How do I use VB script to rename a machine already joined to domain after sysprep

Hello scripting experts....

Here is my scenario of what I have so far:
1. I have a script that will rename a Windows 7 machine *after* it has gotten a random name using a sysprep.xml file and joined the domain.
2. Upon reboot the machine runs scripts from this location:  c:\Windows\Setup\scripts   (a setupcomplete.cmd script in this folder calls the script below to run)

The script below accomplishes this with no problems.  Though I am wondering if it is possible for this to be directed to hit our Primary Domain controller as opposed to a DC that might be in the building where the machine being *renamed* is located.  We have a multi-site AD domain and don't want to cause replication problems by part of a script hitting one DC and another part of the script "accidentally" hitting a different DC.


Explanation of my dilemma - After a machine has to be reimaged due to hardware failure, etc... with XP we can name a machine (the same name of a pre-existing AD member machine) upon booting into "mini-setup".

THOUGH, with Windows 7, sysprep doesn't allow you to name a machine at this point in time.  So I want to "rename" the machine upon reboot after setup is complete.   THOUGH, AD does not like it when trying to name a machine to the name of a machine that *already* exists.  

The script below allows me to rename a machine, though I want to be able to script "deleting" a machine from AD if/when it already exists so that I can then proceed to rename the machine from this script.  Can this script hit the same DC each time in a separate site????


This script is here as it currently stands:

Const JOIN_DOMAIN = 1
Const ACCT_CREATE = 2
Const ACCT_DELETE = 4
Const WIN9X_UPGRADE = 16
Const DOMAIN_JOIN_IF_JOINED = 32
Const JOIN_UNSECURE = 64
Const MACHINE_PASSWORD_PASSED = 128
Const DEFERRED_SPN_SET = 256
Const INSTALL_INVOCATION = 262144
Name = InputBox("Enter asset tag number:", "Identify Computer") Username = InputBox("Username:","Enter account with rights to the computer account,in format domainname\username") Password = InputBox("Pasword:", "Enter password") strComputer = "."
Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") Set colComputers = objWMIService.ExecQuery("Select * from Win32_ComputerSystem") For Each objComputer in colComputers err = objComputer.Rename(Name, Password, Username) If Err.Number = 0 Then WScript.Echo "Successfully renamed computer to " & name & "!"
WScript.Echo "System will now restart for change to take effect!"
Call Restart
Else
WScript.Echo "An error occurred renaming the computer!"
WScript.Echo "Error Number: " & Err.Number WScript.Echo "Error" & Err.Description End If Next Sub Restart Dim wshShell Set wshShell = CreateObject("WScript.Shell") wshShell.Run "%WINDIR%\System32\shutdown.exe /r /t 0 /f /d p:2:4", 0 End Sub


Any help is appreciated!
Thanks,
Dan
dan_chAsked:
Who is Participating?
 
RunningGagCommented:
If you are part of the domain, and you are logged in as someone with credentials sufficient to remove the object from the domain, there should be no problem combining the scripts.  You just have to call the deletion before renaming the computer.

Like so:
DeleteObject

Const JOIN_DOMAIN = 1
Const ACCT_CREATE = 2
Const ACCT_DELETE = 4
Const WIN9X_UPGRADE = 16
Const DOMAIN_JOIN_IF_JOINED = 32
Const JOIN_UNSECURE = 64
Const MACHINE_PASSWORD_PASSED = 128
Const DEFERRED_SPN_SET = 256
Const INSTALL_INVOCATION = 262144

Name = InputBox("Enter asset tag number:", "Identify Computer") 
Username = InputBox("Username:","Enter account with rights to the computer account,in format domainname\username") 
Password = InputBox("Pasword:", "Enter password") strComputer = "."

Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") 
Set colComputers = objWMIService.ExecQuery("Select * from Win32_ComputerSystem") 

For Each objComputer in colComputers err = objComputer.Rename(Name, Password, Username) 
	If Err.Number = 0 Then 
		WScript.Echo "Successfully renamed computer to " & name & "!"
		WScript.Echo "System will now restart for change to take effect!"
		Call Restart
	Else
		WScript.Echo "An error occurred renaming the computer!"
		WScript.Echo "Error Number: " & Err.Number WScript.Echo "Error" & Err.Description 
	End If 
Next 

Wscript.Exit



'------------
' Subs
'------------

Sub Restart 
	Dim wshShell 
	Set wshShell = CreateObject("WScript.Shell") 
	wshShell.Run "%WINDIR%\System32\shutdown.exe /r /t 0 /f /d p:2:4", 0 
End Sub



Sub DeleteObject
	Const ADS_SCOPE_SUBTREE = 2

	strComputer = InputBox("Please enter the computer name:", "Delete Computer Account")

	If strComputer = "" Then
		Wscript.Quit
	End If

	Set objConnection = CreateObject("ADODB.Connection")
	Set objCommand =   CreateObject("ADODB.Command")
	objConnection.Provider = "ADsDSOObject"
	objConnection.Open "Active Directory Provider"

	Set objCommand.ActiveConnection = objConnection
	objCommand.CommandText = "Select ADsPath From " & _
		"'LDAP://DC=fabrikam,DC=com' Where objectClass='computer'" & _
			" and Name = '" & strComputer & "'"  
	objCommand.Properties("Page Size") = 1000
	objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 
	Set objRecordSet = objCommand.Execute
	objRecordSet.MoveFirst

	Do Until objRecordSet.EOF
		Set objComputer = GetObject(objRecordSet.Fields("ADsPath").Value)
		objComputer.DeleteObject (0)
		objRecordSet.MoveNext
	Loop
End Sub

Open in new window

0
 
RunningGagCommented:
Maybe this will help:

In some cases it might be necessary to include a server name in the LDAP binding string. Usually, this is to refer to the copy of the object on a particular Domain Controller. However, it sometimes is necessary on NT or Win9x clients where DSClient has not been installed. In the example above, we bind to the copy of the "cn= Joe" object that is on the domain controller "MySvr".

Set objUser = GetObject("LDAP://MySvr/cn=Joe,cn=users,dc=MyDom,dc=com")

The server name can also be specified as a DNS host name. For example, the above could be:

Set objUser = GetObject("LDAP://MySvr.MyDom.com/cn=Joe,cn=users,dc=MyDom,dc=com")

The binding strings described so far have been in "Little-Endian" form. This is by far the most common. However, there is also a "Big-Endian" form, with elements in the binding string reversed and separated by slashes instead of commas:

Set objUser = GetObject("LDAP://MyDC/dc=com/dc=MyDom/OU=Sales/cn=Test3")


http://www.rlmueller.net/LDAP_Binding.htm
0
 
dan_chAuthor Commented:
Hello,

Would I integrate one of those statements into this??

Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") Set colComputers = objWMIService.ExecQuery("Select * from Win32_ComputerSystem")
0
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

 
RunningGagCommented:
No, this would be used with your script when deleting the old object from the DC.  When you are changing the name on the computer, you are doing that locally.  

I don't know if there is a way to tell the computer to interact with a certain DC when it updates.  I would doubt it though.  But at least this shows you how to specify the primary DC to delete the old object.

Also, I've attached the code to perform the deletion:

http://blogs.technet.com/heyscriptingguy/archive/2005/01/05/how-can-i-prompt-a-user-to-delete-or-not-delete-a-computer-account.aspx
Set objComputer = GetObject _
    ("LDAP://CN=atl-ws-01, CN=Computers, DC=fabrikam, DC=com")
objComputer.DeleteObject (0)

Open in new window

0
 
dan_chAuthor Commented:
In that code, is there a way to make it search other OU's?  With this script I would have to manually enter the computer name, and change the path to the correct OU for each machine.  We have machines in different OUs and changing this each time could be problematic, especially for our interns.
0
 
dan_chAuthor Commented:
I just got this link and it works a little more like what I'm looking for.

http://blogs.technet.com/heyscriptingguy/archive/2007/06/28/how-can-i-prompt-for-a-computer-name-and-then-delete-that-computer-account-from-active-directory.aspx

It will prompt for a computer name and then search through AD for that machine name and delete it.  Do you think there is a way to tie the script in this link together with my script from above?  Delete the machine 1st, and THEN rename it?  What do you think?  Sorry, I am pretty much a newbie when it comes to VBscript.
0
 
RunningGagCommented:
Just so we're clear, the computer is a member of the domain when you are deleting the old object and renaming the new one.  Correct?
0
 
dan_chAuthor Commented:
Yes that is correct.  in the Windows 7 setup process, the machine is randomly named (hence the problem) and then it is joined to the domain.  When a machine is new and has never been joined to the domain, renaming a machine is not an issue.  Where it becomes an issue is when a machine must be re-imaged for the sake of a failed hard drive or some software issue.  In this case, the desired machine name is already in Active Directory.  So once again, Windows 7 will NOT prompt for a username (a known bug being worked on by Microsoft), so I have it randomly assigning a name.  So, the script I have at the top of this thread, prompts for a rename of the machine, then reboots and all is good.  Once again, except for the fact that AD doesn't like it when you try to rename a machine to the name of a machine that ALREADY exists.

Does this make sense?  Sorry to be so long winded.
Thanks,
0
 
dan_chAuthor Commented:
So this script above will call the deletion first?  I guess I don't understand it since the rename script is shown first.
0
 
RunningGagCommented:
Yes.  At the top of the script, the DeleteObject sub is called.  Once it finishes running that sub it will move on to the rest of the script.
0
 
dan_chAuthor Commented:
So the "process" will somehow know that the machine account has *actually* been deleted before it proceeds?  If that is the case, that is pretty cool.  
0
 
RunningGagCommented:
I don't see anything specifically checking that the object is deleted but it'll execute the commands in the order that they're given.

Remember to change line 63 to include your domain information.
0
 
dan_chAuthor Commented:
We have decided that we will actually delete the machine from AD before re-imaging a machine if necessary and then the script will run to "rename" it after it has booted.  Thanks for your help and I will keep your information in mind for future reference if necessary.
0
 
apsbhelpdeskCommented:
Why not have it reset the computer account instead of deleting and creating again?
Just my .02 worth of input.
0
 
dan_chAuthor Commented:
Hello,

How do you "reset" a computer account in AD?  
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.