none
computers of an ou to be a member of group automatically

    Question

  • HI

    I want to know how to add computers if a particular OU to particular Group Automatically


    Sai Siva Kumar

    Wednesday, August 21, 2013 5:18 AM

Answers

  • This is something you will have to put some energy in yourself or purchase (I believe Quest tools has such a product).  AD doesn't have a trigger feature similar to something such as SQL Server's database does.  You will have to write a script that runs nightly or more often that will inspect the members of the group against the memberss within the OU and update the group.

    I do have a script within the Blog listed below that will maintain group members based on site criteria, you could change this to meet your needs without to much effort.
    http://blogs.dirteam.com/blogs/paulbergson/archive/2010/09/22/rodc-password-replication-group-management.aspx


    --
    Paul Bergson
    MVP - Directory Services
    MCITP: Enterprise Administrator
    MCTS, MCT, MCSE, MCSA, Security+, BS CSci
    2008, Vista, 2003, 2000 (Early Achiever), NT4
    Twitter @pbbergs
    http://blogs.dirteam.com/blogs/paulbergson

    Please no e-mails, any questions should be posted in the NewsGroup. This posting is provided "AS IS" with no warranties, and confers no rights.

    Wednesday, August 21, 2013 11:50 AM
    Moderator

All replies

  • Hi,

    Please look here for similar thread.



    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    Wednesday, August 21, 2013 9:27 AM
  • Can anyone provide me the script to add computer to a group while performing domain join operation 

    Sai Siva Kumar

    Wednesday, August 21, 2013 11:44 AM
  • This is something you will have to put some energy in yourself or purchase (I believe Quest tools has such a product).  AD doesn't have a trigger feature similar to something such as SQL Server's database does.  You will have to write a script that runs nightly or more often that will inspect the members of the group against the memberss within the OU and update the group.

    I do have a script within the Blog listed below that will maintain group members based on site criteria, you could change this to meet your needs without to much effort.
    http://blogs.dirteam.com/blogs/paulbergson/archive/2010/09/22/rodc-password-replication-group-management.aspx


    --
    Paul Bergson
    MVP - Directory Services
    MCITP: Enterprise Administrator
    MCTS, MCT, MCSE, MCSA, Security+, BS CSci
    2008, Vista, 2003, 2000 (Early Achiever), NT4
    Twitter @pbbergs
    http://blogs.dirteam.com/blogs/paulbergson

    Please no e-mails, any questions should be posted in the NewsGroup. This posting is provided "AS IS" with no warranties, and confers no rights.

    Wednesday, August 21, 2013 11:50 AM
    Moderator
  • Here is an example – modify the object type and attribute based on your requirement. 

    http://portal.sivarajan.com/2011/03/updating-group-membership-dynamically.html

    you can schedule a job to look for new objects in the OU and update their group membership.  


    Santhosh Sivarajan | Houston, TX

    Windows 2012 Book - Migrating from 2008 to Windows Server 2012

    http://www.sivarajan.com/
    FaceBookTwitter LinkedIn SS Tech Forum
    This post is provided ASIS with no warran

    Wednesday, August 21, 2013 2:53 PM
  • Hello,

    You can try with Quest tools to add the computers to group.

    Get-QADComputer -SearchRoot "OU=computers,DC=Test,DC=net" | Add-QADGroupMember "domainnetbiosname\groupname"

    You need to specifiy the DN path according to your requirement.

    Required to import Quest modules to do so.
    http://www.quest.com/powershell/activeroles-server.aspx


    Devaraj G | Technical solution architect

    Wednesday, August 21, 2013 3:26 PM
  • By default all computers joined to the domain will go the Computers container, unless you pre-stage a computer object in a specific OU. You could modify this by changing the default path for computer objects using redircmp.exe (found in %SYSTEMROOT%\System32).

    For example: redircmp OU=win7,DC=company,DC=com

    This would change the default path to the Win7 OU, under the root of the domain.

    Also you can try other utility similar to quest like ME, Lepide, etc

    Thursday, August 22, 2013 9:55 AM
  • You can't use redircmp to move system to sub OU's like OU=computer,OU=desktop,dc=domain,dc=com. Script will be better option to add to the groups and OU & i would recommend to post this thread in a dedicated scripting forum. You can also search already prepared script in the technet gallery.

    http://gallery.technet.microsoft.com/scriptcenter/Auto-adding-computer-to-AD-6ffa96bb


    Awinish Vishwakarma - MVP

    My Blog: awinish.wordpress.com

    Disclaimer This posting is provided AS-IS with no warranties/guarantees and confers no rights.

    Friday, August 23, 2013 3:37 AM
    Moderator