Solved

How to make new computers a member of a specific AD computer group automatically...by GPO maybe?

Posted on 2006-10-31
4
205 Views
Last Modified: 2010-03-18
Hi,
I would like to make any new computer accounts added to a specific organizational unit a member of a specific AD computer group.  For example...if my technicians join a new computer to the domain, and then move the computer account to a particular departmental OU, I would like the computer account to be automatically enterred into the appropriate AD computer group.  I had thought that there would probably be a setting in group policy that would do this for me but can't seem to find one off hand.  Any thoughts on how to do this?  
Thank you in advance for your help.

Tidbits about the network:  workstations are W2k Pro and WinXP Pro...AD is server 2003

0
Comment
Question by:AFAIT
  • 2
4 Comments
 
LVL 9

Expert Comment

by:SamuraiCrow
ID: 17845629
You can do this with the netdom command.  The basic syntax looks like:

NETDOM JOIN <computer>/Domain:<domain> [/OU:<ou path>] [/UserD:<user>]

You could add this to a small batch file and have it prompt for passwords when it kicks off.  Read the following link for more details:
http://support.microsoft.com/kb/266651

Let me know if you would like assistance with the syntax
Crow

0
 
LVL 38

Accepted Solution

by:
Shift-3 earned 500 total points
ID: 17851954
You could set up a scheduled task to periodically run the vbscript below.

Save the text below the line in a file with a .vbs extension.  Customize the strComputerOU variable with the Distinguished Name of the OU the computers are in.  Customize the strTargetGroup variable with the Distinguished Name of the group you want to add the computers to.

I borrowed the code from these Microsoft articles:
http://www.microsoft.com/technet/scriptcenter/resources/qanda/sept04/hey0902.mspx
http://www.microsoft.com/technet/scriptcenter/resources/qanda/jan06/hey0123.mspx

____________________

On Error Resume Next

'Distinguished Name of the OU the computers are in
strComputerOU = "ou=Sales Department,dc=mydomain,dc=local"

'Distinguished Name of the group to add the computers to
strTargetGroup = "cn=Sales Group,cn=Users,dc=mydomain,dc=local"

Set colItems = GetObject _
    ("LDAP://" & strComputerOU)

For Each objItem in colItems
    If objItem.Class = "computer" Then
      Set objGroup = GetObject ("LDAP://" & strTargetGroup)
    objGroup.Add(objItem.ADsPath)
    End If
Next
0
 

Author Comment

by:AFAIT
ID: 17857332
I am not so sure that I want my Helpdesk staff to be using the NETDOM command to join computers to the domain.  Regarding the vbscript...that might work...I will give it a shot and report back.  I was really hoping there would be a better way other than a script though...

I do thank you both for the feedback and let you know the result.  (I also need to take some time to read all three of the articles posted).
Thank you again.
0
 

Author Comment

by:AFAIT
ID: 17857502
Hey Shift-3,

That script worked fantastic!  I will use that.  Thank you both very much for your help.
...awarding points...
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question