I've written a PERL cgi script that I'd like to use to reset a user's
password within Microsoft's Active Directory. The script runs well from the
command line of the web server and from any other windows box (with PERL
installed). However, when it is executed from IIS, the security of IIS
prevents it from completing one of the methods of the Win32::OLE module so
the script fails. Posing this question to general IIS/Windows support groups
returns the result of "Ask the PERL folks". I'm hoping someone within this
forum can help (though I believe the problem to be IIS security related,
maybe someone here has experienced this themselves).
My script:
use strict;
use CGI ':standard';
use Win32::OLE;
use URI;
# snip -retrieve values from form, etc
###--Create LDAP Connection to Active Directory
my $adsinamespaces = CreateObject Win32::OLE 'ADsNameSpaces'||print qq(Nope,
step 1);
my $ldapnamespace= $adsinamespaces->getobject("","LDAP:")||print qq(nope,
step2);
my
$userdsobject=$ldapnamespace->OpenDSObject("LDAP://winad1.wsc.western.edu/OU
=Users,dc=wsc,dc=western,dc=edu","cn=$user,ou=$ou,OU=Users,dc=wsc,dc=western
,dc=edu",$old_password,1)||print qq(nope, step 3);
###--Bind to specific user account
my $ADsPath="LDAP://CN=$user,OU=$ou,OU=Users,DC=WSC,DC=western,DC=edu";||
print qq (nope, step 4);
##the next line always fails via CGI
my $u = Win32::OLE->GetObject($ADsPath)||print qq(nope, get object failed);
$u->SetPassword($new_password);
$u->SetInfo();
The script always fails on the GetObject method line when it is executed via
CGI. What is that command doing that IIS doesn't appreciate?
Any suggestions?
Thanks,
Mike
