For SAM Name you should know the domain as well as it may
not be unique in the forest. For CN, good luck, there are no uniqueness
requirements outside of container level I would be very hesitant to do anything
based on that.
If you have the domain you can do a lookup. Heck you can do
a lookup even without the domain through the GC but again, you might get
multiple hits. If you have domain you can use the name translate as well
which doesn't require ADO gunk.
Finally if you have domain you can use a WinNT bind. As
long as it is a changer it should be fine, if it is a setter you may find issues
with delegated accounts not being able to use it, only acc ops and
admins.
joe
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom Kern
Sent: Thursday, December 01, 2005 9:35 AM
To: activedirectory
Subject: [ActiveDir] password changer
I'm trying a write a password changer in _vbscript_ for endusers and I have 2
questions-
1. All the examples i've seen, you have to enter the full DN. is there a
way for the user to just enter their cn or sAMAccountName and change thier
password in the domain?
2. is there a way to script a password changer that doesn't require a user
to know their old password? I know this is really insecure but i'm just
curious.
Thanks
