[windows2000] Re: Moving computer object in AD after sysprep query
- From: "Braebaum, Neil" <Neil.Braebaum@xxxxxxxxxxxxxxxxx>
- To: <windows2000@xxxxxxxxxxxxx>
- Date: Mon, 5 Jan 2004 14:38:18 -0000
> -----Original Message-----
> From: Anthony Abraham <AABRAHAM@xxxxxxxxxxxxx>
> Date: Mon, 5 Jan 2004 09:50:27 +1100
> Subject: [windows2000] Moving computer object in AD after
> sysprep query
>
> Hi
>
> Im creating a new Windows 2000/XP SOE for 1000 users and am
> looking at a way of automating it so after syspreping (and
> deploying via Ghost), it autologs on and runs a script so the
> computer object is moved into the relevant folder in AD on
> first logon. By default it goes to a wks AD OU. We have 2
> OU's, desktop and notebook under the wks OU. I was thinking
> of creating an environment variable to distinguish desktops
> and notebooks and using some kind of script that interrogates
> it and puts the computer object into the relevant OU (ie
> desktops go to the desktop OU).
>
> Has anyone done this after sysprep runs?? - what
> tools/methods are best in doing this. RIS can do this (as it
> asks for the OU destination) but RIS is quite slow in
> comparison to Ghost
I do something along these lines. I wrote a HTA that our PC builders /
deployers use after RISing a PC.
Here, a PC's OU location is relevant for application deployment, the
location field of the computer object is relevant for the user's login
script (points to an OU where the printers for that PC's physical
location live, so that the users get printer mappings based on physical
location of the PC, rather than group membership), and computer group
membership is also relevant to application deployment.
So I wrote a HTA that allows alternate, secured authentication to AD
(using elevated privileges, the account does not permit interactive
logins, though), it prompts for the credentials, and computer name,
populates drop-down select lists for the appropriate OU lists and group
lists (it get's this information dynamically from AD).
The usage of this, means that the PC builders can do all the PC
deployment tasks, including moving the PC object to the appropriate OU -
and this may change for rebuilds or redeployment. The point of this
being moving some of the trivial work from the more technical areas, to
the people merely doing the PC deployment.
I guess the thing about writing stuff like this, though, is that it's
pretty bespoke, and demands a reasonable amount of HTML / ADSI scripting
knowledge.
Neil
***********************************************
This e-mail and its attachments are confidential
and are intended for the above named recipient
only. If this has come to you in error, please
notify the sender immediately and delete this
e-mail from your system.
You must take no action based on this, nor must
you copy or disclose it or any part of its contents
to any person or organisation.
Statements and opinions contained in this email may
not necessarily represent those of Littlewoods.
Please note that e-mail communications may be monitored.
The registered office of Littlewoods Limited and its
subsidiaries is 100 Old Hall Street, Liverpool, L70 1AB.
Registered number of Littlewoods Limited is 262152.
************************************************
********************************************************
This Weeks Sponsor StressedPuppy.com Games
Feeling stressed out? Check out our games to
relieve your stress.
http://www.StressedPuppy.com
********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
Other related posts:
