New to K2000;
I have been attempting to build a pre-install HTA to gather info from techs as they deploy various models.
I am converting something that I had previously working with SCCM.  However when I attempt to query AD to check that a user exists,
or to bind to an OU to check for a computer object, I get an error, "domain not found, or is not responding" when running via K2000 deployment -
in mid-level or post install tasks.

However, if I test the script form a PC, I get no errors.

I also just decided to just use the provided join domain PowerShell script and .bat file; filled in the required info and that is not working either.
We do have LDAP setup and working for authentication to the K2000 itself; but am I missing some other step that is preventing me from connecting to AD
during a deployment?

Here is part of the code I am using:

CONST ADS_SECURE_AUTHENTICATION = &H0001
CONST ADS_SERVER_BIND = &H0200
CONST ADS_SCOPE_SUBTREE = 2
CONST strSCCMStageOU = "OU=MyOSD,OU=Ops,DC=Fabricam,DC=com"
DIM OSDUserName, OSDAddAdmin, OSDDestOU, OSDCompName
DIM strADSPath, strComputerDN, strAccount, strPwrd
DIM objRootDSE, strDomain, objConnection, objCommand, objRecordSet, strDN
.
.
.
.

' Get domain components
Set objRootDSE = GetObject("LDAP://RootDSE")
strDomain = objRootDSE.Get("DefaultNamingContext")

' Set ADO connection
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"

' Set ADO command
Set objCommand = CreateObject("ADODB.Command")
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.CommandText = "SELECT distinguishedName FROM 'LDAP://" & strDomain & "' WHERE objectCategory='user' AND samAccountName = '" & OSDUserName & "'"

' Set recordset to hold the query result
Set objRecordSet = objCommand.Execute

I get the error at the following line:
Set objRootDSE = GetObject("LDAP://RootDSE")

Thanks for any help or ideas.
jboehlke
2 Comments   [ + ] Show Comments

Comments

  • How are authenticating to the domain in order to perform the query? Are you hard coding the username and password in the section of code that is missing?
  • Yes, we have a dedicated, non-privileged account setup just for adding systems to the domain. What is odd here is that the initial step, the LDAP querry seems to be timing out. I might need to check with our network guys to see if something is blocking that traffic, since the K2000 is a new device.
Please log in to comment

There are no answers at this time

Answers

Answer this question or Comment on this question for clarity