Sign in
 
HomeLibraryWikiLearnGalleryDownloadsSupportForumsBlogs
Resources for IT Professionals >
Computer Description in AD through MDT

Answered Computer Description in AD through MDT

  • Tuesday, October 04, 2011 6:48 AM
     
     
    Sign In to Vote
    0

    Hi

     

    I would need to set the computer description in AD during my deployment. below is the script which i have written and im not sure where it is failing but was not able to set the description during the deployment. i dont have a webservice installed and running on my environment and would need to without that. kindly confirm how do i perform withoout a webservice

    i have also made the changes on the Deploywiz_Definiton_ENU.XML for entering the description.

     

    <job id="ZTISetComputerDescriptionInAD">
    <script language="VBScript" src="ZTIUtility.vbs"/>
    <script language="VBScript">

    Option Explicit

    Dim WshShell
    Dim objConnection, objCommand, objRecordSet, strDN, objComputer, desc, message
    Dim strComputerName, strSite, domainController
    Const ADS_SCOPE_SUBTREE = 2

    strComputerName = oEnvironment.Item("OSDComputerName")
    strSite = oEnvironment.Item("destSite")
    domainController = oEnvironment.Item("nearDom")


    Set objConnection = CreateObject("ADODB.Connection")
    Set objCommand =  CreateObject("ADODB.Command")
    objConnection.Provider = "ADsDSOObject"
    objConnection.Open "Active Directory Provider"
    Set objCommand.ActiveConnection = objConnection

    objCommand.Properties("Page Size") = 1000
    objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE


    Set WshShell = WScript.CreateObject("Wscript.Shell")
    If oEnvironment.Item("ComputerDescription") = "" Then

     oLogging.CreateEntry "No Computer Description set...", LogTypeWarning
    Else
     oLogging.CreateEntry "Computer Description variable set to: " & oEnvironment.Item("ComputerDescription"), LogTypeInfo
     Set dso = GetObject("LDAP:")
     Set oGroup = dso.OpenDSObject("LDAP://" & domainController & "/" & oEnvironment.Item("sourceSite"), oEnvironment.Item("DomainAdminDomain") & "\" & oEnvironment.Item("DomainAdmin"), oEnvironment.Item("DomainAdminPassword"), ADS_SECURE_AUTHENTICATION + ADS_SERVER_BIND + ADS_FAST_BIND )
     oGroup.Put "description", oEnvironment.Item("ComputerDescription")
     oGroup.Setinfo

     If Err Then
      oLogging.CreateEntry "GetObject Error: " & Err.Number & ") (Error Description: " & Err.Description & ").", LogTypeError
      oLogging.CreateEntry "Could not update object, most likley due to missing permissions in Active Directory. Configure this action to run as a user with permissions to update computer accounts in Active Directory (select to Load the users profile).", LogTypeError
     End If


    End If

     

     

     

    </script>
    </job>

     

All Replies

  • Tuesday, October 04, 2011 12:44 PM
     
      Has Code
    Sign In to Vote
    0

    Here is code posted by Johan do to the same thing.  We could certainly troubleshoot your script and possibly see if there are errors, but I can tell you for sure that this code does work flawlessly in my environment and should work for you. It looks slightly different than the code you had included.  Posted my task sequence step as well.

    <job id="ZTISetComputerDescriptionInAD">
<script language="VBScript" src="ZTIUtility.vbs"/>
<script language="VBScript">

'//////////////////////////////////////////////////
'//
'// Script File:
'//
'//   ZTISetComputerDescriptionInAD.wsf
'//
'//   This script sets the computer description value 
'//   on the computer object in Active Directory
'//
'//   Author: Johan Arwidmark	
'//   URL: http://www.deployvista.com
'//
'//   Disclaimer
'//   This script is provided "AS IS" without express 
'//   or implied warranty of any kind
'//
'//////////////////////////////////////////////////

If oEnvironment.Item("ComputerDescription") = "" Then

	oLogging.CreateEntry "No Computer Description set...", LogTypeWarning

Else

	oLogging.CreateEntry "Computer Description variable set to: " & oEnvironment.Item("ComputerDescription"), LogTypeInfo

	' Get Computer Information

	Dim oADSystemInfo
	Dim oComputer

	Set oADSystemInfo = CreateObject("ADSystemInfo") 

	oLogging.CreateEntry "Distinguished computer name is: " & oADSystemInfo.ComputerName, LogTypeInfo

	' Set Computer Description
	On Error Resume Next 

	Set oComputer = GetObject("LDAP://" & oADSystemInfo.ComputerName)
	oComputer.put "description", oEnvironment.Item("ComputerDescription")
	oComputer.Setinfo
	If Err Then
		oLogging.CreateEntry "GetObject Error: " & Err.Number & ") (Error Description: " & Err.Description & ").", LogTypeError
		oLogging.CreateEntry "Could not update object, most likley due to missing permissions in Active Directory. Configure this action to run as a user with permissions to update computer accounts in Active Directory (select to Load the users profile).", LogTypeError
	End If

End If

</script>
</job>

     


    • Edited by David Matan Tuesday, October 04, 2011 12:52 PM edit
    •  
     
  • Wednesday, October 05, 2011 4:57 AM
     
     
    Sign In to Vote
    0

    David,

    i have seen this and dont want to use coz the i would need to select run this step as the following accont and load user profile. hence i wrote the another script.

     
  • Thursday, October 13, 2011 12:16 AM
     
     
    Sign In to Vote
    0

    David,

    How do you prompt for the variable ComputerDescription? Would I edit the file Deploywiz_Definiton_ENU.XML to prompt for it?

    Thanks

     
  • Thursday, October 13, 2011 12:30 AM
     
     
    Sign In to Vote
    0

    Yup, that's it exactly as shown here:

    http://www.deployvista.com/Default.aspx?tabid=78&EntryID=146

    Conversely, you could set it through a task sequence step.

     
  • Thursday, October 13, 2011 7:56 PM
     
     
    Sign In to Vote
    0

    I'm confused.  you say you don't want to specify what account to use and load the profile, then how do you think it will be able to connect to the directory and modify an attribute on the object?  You have to specify the credentials to use that have rights to modify the object.  If you don't want to do that, you need to specify the credentials in the script and use OpenDSObject that allows you to pass the credentials.

    The system is logged in under the local administrator account while the task sequence is running, so either way you have to tell it "who" to perform these commands as.

    A web service gets around this because it is running under the credentials of the application pool in IIS.

     
  • Thursday, November 03, 2011 11:26 AM
     
     
    Sign In to Vote
    0

    Hi

     

    Aplogies for the delay in response. below is the script which i have written to establish the session with LDAP and the make the changes in the AD

    <job id="ZTISetComputerDescriptionInAD">
    <script language="VBScript" src="ZTIUtility.vbs"/>
    <script language="VBScript">

    Option Explicit

    Dim WshShell
    Dim objConnection, objCommand, objRecordSet, strDN, objComputer, desc, message
    Dim strComputerName, strSite, domainController
    Const ADS_SCOPE_SUBTREE = 2

     Const ADS_SECURE_AUTHENTICATION = 1
     Const ADS_USE_SEALING = 64 '0x40
     Const ADS_USE_SIGNING = 128 '0x80

    strComputerName = oEnvironment.Item("OSDComputerName")
    strSite = oEnvironment.Item("destSite")
    domainController = oEnvironment.Item("nearDom")


    Set objConnection = CreateObject("ADODB.Connection")
    Set objCommand =  CreateObject("ADODB.Command")
    objConnection.Provider = "ADsDSOObject"
    objConnection.Open "Active Directory Provider"
    Set objCommand.ActiveConnection = objConnection

    objCommand.Properties("Page Size") = 1000
    objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE


    Set WshShell = WScript.CreateObject("Wscript.Shell")
    If oEnvironment.Item("ComputerDescription") = "" Then

     oLogging.CreateEntry "No Computer Description set...", LogTypeWarning
    Else
     oLogging.CreateEntry "Computer Description variable set to: " & oEnvironment.Item("ComputerDescription"), LogTypeInfo
     Set dso = GetObject("LDAP:")
     Set oGroup = dso.OpenDSObject("LDAP://" & domainController & "/" & oEnvironment.Item("sourceSite"), oEnvironment.Item("DomainAdminDomain") & "\" & oEnvironment.Item("DomainAdmin"), oEnvironment.Item("DomainAdminPassword"), ADS_SECURE_AUTHENTICATION + ADS_SERVER_BIND + ADS_FAST_BIND )
     oGroup.Put "description", oEnvironment.Item("ComputerDescription")
     oGroup.Setinfo

     If Err Then
      oLogging.CreateEntry "GetObject Error: " & Err.Number & ") (Error Description: " & Err.Description & ").", LogTypeError
      oLogging.CreateEntry "Could not update object, most likley due to missing permissions in Active Directory. Configure this action to run as a user with permissions to update computer accounts in Active Directory (select to Load the users profile).", LogTypeError
     End If


    End If

     </script>
    </job>

     

    destisite,sourcesite, neardom are the variables which i have set on the CS.ini. the script is not showing anyerrors and not able to wrte the information now. can someone help

     
  • Thursday, November 03, 2011 1:29 PM
     
     
    Sign In to Vote
    0

    I have a simular script. How does the Ldap query look like?

    My script have this line of code

    Dim oComputer: Set oComputer = oDSObj.OpenDSObject("LDAP://" & sGCServer & "/" & sAdsPath, sUsername, sPassword, 1)
    oComputer.put"Description", sNewDescriptionAD
    oComputer.SetInfo

    sGCServer and sAdsPath is resolved to this.
    LDAP://rootDC.domain.com/CN=MyComputer,OU=Workstations,OU=Computers,OU=Office,OU=EMEA,DC=domain,DC=com

     

    I would guess you need to change the lpad query to

    Set oGroup = dso.OpenDSObject("LDAP://" & domainController & "/CN=" & oEnvironment.Item("OSDComputername") & "/" & oEnvironment.Item("sourceSite"), oEnvironment.Item("DomainAdminDomain") & "\" & oEnvironment.Item("DomainAdmin"), oEnvironment.Item("DomainAdminPassword"), ADS_SECURE_AUTHENTICATION + ADS_SERVER_BIND + ADS_FAST_BIND )


     
  • Friday, November 04, 2011 6:48 AM
     
     
    Sign In to Vote
    0

    Hi

     

    I changed the Script as per your commands and added a new TS during the deployment on the State restore and getting an error during the deployment. Let me know which logs are requried and i will share the same.

     
  • Friday, November 04, 2011 7:00 AM
     
     
    Sign In to Vote
    0

    on the TS i have selected Run command Line with the Command cscript.exe "%SCRIPTROOT%\z-ComputerDes.wsf and below is the error i get

    Failed to run the action: Computer Description

    Incorrect function.(Error 00000001;Source:Windows)

     

     
  • Tuesday, November 08, 2011 4:22 PM
     
     Answered
    Sign In to Vote
    0

    Hi

     

    i have written a new script which checks where the computer object is available on the AD and establsh an LDAP session wiuth tht and then iploaded the information on the AD.

    • Marked As Answer by Ranganathan S Wednesday, November 30, 2011 10:06 AM
    •  
     
  • Thursday, August 16, 2012 4:51 PM
     
     
    Sign In to Vote
    0

    Do you know if there is anyway to set the ComputerDescription variable without having MDT prompt, or to have to create a computer object in the MDT database for it to pull the info from?

    Can i just set a TS variable in the TS just before the script runs so it puts the value of that step into the description?