser="Error connecting to Active Directory Database:" & err.description
    else
    if not rs.BOF and not rs.EOF then
    rs.MoveFirst
    FindUser = rs(0)
    else
    FindUser = "Not Found"
    end if
    end if
    cn.close
    end function


    '::::::::::::::::::::::::::::::::::::::::::::::::: ::::::::::::
    '::: CHECK WHETHER USER IS A MEMBER OF A CERTAIN GROUP :::
    '::::::::::::::::::::::::::::::::::::::::::::::::: ::::::::::::
    Function IsMember (strGroup)

    ':::::::::::::::::::::::::::::::::::::::::::::::
    '::: Use LDAP to find out account details :::
    ':::::::::::::::::::::::::::::::::::::::::::::::
    On Error Resume Next
    Set objSystemInfo = CreateObject ("AdSystemInfo")
    Err.Clear
    Set objUser = GetObject ("LDAP://" & objSystemInfo.UserName)
    If Err.Number <> 0 Then
    MsgBox Err.Number & vbTab & Err.Description
    End If

    Dim objGroup
    IsMember = FALSE
    For Each objGroup In objUser.Groups
    'Message "TESTING - PLEASE IGNORE", 1, strUserName & " is a member of " & objGroup.Name & " " & objGroup.Class, 1
    strThisGroup = Replace (objGroup.Name, "CN=\", "")
    If strThisGroup = strGroup Then

    IsMember = TRUE
    Exit For
    End If
    Next
    End Function

  2. #2
    Messa's Avatar
    Join Date
    Dec 2006
    Location
    Wolverhampton
    Posts
    301
    Thank Post
    67
    Thanked 29 Times in 25 Posts
    Rep Power
    21
    Why not create a taskpad that only allows password resetting?
    Assuming you use XP.

    Read up about it HERE

  3. #3

    MK-2's Avatar
    Join Date
    Oct 2006
    Location
    Nottingham
    Posts
    3,237
    Thank Post
    149
    Thanked 581 Times in 307 Posts
    Blog Entries
    8
    Rep Power
    199
    just looking through it, it mentions that password will be reset to football, but cant see the string that actually does the resetting of the password.

    going by MS script repository, you can use this:
    Set objUser = GetObject _
    ("LDAP://cn=myerken,ou=management,dc=fabrikam,dc=com")

    objUser.ChangePassword "i5A2sj*!", "jl3R86df"

  4. #4

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,819
    Thank Post
    873
    Thanked 1,675 Times in 1,458 Posts
    Blog Entries
    12
    Rep Power
    444
    sorry, i am not a script expert. how do you mean please?

    Z

  5. #5

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,819
    Thank Post
    873
    Thanked 1,675 Times in 1,458 Posts
    Blog Entries
    12
    Rep Power
    444
    I see what you mean, I have no idea whatís going on with that. It used to work, i didnít see what it was like before there wasn't any need.

    I donít know what happened to the reply but it said this

    What he means is that there doesn't seem to be anything in the code that actually changes the password. Instead the code just performs several checks to see whether requirements are met. When these requirements are met though there is no code to tell the script what to do.

  6. #6

    Edu-IT's Avatar
    Join Date
    Nov 2007
    Posts
    7,113
    Thank Post
    403
    Thanked 619 Times in 566 Posts
    Rep Power
    180
    So has somebody modified the script then?

  7. #7

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,819
    Thank Post
    873
    Thanked 1,675 Times in 1,458 Posts
    Blog Entries
    12
    Rep Power
    444
    Well I haven’t and the other two guys haven’t. The only thing I can think is that somehow an older version, whilst it was under developed was restored some how.

  8. #8

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,819
    Thank Post
    873
    Thanked 1,675 Times in 1,458 Posts
    Blog Entries
    12
    Rep Power
    444
    set rs = cmd.execute
    what does this mean?

  9. #9

    Join Date
    Jul 2007
    Location
    Devon
    Posts
    233
    Thank Post
    8
    Thanked 9 Times in 8 Posts
    Rep Power
    16
    rs is often used as the identifier for a RecordSet.

    the rest executes something... usually it's an ADODB & SQL thing.


    Looking at what you posted, under the "FindUser" function, it executes the query (specified as cmd.CommandText) against AD to find the specified/active user (didnt bother looking up which)
    Last edited by Lithium; 16th March 2008 at 11:09 PM.

  10. #10

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,819
    Thank Post
    873
    Thanked 1,675 Times in 1,458 Posts
    Blog Entries
    12
    Rep Power
    444
    ok thanks

  11. #11

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,039
    Thank Post
    852
    Thanked 2,666 Times in 2,263 Posts
    Blog Entries
    9
    Rep Power
    767
    Along with not having a bit that applies a password reset it does not appear to have any account impersonation setup which you will need when applying the password change if the user running the script does not have the right to change the password in AD under their current logon.

  12. #12

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,819
    Thank Post
    873
    Thanked 1,675 Times in 1,458 Posts
    Blog Entries
    12
    Rep Power
    444
    Thats odd, i will have a look round for a more updated version.

  13. #13
    Messa's Avatar
    Join Date
    Dec 2006
    Location
    Wolverhampton
    Posts
    301
    Thank Post
    67
    Thanked 29 Times in 25 Posts
    Rep Power
    21
    Why not create a taskpad that only allows password resetting?
    Assuming you use XP.

    Read up about it HERE
    Why Not Use This ?

    This means staff can see something instead of messing with scripts.

  14. #14

    Join Date
    Mar 2009
    Location
    Cambridge
    Posts
    32
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    We do this through our Staff Intranet. Any member of staff can change a student password through the PHP front end, logged in as themselves. This then calls a VB Script at the server and makes the LDAPS change. I would say it's reduced the password change 'visitor' numbers to the ICT Office by at least 80% and has been highly praised by all staff who've used it for its simplicity. One reason why it's so simple is that it pulls the student's DOB from SIMS and sets the password to DDMMYY, not even requiring the student to leave their seat. The only people it hasn't gone down well with are the students who like the excuse to leave the room!

  15. #15

    tmcd35's Avatar
    Join Date
    Jul 2005
    Location
    Norfolk
    Posts
    5,614
    Thank Post
    845
    Thanked 880 Times in 730 Posts
    Blog Entries
    9
    Rep Power
    326
    We set up a new group in AD and gave that group permissions to change student passwords only. Made all teachers a member of the group. Then install Wisesofts Bulk Password program on the teachers desktop in the ICT suites. Job done.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Self Service Password Reset
    By plexer in forum EduGeek Self Service Password Reset
    Replies: 273
    Last Post: 5th November 2013, 06:51 PM
  2. Password Reset form for ICT staff
    By Rozzer in forum Windows
    Replies: 21
    Last Post: 30th January 2013, 10:01 AM
  3. bulk password reset
    By Jonny_sims in forum Windows
    Replies: 10
    Last Post: 26th September 2011, 10:12 PM
  4. Local admin password reset?
    By sidewinder in forum Windows
    Replies: 13
    Last Post: 15th October 2009, 07:26 PM
  5. reset admin password
    By fafster in forum Windows
    Replies: 11
    Last Post: 27th February 2008, 10:01 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •