BFanguy
asked on
Syncing AD computer description with local computer description
The following is running as a logon script in Group Policy.
This is the directory which clearly has the correct dlls in it.
I cannot figure out how I should place these dlls in order for this script to read it.
$path = "C:\Windows\System32\WindowsPowerShell\v1.0\Modules\ActiveDirectory"
#Check to see if ActiveDirectory Module already is installed
if (!(Test-Path $path)){
#Importing the Get-ADComputer function from ActiveDirectory Module
Import-Module \\ct01.uscortec.com\sysvol\CT01.uscortec.com\scripts\Spiceworks\ActiveDirectory\ActiveDirectory.psd1
$switch = $True
}
#Setting the local computer name to a variable
$ADCompName = $env:computername
#Querying Active Directory for the Description of the computer name matching the local computer
$ADDesc = Get-ADComputer -Identity "$ADCompName" -Property Description| Select-Object -ExpandProperty Description
#Grabbing the OS object for access to local PC properties
$CompDesc = Get-WmiObject -Class Win32_OperatingSystem -ComputerName "$ADCompName"
#Setting the local PC description to the current AD description
$CompDesc.Description = "$ADDesc"
#Doing the changes
$CompDesc.Put()
When this script launches on some machines (not all) I get this error.This is the directory which clearly has the correct dlls in it.
I cannot figure out how I should place these dlls in order for this script to read it.
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
That can be done in just a few lines without the AD module:
It would be better to deploy this as a computer startup script.
$adComputer = [ADSI]"WinNT://$((Get-WmiObject -Class Win32_ComputerSystem).Domain)/$($env:ComputerName)`$"
$os = Get-WmiObject -Class Win32_OperatingSystem
$os.Description = "$($adComputer.Description)"
# Doing the changes
[void]$os.Put()
What worries me a bit, though, is that you're using this as a logon script? This means that your users require local administrator permissions; a regular user doesn't have write permissions there.It would be better to deploy this as a computer startup script.
What worries me a bit, though, is that you're using this as a logon script? This means that your users require local administrator permissions; a regular user doesn't have write permissions there.
It would be better to deploy this as a computer startup script.
Which is most likely the problem to begin with, that where the script do not work, these users do not have local admin rights, or read/write permission to the folder in question
ASKER