Scripting - Add computer to AD group

All replies

• 

  

  0

  Sign in to vote

  Just match the IP mask and add to the group.  WHat is the difficulty in that.  SHow us you script and explain what is not working or what the error is.

  If you are asking how to compar IP string then use this.

  You are comparing the first two octets so:

  $testIP='192.168'
  $testIP2='171.12'

  if($ip1.split('.')[0] -eq $testIP1.Split('.')[0]){
      # they compare

  And so on.,

  ---

  ¯\_(ツ)_/¯

  Thursday, May 30, 2013 10:51 AM
• 

  

  0

  Sign in to vote

  Thanks for your reply , But i am fairly new to scripting - hence asking what language would do the job easily - VBscript of Powershell .(I havent actually started creating this) - Just want to find out if anyone has got a similar script already created. 

  Thursday, May 30, 2013 11:02 AM
• 

  

  0

  Sign in to vote

  Thanks for your reply , But i am fairly new to scripting - hence asking what language would do the job easily - VBscript of Powershell .(I havent actually started creating this) - Just want to find out if anyone has got a similar script already created. 

  I doubt it. Most admins would likely use site subnet definition instead of IP address.

  Scripts to add accounts to groups are in the script repository above.  Take your pick.

  ---

  ¯\_(ツ)_/¯

  Thursday, May 30, 2013 11:19 AM
• 

  

  0

  Sign in to vote

  In that case, what if i use Logon server name : Because i have two logon servers . 

  
  

  
  
  

  • Edited by Harry_Tech Thursday, May 30, 2013 11:25 AM

  Thursday, May 30, 2013 11:23 AM
• 

  

  0

  Sign in to vote

  Note also that we generally group computers by OU based on department.  We can then assign IP scopes based on department/location. 

  OU=department
      OU=location3
  OU=department2
       OU=locaation1
       OU=location2

  This allows us to do top down queries and report department by location.  AD Sites would then model by location/subnet and allow top down query by location.  The best of both worlds although it is not the only model.

  Subnets are defined by DHCP scope and should be tied to site definitions for consistency.  It also models the communications scenario more accurately

  By doing this we can easily build scripts that can manage the network and attach new machines.  A machines site is defined by the scope it DHCPs from.  A query can easily detect this and know which OU is represented.  This also aids in things like assigning printers and other resources.

  Always model the real world as closely as possible.  It has great benefits.

  ---

  ¯\_(ツ)_/¯

  Thursday, May 30, 2013 11:29 AM
• 

  

  0

  Sign in to vote

  In that case, what if i use Logon server name : Because i have two logon servers . 

  
  

  
  
  

  Why would that help?  You have no choice in logon server.t is first come first serve.  There is no assignment of logon server without a site definition.

  Are you trying to say you have two physical locations each with a DC and you have no site definitions?  I don't think so.

  ---

  ¯\_(ツ)_/¯

  Thursday, May 30, 2013 11:53 AM
• 

  

  0

  Sign in to vote

  In that case, what if i use Logon server name : Because i have two logon servers . 

  
  

  
  
  

  
  I do not understand how you can use 172.12.x.x.  That is not a private block.  It belongs t AT&T and is a public address segment. Why would you use a public segment inside of a Windows network.  This doesn't sound very secure.

  ---

  ¯\_(ツ)_/¯

  Thursday, May 30, 2013 11:58 AM
• 

  

  0

  Sign in to vote

  Hi,

  Just a suggestion, you might have better luck asking how to accomplish your goal (don't post any code, just ask) in the OSD subforum:

  http://social.technet.microsoft.com/Forums/en-US/configmanagerosd/threads

  • Proposed as answer by Bill_Stewart Thursday, May 30, 2013 2:09 PM
  • Marked as answer by IamMred Thursday, June 13, 2013 4:15 AM

  Thursday, May 30, 2013 12:43 PM
• 

  

  0

  Sign in to vote

  In that case, what if i use Logon server name : Because i have two logon servers . 

  
  

  
  
  

  Why would that help?  You have no choice in logon server.t is first come first serve.  There is no assignment of logon server without a site definition.

  Are you trying to say you have two physical locations each with a DC and you have no site definitions?  I don't think so.

  ---

  ¯\_(ツ)_/¯

  Thanks for your reply , Yea obviously i have a site defined, I have two physical sites just looking for an easy way out during OSD.

  Thursday, May 30, 2013 1:16 PM
• 

  

  0

  Sign in to vote

  In that case, what if i use Logon server name : Because i have two logon servers . 

  
  

  
  
  

  
  I do not understand how you can use 172.12.x.x.  That is not a private block.  It belongs t AT&T and is a public address segment. Why would you use a public segment inside of a Windows network.  This doesn't sound very secure.

  ---

  ¯\_(ツ)_/¯

  I am not using 172.12.x.x , this is just an example for my question. My internal network does not run on a Public address certainly  .

  Thursday, May 30, 2013 1:18 PM
• 

  

  0

  Sign in to vote

  Inaccurate information always makes these things harder.

  Since you know no sciprting I recommend you take Mike's suggestion and consider using standared deployment tools.

  Use you site to define the membership of the servers.  does not need them to be in a groups since they are grouped by site around the sites subnet assuming you defined the subnets correctly.

  Uisng edployment tools will focus your skills on something that will allow you to be more flexibel overall.  In the meantime start studying POwerSHell and AD.  Ther is a very good book on using PowerSHell with AD and covers much of this:
  http://www.sapien.com/books/Managing-Active-Directory

  ---

  ¯\_(ツ)_/¯

  Thursday, May 30, 2013 1:45 PM