Solved

Automatically Join Computers in an OU to a security group

Posted on 2013-01-11
9
2,078 Views
Last Modified: 2013-01-14
Hello, in our domain we have multiple offices across the country. Each of these offices has it own OU, eg London, Manchester, Liverpool etc.

Each Citys OU contains child OUs for objects eg Users, Laptops, Desktops, Security Groups, Distribution Groups etc

I have a security group that is for the whole of the domain, what I want to do is automatically make any laptop in every city City a member of the security group.

Is there a way to do this? I would mind a powershell script running every so often. ut it would be nice to be able to put in some sort of policy that forces a member of an OU into a group.
0
Comment
Question by:infradatel
  • 4
  • 3
  • 2
9 Comments
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 38767434
Try this:

Get-QADComputer -SearchRoot "OU=NAMEOF OU,OU=NAMEOFCITYOU,DC=Test,DC=local" | Add-QADGroupMember "TEST\GROUPNAME"

You will need to specify the search root to each laptop OU. You will also need the Quest AD CMDLets.

http://www.quest.com/powershell/activeroles-server.aspx
0
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 38767435
Set it up as a scheduled task and you are good to go!
0
 

Author Comment

by:infradatel
ID: 38767565
Is there a way to do this without installing the Quest Modules?
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 
LVL 22

Accepted Solution

by:
Joseph Moody earned 400 total points
ID: 38767583
Yes - if you have a 2008 R2 web services, you can use the AD builtin powershell cmdlets.

Just replace qad- with ad-

The Quest Modules are very nice though and super simple! You just need them on a workstation.
0
 

Author Comment

by:infradatel
ID: 38767593
Ok thanks will go e it a try now I have a server with web services on
0
 
LVL 54

Assisted Solution

by:McKnife
McKnife earned 100 total points
ID: 38768234
Hi.

Have a look at the concept of shadow groups. http://www.youtube.com/watch?v=HMixa01i78g In the descriptive text, a script is linked.
0
 

Author Closing Comment

by:infradatel
ID: 38774065
With the help of both of you I have managed to get this working as required, using shadow groups I have even managed to get it to automate deletion of computers removed from the OU. THanks Guys.
0
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 38774096
Awesome!

If you can, post your script. Others may find it useful!
0
 
LVL 54

Expert Comment

by:McKnife
ID: 38775292
Could you do all you wanted using shadow groups?
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A safe way to clean winsxs folder from your windows server 2008 R2 editions
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question