I'm trying to connect to Active Directory to look for a specific user, edit that user's properties and save the changes. Seems like a simple task, but I'm having a hard time putting this thing together.
I've tried using VBscript, and allthough it seems it can be done, I have to add the administrator username and password in clear text. Which is NOT a good idea. The script is also triggered from regular users which have no access to Active Directory. So the initial script needs to fire a second script that is run as domain admin.
Someone gave me a tip though. Create a web page or a windows service that the script can call. And that service or webpage connects to AD and makes the actual changes. I guess a windows service would be the cleanest way of doing this.
But I only have Visual Studio Express and it seems I cannot create a windows service with that. The initial script needs to be vbscript, because it's being run from a software where only vbscript is supported.
So what would be the ideal solution here? Would it be possible for the first vbscript to collect the data it needs, pass those as arguments to a second vbscript that makes the actual changes? A vbscript would be easier to maintain, if I need to update more user properties than those I need right now.
We do use Sharepoint as well. Perhaps I could create a webpart that uses javascript to collect the data passed from the initial vbscript and connect to AD that way? Just brainstorming here to find the most appropriate solution :)
