Solved

Automatically Join Computers in an OU to a security group

Posted on 2013-01-11
9
1,998 Views
Last Modified: 2013-01-14
Hello, in our domain we have multiple offices across the country. Each of these offices has it own OU, eg London, Manchester, Liverpool etc.

Each Citys OU contains child OUs for objects eg Users, Laptops, Desktops, Security Groups, Distribution Groups etc

I have a security group that is for the whole of the domain, what I want to do is automatically make any laptop in every city City a member of the security group.

Is there a way to do this? I would mind a powershell script running every so often. ut it would be nice to be able to put in some sort of policy that forces a member of an OU into a group.
0
Comment
Question by:infradatel
  • 4
  • 3
  • 2
9 Comments
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 38767434
Try this:

Get-QADComputer -SearchRoot "OU=NAMEOF OU,OU=NAMEOFCITYOU,DC=Test,DC=local" | Add-QADGroupMember "TEST\GROUPNAME"

You will need to specify the search root to each laptop OU. You will also need the Quest AD CMDLets.

http://www.quest.com/powershell/activeroles-server.aspx
0
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 38767435
Set it up as a scheduled task and you are good to go!
0
 

Author Comment

by:infradatel
ID: 38767565
Is there a way to do this without installing the Quest Modules?
0
 
LVL 22

Accepted Solution

by:
Joseph Moody earned 400 total points
ID: 38767583
Yes - if you have a 2008 R2 web services, you can use the AD builtin powershell cmdlets.

Just replace qad- with ad-

The Quest Modules are very nice though and super simple! You just need them on a workstation.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:infradatel
ID: 38767593
Ok thanks will go e it a try now I have a server with web services on
0
 
LVL 53

Assisted Solution

by:McKnife
McKnife earned 100 total points
ID: 38768234
Hi.

Have a look at the concept of shadow groups. http://www.youtube.com/watch?v=HMixa01i78g In the descriptive text, a script is linked.
0
 

Author Closing Comment

by:infradatel
ID: 38774065
With the help of both of you I have managed to get this working as required, using shadow groups I have even managed to get it to automate deletion of computers removed from the OU. THanks Guys.
0
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 38774096
Awesome!

If you can, post your script. Others may find it useful!
0
 
LVL 53

Expert Comment

by:McKnife
ID: 38775292
Could you do all you wanted using shadow groups?
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now