I have a little puzzle that I am trying to solve. I would like to set a user's password in AD (2003) from an external (i.e. non-domain member) webserver (2003/IIS6) via an .asp page. The page itself consists of nothing more than vbs code. If I run the code as a stand-alone vbscript from the command line, it completes successfully; however, when executed from the .asp page I get:
Microsoft VBScript runtime error '800a0046'
Permission denied
/setpass.asp, line 62
This error occurs at the line where I set the password:
Expand|Select|Wrap|Line Numbers
- Set objprovider = GetObject("LDAP:")
- Set objuser = objprovider.OpenDSObject(userid, binddn, bindpw, ADS_SECURE_AUTHENTICATION)
- objuser.Put "Description","something something"
- objuser.SetPassword "P@ssw0rd"
- objuser.SetInfo
Again, when I run this code as a vbscript from the W2003 webserver it runs just fine. When I request the same .asp page from Windows XP Pro w/IIS5 (also non-domain member) I also get the desired result.
Obviously, the problem lies somewhere in OS/IIS version (2003/IIS6 vs. XP/IIS5), but how to fix it? And why does the code run fine as vbs and not as asp? I must be missing something... I have run network monitor to see what kind of traffic is generated and I noticed that on XP there is traffic on port 389 and 445 (SetPassword); on 2003 I only see traffic on port 389. But why? Have been searching the web endlessly but still haven't found what I'm looking for.
Any ideas or suggestions?
Thanks,
Rudi