Solved

Need a script to find computers missing the UUID in AD

Posted on 2014-10-31
10
323 Views
Last Modified: 2014-11-01
I use the following script to add UUID's to AD for use in Windows Deployment Services (WDS)


for /f %%I IN (
'psexec  \\^%1 cmd /c "echo csproduct get UUID|wmic.exe" ^| ^
findstr /r ........-....-....-....-............ '
) do wdsutil /set-device /device:%1 /id /JoinDomain:Yes /Domain:<DOMAIN NAME>

I have added hundreds of computers to the WDS server with this method.  I now need to find and export to a txt file all the computers in an AD OU that are missing the UUID.

Your help in this matter is appreciated.
0
Comment
Question by:mrfite
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40415782
This should get what your looking for.

$computers = Get-ADComputer -Filter * | % {
Get-WMIObject -ComputerName $_ -Class Win32_ComputerSystemProduct | Select @{Name="ComputerName";Expression={"$_"}},UUID | Where {$_.UUID -eq $Null -OR $_.UUID -eq ""} | Out-File C:\UUIDMissingReport.txt -append
}

Open in new window

0
 

Author Comment

by:mrfite
ID: 40415844
I created a batch file and ran it.  It says that $computers is not recognized as an internal or external command.  Also, how do I target a specific OU on the domain?
0
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40415851
this is a powershell command, sorry. I didnt specify that
0
 

Author Comment

by:mrfite
ID: 40415966
I ran this as a powershell script and the file that is created is blank.  

Also, how do I specify the Domain and the OU in the domain to scan?
0
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40416019
if the file is blank then you may not have any blank UUID's. To get all of them you can run this.

$computers = Get-ADComputer -Filter * -server "domain.com" -SearchBase "CN=Computers,DC=DOMAIN,DC=COM" | % {
Get-WMIObject -ComputerName $_ -Class Win32_ComputerSystemProduct | Select @{Name="ComputerName";Expression={"$_"}},UUID } | Out-File C:\UUIDReport.txt -append
}

Open in new window

0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 
LVL 39

Accepted Solution

by:
footech earned 500 total points
ID: 40416039
I think what you're looking for is computer accounts that don't have the NetBootGUID set.
Get-ADComputer -Filter {netbootguid -notlike "*"} -SearchBase "ou=someou,dc=domain,dc=com" | Select Name | Out-File results.txt

Open in new window

0
 

Author Closing Comment

by:mrfite
ID: 40416093
Great this method is exactly what I was looking for.  Thank both of you for your quick support in this matter.  I am still a powershell novice but I am learning.
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 40416147
footech has it I think, the NetBootGUID...

Interesting way of setting it originally, I plumped for a different approach - it also works with the MAC address in that field for WDS which you can soon get from ARP table, WMI or from log files created during PC startup. in that case set using script for new pC's and rebuilding ones checks if ID in AD, moves to new correct OU and sets the ID from Mac address.

BTW you should be able to do it without PSEXEC too, e.g.

@echo off
for /f "skip=1" %%a in ('WMIC /namespace:%1 CSPRODUCT GET UUID') do (
  echo %%a is now your ID to use with WDSutil etc.
)
0
 

Author Comment

by:mrfite
ID: 40416913
Thanks for the additional method Steve Knight,

I did try your script and I am getting "Invalid Global switch"
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 40416952
Odd, you did pass a pc name still? Anyway never mind you are already ok.

WMIC /namespace:otherpcbame CSPRODUCT GET UUID

That should work though.

Steve
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to sign a powershell script so you can prevent tampering, and only allow users to run authorised Powershell scripts
This article will help you understand what HashTables are and how to use them in PowerShell.
Delivering innovative fully-managed cloud services for mission-critical applications requires expertise in multiple areas plus vision and commitment. Meet a few of the people behind the quality services of Concerto.
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now