locked
How to create Active Directory OU Structure in SCCM with populated computer objects RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

    I have tried to run a couple of powershell scripts to obtain the AD structure and replicate it in SCCM as collections and populate the created collections with computers objects, but I cannot get it to work, for example this:


    param(
    [string]$searchbase,

    [string]$append,
    [string]$LimitingCollection = 'All Desktop and Server Clients',
    [string]$SearchScope = 'Subtree',
    [string]$RefreshType = 'Manual'
    )
    $OUS = Get-ADOrganizationalUnit -searchbase $searchbase -SearchScope $SearchScope -Filter * -Properties canonicalname
    foreach ($OU in $OUS)
     {
        $Name=$OU.Name
        $Canonical=$OU.CanonicalName
        New-CMDeviceCollection -Name "$Name $append" -LimitingCollectionName $LimitingCollection -RefreshType $RefreshType
        Add-CMDeviceCollectionQueryMembershipRule -CollectionName "$Name $append" -QueryExpression "select SMS_R_SYSTEM.ResourceID, SMS_R_SYSTEM.ResourceType,
        SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where SMS_R_System.SystemOUName
       = '$Canonical'" -RuleName "$Name $append OU"
     }


    D:\Support\SCCM_Powershell_Scripts\New-OUBasedDeviceCollection.ps1 -searchbase "OU=first OU,DC=my,DC=lab,Dc=com@ -append CBMigration

    When I do, I get this error

    Get-ADOrganizationalUnit : A referral was returned from the server
    At D:\Support\SCCM_Powershell_Scripts\New-OUBasedDeviceCollection.ps1:33 char:8
    + $OUS = Get-ADOrganizationalUnit -searchbase $searchbase -SearchScope $SearchScop ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : ResourceUnavailable: (:) [Get-ADOrganizationalUnit], ADReferralException
        + FullyQualifiedErrorId : ActiveDirectoryServer:8235,Microsoft.ActiveDirectory.Management.Commands.GetADOrganizati
       onalUnit

    I'm not that great with PowerShell and wondered if I could get some advice, cheers

    many thanks

    Tuesday, July 11, 2017 10:38 AM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi, the script from cm12sdk.net works fine in my lab.

    We have to change the site code and the StartOU name in both the script body and the command we run in PowerShell:

    Please have a try and you may save some time.

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Proposed as answer by Frank Dong Thursday, August 10, 2017 4:07 PM
    • Marked as answer by MisterD101 Tuesday, September 26, 2017 10:14 AM
    Wednesday, July 12, 2017 5:34 AM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    what's the purpose of replicating the AD structure in SCCM? this would just create too much clutter in my opinion.

    fyi on cm12sdk.net there is an example on how to do it but only by creating folders in sccm: http://cm12sdk.net/?p=1371

    Tuesday, July 11, 2017 11:25 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

    Thank you for the response, I may have structured the working incorrectly, I would like the existing AD structure replicated using Powershell in our SCCM2012r2 multiple domain environment so that local IS teams can see the geographical areas and therefore the workstations they are responsible for, we are migrating over to CB1702 on a separate site on a single domain,therefore if they have the AD structure in 2012r2, they can use it to migrate the workstations they "own" by targeting an upgrade package from the 2012r2 site to correct AD OU.

    The Ad structure has multiple OU's and all OU's have subtrees, for example AD1-Workstations has a subtree of Non Admin Laptops, Admin Laptops,Desktops. It's too complicated in my opinion, but each to their own.

    I think that this way they will be able to manage the workstations effectively, I am trying to give them the responsibility to perform duties that may otherwise be performed by the global IT team.

    I did try the cm12sdk.net example, but I couldn't get it to work correctly

    many thanks

    Tuesday, July 11, 2017 1:30 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi, the script from cm12sdk.net works fine in my lab.

    We have to change the site code and the StartOU name in both the script body and the command we run in PowerShell:

    Please have a try and you may save some time.

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Proposed as answer by Frank Dong Thursday, August 10, 2017 4:07 PM
    • Marked as answer by MisterD101 Tuesday, September 26, 2017 10:14 AM
    Wednesday, July 12, 2017 5:34 AM