| YNY 
 Full Member
 | Редактировать | Профиль | Сообщение | Цитировать | Сообщить модератору 
 Цитата:
 
 The following code example shows how to use the ADsOpenObject function to bind to a specific server using the ADS_SERVER_BIND flag:
 ADsOpenObject("LDAP://server/domain.com/DC=domain, DC=com",..., ADS_SERVER_BIND)
 
 If you cannot specify the fully qualified DNS domain name, you can use other forms for the HostName parameter. The formats for specifying a HostName parameter are (in order of preference):
 
 Fully Qualified Domain Name (FQDN), such as dev.myCompany.com
 Fully Qualified Machine Name (FQMN), such as myComputer.dev.myCompany.com
 Flat domain name, such as dev
 NETBIOS computer name, such as myComputer
 IP address, such as 127.0.0.1
 Note   If you specify a NETBIOS computer name or an IP address, you cannot perform mutual authentication.
 
 
 Добавлено:
 If Kerberos authentication is required for the successful completion of a specific directory request, the binding string must use either a serverless ADsPath, such as
 
 LDAP://CN=Jeff Smith,CN=users,DC=fabrikam,DC=com,
 
 or it must use an ADsPath with a fully-qualified DNS server name, such as
 
 LDAP://server01.fabrikam.com/CN=Jeff Smith,CN=users,DC=fabrikam,DC=com.
 
 Binding to the server using a flat NETBIOS name or a short DNS name, for example, using the name server01 instead of server01.fabrikam.com, is not guaranteed to yield Kerberos authentication.
 
 
 
 Добавлено:
 http://support.microsoft.com/kb/q258507/
 
 
 Добавлено:
 ПРИМЕР использования OpenDSObject() из MSDN {вызов OpenDSObject() "аналогичен"   GetObject(), т.е. в GetObject() должны передаваться параметры так же как в примере ниже, а не как у тебя}:
 
 Dim dso As IADsOpenDSObject
 Dim obj1, obj2 As IADs
 Dim szUsername As String
 Dim szPassword As String
 
 Set dso = GetObject("LDAP:")
 
 ' Insert code securely.
 
 ' Supply full credentials to initiate a server connection.
 
 Set obj1 = dso.OpenDSObject( _
 "LDAP://server1/CN=Dept1,DC=Fabrikam,DC=com", _
 szUsername, _
 szPassword, _
 ADS_SECURE_AUTHENTICATION + ADS_SERVER_BIND)
 
 
 Добавлено:
 Возмона это уже лишнее но все же
 
 LDAP://<servername>/rootDSE
 
 ПОСМОТРИ что у тя за rootDSE, возмона там и есть твой зацикленный КД, и вообще не понятно зачем унифицировать скрипт (определять программно домен, а не прописывать его руками если от этого одни проблемы.
 
 The <servername> is the DNS name of a server. The <servername> is optional, as shown in the following format.
 
 LDAP://rootDSE
 
 In this case, a default domain controller from the domain that the security context of the calling thread is in will be used. If a domain controller cannot be accessed within the site, the first domain controller that can be found will be used.
 
 
 |