How to Open a Intranet Windows Authenticated Website using vbs script?

Home Forums Scripting General Scripting How to Open a Intranet Windows Authenticated Website using vbs script?

This topic contains 9 replies, has 4 voices, and was last updated by Avatar vonPryz 11 years, 1 month ago.

Viewing 10 posts - 1 through 10 (of 10 total)
  • Author
    Posts
  • Avatar
    igor7
    Member
    #139675

    Hi, everybody!!
    I am unable to find method in the web to open a windows authenticated intranet website from vbs script. I’m using simple vbs script code (see bellow) to open this forum website:

    Code:
    [COLOR=#555a5f][FONT=Verdana]Set wshShell = WScript.CreateObject (“WSCript.shell”) [/FONT][/COLOR]
    [COLOR=#555a5f][FONT=Verdana]Set IE = CreateObject(“InternetExplorer.Application”) [/FONT][/COLOR]
    [COLOR=#555a5f][FONT=Verdana]IE.visible = 1 [/FONT][/COLOR]

    [COLOR=#555a5f][FONT=Verdana]IE.navigate(http://forums.petri.com/forumdisplay.php?f=18)[/FONT][/COLOR]

    In my work place we have an intranet web site that require domain authentication. That means I need to provide, user id, password & domain while opening the particular web site.

    Some times I need to open this site hundred times during work day and it simply drive my nuts … I want to be able open this site using vbs script while my domain credentials will be provided automatically (of course for personal use only).

    Avatar
    Virtual
    Member
    #332614

    Re: How to Open a Intranet Windows Authenticated Website using vbs script?

    Not sure with a script but do you know there is a way of doing through Group Policy and Internet Explorer?

    If you go to Tools, Internet Options.

    Click on the ‘security tab’ and then highlight ‘Local Intranet’. Click on ‘Sites’ and then ‘advanced’ and add your intranet web url in to there.

    Next, click on ‘custom settings’ at the bottom whilst ensuring ‘local intranet’ is still highlighted. Scroll to the botom and make sure there is a dot in ‘Automatic logon with current username and password, under the logon section.

    Avatar
    vonPryz
    Member
    #347312

    Re: How to Open a Intranet Windows Authenticated Website using vbs script?

    Have you enabled integrated Windows authentication? Tools -> Advanced -> Enable Integrated Windows Authentication (Under the security padlock icon).

    If the intranet site is made the proper way, it supports integrated authentication and no manual logons are needed at all. Ask the intranet maintenance people if this is the case.

    -vP

    Avatar
    igor7
    Member
    #295055

    Re: How to Open a Intranet Windows Authenticated Website using vbs script?

    Thank you guys for the replays, but I don’t think that IE configuration problem… I think IIS configured to promt username/password for each connection to this web site.
    I’m in vacation now till the end of this week, so I can’t try what you advised. But even it can be configured trough IE settings it doesn’t help me much, because in my work place I use multiple computer station to log in into company network, so I prefer to use username/password prompt rather configure each station I use. That’s why I’m searching for the script.

    Avatar
    Virtual
    Member
    #332623

    Re: How to Open a Intranet Windows Authenticated Website using vbs script?

    igor7;152136 wrote:
    Thank you guys for the replays, but I don’t think that IE configuration problem… I think IIS configured to promt username/password for each connection to this web site.
    I’m in vacation now till the end of this week, so I can’t try what you advised. But even it can be configured trough IE settings it doesn’t help me much, because in my work place I use multiple computer station to log in into company network, so I prefer to use username/password prompt rather configure each station I use. That’s why I’m searching for the script.

    Fair enough. I have a WSS 3 site running on IIS at one of my clients. They connect via the intranet and the login is automatic, no prompting, as it uses the currently logged on user. I roll out the setting through Group Policy, so there is no administrative overhead.

    As you say, your looking for a way to script it, so hopefully someone can assist with that.

    Avatar
    vonPryz
    Member
    #347314

    Re: How to Open a Intranet Windows Authenticated Website using vbs script?

    igor7;152136 wrote:
    I think IIS configured to promt username/password for each connection to this web site.

    The problem you describe is exactly what integrated logon is supposed to solve. You don’t type your password each time when accessing network shares or launching Outlook, do you?

    -vP

    Avatar
    igor7
    Member
    #295056

    Re: How to Open a Intranet Windows Authenticated Website using vbs script?

    vonPryz;152170 wrote:
    The problem you describe is exactly what integrated logon is supposed to solve. You don’t type your password each time when accessing network shares or launching Outlook, do you?

    Yes, I not typing my domain credentials to access any network resources and I agree with fact that IE can be configured to prompt username & password or automatic logon… I don’t have access to ISS configuration so I not sure with authentication method is used (btw here is explanation about this).
    But still as I said I’m use many computer station to log on into company network environment so I prefer have an script rather then configure each station

    Avatar
    Virtual
    Member
    #332629

    Re: How to Open a Intranet Windows Authenticated Website using vbs script?

    igor7;152204 wrote:
    Yes, I not typing my domain credentials to access any network resources and I agree with fact that IE can be configured to prompt username & password or automatic logon… I don’t have access to ISS configuration so I not sure with authentication method is used (btw here is explanation about this).
    But still as I said I’m use many computer station to log on into company network environment so I prefer have an script rather then configure each station

    As I have stated, the processis automated through Group Policy, so every domain machine you log onto, you will not be prompted.

    Somebody must know a way of scripting this for you, so hopefully should respond. With a script, you still need to either roll that out through Group Policy or manually run it each time.

    Avatar
    igor7
    Member
    #295057

    Re: How to Open a Intranet Windows Authenticated Website using vbs script?

    OK, guys. I did some reverse engineering staff and finally I’ve find solution for my problem! First of all I understand that this is not IIS configuration problem. IIS configured to use Integrated Windows Authentication, so each AD network resource should be accessed without providing username/password. In my case username/password prompt appears because the site I trying to access placed on server in other (trusted) domain. How I know this? Well, when I followed to Virtual advice:

    Quote:
    Tools >> Internet Options >> Click on the ‘security tab’ and then highlight ‘Local Intranet’. Click on ‘Sites’ >> ‘advanced’ >> add your intranet web url in to there. Next, click on ‘custom settings’ at the bottom whilst ensuring ‘local intranet’ is still highlighted. Scroll to the bottom and make sure there is a dot in ‘Automatic logon with current username and password, under the logon section.

    and than open the particular web site, before it opens (without username/password prompt) the following message is appears:

    Code:
    This page is accessing information that is not under its control.
    This poses a security risk. Do you want to continue?

    I searched the web for understand the reason why this message is appears and find explanation in msdn site:

    Quote:
    This is how cross-domain security fundamentally works. It’s far from a perfect system, but it’s simple. Since there is no way to specify which pages trust other pages to access their data, Internet Explorer simply says that if two pages are not in the same domain, they cannot communicate. More precisely, Zone Manager (found on the security tab in Internet Settings) does allow the user to say that a page may access another page, but as you point out, most people leave it set on prompt. You can suggest users add the page to the trusted site zone, or merely say Yes to the dialog box…

    So, as we see the way to avoid security notification message is add the web site to trusted sites zone. I did so and when next time I opened this site it doesn’t prompt me for username/password! But still this solution doesn’t meet my needs… I don’t want to configure IE on each computer manually before accessing this particular web site. To be honest it can be configured trough registry or with a *.reg file. I found Internet Explorer security zones registry entries for advanced users site with perfect explanation about IE zones and authentication methods. But since I’ve promised to our users “script this issue”, I keep my promise and wrote the vbs script based on example from Scripting Guy website. Here is the code:

    Code:
    [FONT=Verdana][COLOR=#555a5f][COLOR=#555a5f][FONT=Verdana]On Error Resume Next[/FONT][/COLOR]
    [COLOR=#555a5f][FONT=Verdana]Const HKEY_CURRENT_USER = &H80000001[/FONT][/COLOR]
    [COLOR=#555a5f][FONT=Verdana]strComputer = “.”[/FONT][/COLOR]
    [FONT=Verdana][COLOR=#555a5f]Set objReg=GetObject(“winmgmts:\” & strComputer & “rootdefault:StdRegProv”)[/COLOR][/FONT]
    [FONT=Verdana][COLOR=#555a5f]strKeyPath = “SoftwareMicrosoftWindowsCurrentVersionInternet Settings” _[/COLOR][/FONT]
    [FONT=Verdana][COLOR=#555a5f]& “ZoneMapDomainsmysite.com”[/COLOR][/FONT]
    [COLOR=#555a5f][FONT=Verdana]objReg.CreateKey HKEY_CURRENT_USER, strKeyPath[/FONT][/COLOR]
    [COLOR=#555a5f][FONT=Verdana]strValueName = “http”[/FONT][/COLOR]
    [FONT=Verdana][COLOR=#555a5f]dwValue = 2[/COLOR][/FONT]
    [FONT=Verdana][COLOR=#555a5f]objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, strValueName, dwValue[/COLOR][/FONT]

    [FONT=Verdana][COLOR=#555a5f]Dim objShell, RegLocate, RegLocate1[/COLOR][/FONT]
    [FONT=Verdana][COLOR=#555a5f]Set objShell = WScript.CreateObject(“WScript.Shell”)[/COLOR][/FONT]
    [FONT=Verdana][COLOR=#555a5f]On Error Resume Next[/COLOR][/FONT]
    [FONT=Verdana][COLOR=#555a5f]RegLocate = “HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones21A00″[/COLOR][/FONT]
    [COLOR=#555a5f][FONT=Verdana]objShell.RegWrite RegLocate,”00000”,”REG_DWORD”[/FONT][/COLOR]

    [FONT=Verdana][COLOR=#555a5f]Set wshShell = WScript.CreateObject (“WSCript.shell”) [/COLOR][/FONT]
    [FONT=Verdana][COLOR=#555a5f]Set IE = CreateObject(“InternetExplorer.Application”) [/COLOR][/FONT]
    [FONT=Verdana][COLOR=#555a5f]IE.visible = 1 [/COLOR][/FONT]
    [COLOR=#555a5f][FONT=Verdana]IE.navigate(http://www.mysite.com)[/FONT][/COLOR]
    [/COLOR][/FONT]

    That’s all! Thank you guys for help! May be this information will help to somebody else…

    P.S. Tools -> Advanced -> Enable Integrated Windows Authentication (Under the security padlock icon). – is checked by default in IE 6 and 7.

    Avatar
    J0K3R
    Member
    #249433

    Re: How to Open a Intranet Windows Authenticated Website using vbs script?

    could always make sure the username and passwords are stored here C:WindowsSystem32rundll32.exe keymgr.dll, KRShowKeyMgr

    thats is how i stopped a sharepoint page from asking me to authenticate to it all the time

Viewing 10 posts - 1 through 10 (of 10 total)

You must be logged in to reply to this topic.