Thanks Neil Well at least I know it can be done via scripting. We use RIS and sysprep (using Ghost/sysprep to deploy as its much faster than RIS). I found a way to get it to work using the MachineObjectOU command in sysprep.inf. Seems to work OK. Thanks for the reply. I think I need to start reading up on ADSI though.... Anthony Msg: #3 in digest Subject: [windows2000] Re: Moving computer object in AD after sysprep query Date: Mon, 5 Jan 2004 14:38:18 -0000 From: "Braebaum, Neil" <Neil.Braebaum@xxxxxxxxxxxxxxxxx> > -----Original Message----- > From: Anthony Abraham <AABRAHAM@xxxxxxxxxxxxx> > Date: Mon, 5 Jan 2004 09:50:27 +1100 > Subject: [windows2000] Moving computer object in AD after > sysprep query > > Hi > > Im creating a new Windows 2000/XP SOE for 1000 users and am > looking at a way of automating it so after syspreping (and > deploying via Ghost), it autologs on and runs a script so the > computer object is moved into the relevant folder in AD on > first logon. By default it goes to a wks AD OU. We have 2 > OU's, desktop and notebook under the wks OU. I was thinking > of creating an environment variable to distinguish desktops > and notebooks and using some kind of script that interrogates > it and puts the computer object into the relevant OU (ie > desktops go to the desktop OU). > > Has anyone done this after sysprep runs?? - what > tools/methods are best in doing this. RIS can do this (as it > asks for the OU destination) but RIS is quite slow in > comparison to Ghost I do something along these lines. I wrote a HTA that our PC builders / deployers use after RISing a PC. Here, a PC's OU location is relevant for application deployment, the location field of the computer object is relevant for the user's login script (points to an OU where the printers for that PC's physical location live, so that the users get printer mappings based on physical location of the PC, rather than group membership), and computer group membership is also relevant to application deployment. So I wrote a HTA that allows alternate, secured authentication to AD (using elevated privileges, the account does not permit interactive logins, though), it prompts for the credentials, and computer name, populates drop-down select lists for the appropriate OU lists and group lists (it get's this information dynamically from AD). The usage of this, means that the PC builders can do all the PC deployment tasks, including moving the PC object to the appropriate OU - and this may change for rebuilds or redeployment. The point of this being moving some of the trivial work from the more technical areas, to the people merely doing the PC deployment. I guess the thing about writing stuff like this, though, is that it's pretty bespoke, and demands a reasonable amount of HTML / ADSI scripting knowledge. Neil ________________________________________________________ NOTICE The information in this email and or any of the attachments may contain; a. Confidential information of Credit Union Services Corporation (Australia) Limited (CUSCAL) or third parties; and or b. Legally privileged information of CUSCAL or third parties; and or c. Copyright material of CUSCAL or third parties. If you are not an authorised recipient of this email, please contact CUSCAL immediately by return email or by telephone on 61-2-8299 9000 and delete the email from your system. We do not accept any liability in connection with computer virus, data corruption, interruption or any damage generally as a result of transmission of this email. ******************************************************** This Weeks Sponsor StressedPuppy.com Games Feeling stressed out? Check out our games to relieve your stress. http://www.StressedPuppy.com ******************************************************** To Unsubscribe, set digest or vacation mode or view archives use the below link. http://thethin.net/win2000list.cfm