Solved

How to move system in AD to another group with GPO

Posted on 2016-09-23
2
77 Views
Last Modified: 2016-10-03
I have systems that I need to have move to a group when they join the domain based on the system name format.  

so if a systems name begins with pc- I need to be able to have them automatically moved to a group when they are added to the domain.

thanks
0
Comment
Question by:rdefino
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 14

Expert Comment

by:Schnell Solutions
ID: 41812581
The most that AD can do natively is to put all new systems in a specified OU. By default it is the 'Computer' container, and you can change it to something else. However, you want to modify the group membership according to the system name used to join the computer.

One way to achieve it is to create a manual script that reads the computers that are located in the OU/Container of new PCs and then this scripts read the names there and according to the name it changes the system membership and move the computer somewhere else (it will avoid further processing of the same system). Then you can configure that script to run on a regular basis.
0
 
LVL 6

Accepted Solution

by:
sAMAccountName earned 500 total points
ID: 41812623
If you are grouping clients based on what role they play (i.e. workstation vs server), Its more reliable to use the "OperatingSystemVersion" property on the object:
PS C:\> (get-adcomputer servername -Properties OperatingSystemVersion).OperatingSystemVersion
6.3 (9600)

Open in new window


I wouldnt rely on a naming convention.  As stated above, the way to solve this is through a task/job which queries the default computers container or some other target (i.e. domain root) for computers which arent in your wanted groups and add them to the right one based on OS version.

Ive done almost identical work at a few different places to good effect.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Here's a look at newsworthy articles and community happenings during the last month.
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question