How Can I Move a Computer From an Unknown OU into a Known OU?
Hey, Scripting Guy! How can I move a computer from an unknown OU into a known OU?
— DB
Hey, DB. You know, a lot of people take a look at system administration scripting and think, “Well, it might be useful, but it sounds kind of boring.” After all, clearing event logs and changing user passwords are worthwhile endeavors, but they don’t compare too favorably to Halo 2 or Age of Mythology.
Ah, but the scenario you painted sounds far more interesting. You have renegade computers wandering through unknown OUs. Your mission: track down those computers and somehow bring them into a known OU. Now we’re getting somewhere: even Starcraft 2 didn’t have a level like that!
Best of all, that would allow the Scripting Guys to ditch the name Script Center and re-christen the place the System Administration Cheat Codes Center. And then instead of doling out boring old scripts we could hand out really cool cheat codes, codes that help you win the game. You know, cheat codes like this:
On Error Resume NextConst ADS_SCOPE_SUBTREE = 2
objOU = GetObject(“LDAP://ou=Finance,dc=fabrikam,dc=com”)
Set objConnection = CreateObject(“ADODB.Connection”) Set objCommand = CreateObject(“ADODB.Command”) objConnection.Provider = “ADsDSOObject” objConnection.Open “Active Directory Provider” Set objCommand.ActiveConnection = objConnection
objCommand.Properties(“Page Size”) = 1000 objCommand.Properties(“Searchscope”) = ADS_SCOPE_SUBTREE
objCommand.CommandText = _ “SELECT ADsPath FROM ‘LDAP://dc=fabrikam,dc=com’ WHERE objectCategory=’computer’ ” & _ “AND Name=’atl-ws-01′” Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF strADsPath = objRecordSet.Fields(“ADsPath”).Value objOU.MoveHere strADsPath, vbNullString objRecordSet.MoveNext Loop
Much of this script – er, cheat code – deals with searching Active Directory. There’s a good reason for that: that’s the strategy we’re using in order to track down these computers, computers that could be in any OU. As you mentioned in your email, you know the computer name, you just don’t know the computer’s location in Active Directory. No problem: we’ll simply search for the computer with the specified name, retrieve the location (technically, the ADsPath) and go on from there.
Simple, right? But, then again, the best video games – like Centipede or the greatest video game of all, Burger Time – have always been simple.
We start out by creating a constant named ADS_SCOPE_SUBTREE and setting the value to 2; we’ll use that constant to tell the script that we want to search all of Active Directory, including all the OUs and sub-OUs. We then use this line of code to create an object reference to the Finance OU, the “known” OU where we want to move the computer:
objOU = GetObject(“LDAP://ou=Finance,dc=fabrikam,dc=com”)
Got that? Next we have a big block of code that configures and carries out our search. As usual, explaining all the whys and wherefores of an Active Directory search goes beyond what we can do in this little column; for more information, see our two-part Tales from the Script series Dude, Where’s My Printer? For now, we’ll just make note of the query we use in the search:
objCommand.CommandText = _
“SELECT ADsPath FROM ‘LDAP://dc=fabrikam,dc=com’ WHERE objectCategory=’computer’ ” & _
“AND Name=’atl-ws-01′”
As you can see, all we’re doing is retrieving the ADsPath for any computer (objectCategory = ‘computer’) that has the Name atl-ws-01. When we call the Execute method the script will search Active Directory and return a collection consisting of all the computers that have the specified Name. (Because Names must be unique, we’ll have – at most – one item in the collection.)
Good question: why are we retrieving the ADsPath attribute? Well, the ADsPath attribute is somewhat similar to a UNC path: it provides an exact “address” we can use to locate the object in question. For example, atl-ws-01 might have an ADsPath similar to this:
LDAP://cn=atl-ws-01,ou=Research,dc=fabrikam,dc=com
Remember when we said that this computer was in an unknown location? Well, not anymore: now we know exactly where it is, and how to get to it.
Of course, that just means that we’ve conquered Level 1; to win the game we still have complete Level 2 and move the computer to the Finance OU. To do that we use this block of code:
Do Until objRecordSet.EOF
strADsPath = objRecordSet.Fields(“ADsPath”).Value
objOU.MoveHere strADsPath, vbNullString
objRecordSet.MoveNext
Loop
What we’re doing here is setting up a Do Until loop that runs until we reach the end of the recordset (objRecordSet.EOF). Inside that loop we use this line of code to grab the ADsPath and store it in a variable named strADsPath:
strADsPath = objRecordSet.Fields(“ADsPath”).Value
And now we’re ready to move the computer, a task which is as simple as this:
objOU.MoveHere strADsPath, vbNullString
As you can see, we use the object reference to the Finance OU (objOU) and call the MoveHere method. MoveHere requires two parameters:
| • |
strADsPath, the variable containing the ADsPath (location) of the computer atl-ws-01. |
| • |
vbNullString, a VBScript constant indicating a Null variable. By specifying a different CN you can use the second parameter of the MoveHere method to rename a computer as opposed to simply moving it. Because all we want to do is move the thing (retaining its old name) we simply pass a Null variable as the second parameter. |
That’s basically all we have to do. We then call the MoveNext method to move to the next record in the collection. Because there won’t be a next record that means that EOF is true, and so we exit the loop and the script.
|
Note. By the way, don’t leave out the MoveNext method. If you do the script will lock up in an endless loop: it will try to move the first computer in the collection and then, because it hasn’t advanced to the next record, try to move the first computer in the collection a second time. And then a third time, and then …. |
So there you have it, DB: a cool new game in which you hunt down lost computers and send them to a different OU. Sure, it doesn’t sound all that fun. But – nostalgia aside – it’s still way better than Space Invaders.
Light
Dark
0 comments