Re: Script used to create computer accounts does not perform as expect
- From: "Richard Mueller [MVP]" <rlmueller-nospam@xxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 17 Aug 2007 09:26:14 -0500
When I create computer objects, I set the appropriate bits of the
userAccountControl attribute. Without having done this, perhaps the objects
were created, but they are not really computer objects. The code I use is
similar to:
==========
Option Explicit
Dim objOU, strComputer, objComputer
Const ADS_UF_PASSWD_NOTREQD = &H20
Const ADS_UF_WORKSTATION_TRUST_ACCOUNT = &H1000
strComputer = "Test002"
Set objOU = GetObject("LDAP://ou=West,dc=MyDomain,dc=com";)
Set objComputer = objOU.Create("computer", "cn=" & strComputer)
objComputer.sAMAccountName = strComputer & "$"
objComputer.Put "userAccountControl", _
ADS_UF_PASSWD_NOTREQD Or ADS_UF_WORKSTATION_TRUST_ACCOUNT
objComputer.SetInfo
==========
I think the objects you created might be user objects. This would account
for them not showing up as computers, but they have the sAMAccountNames you
assigned so they cannot be reused. You may need to find these users and
delete them.
--
Richard Mueller
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
--
"booker@mgt" <bookermgt@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:6114F524-3ECC-4205-92C5-25039CF4350E@xxxxxxxxxxxxxxxx
I need to revisit this. One because I manually created a new computer
account and it seems to show the same information as the accounts that
were
created via the .vbs script that I wrote:
Here is the Script
' Script to create Active Directory Computer Accounts inside of GTAD CoM
OU
If WScript.Arguments.Count < 2 Then
WScript.Echo "Please provide a Computer Name, " & "and ou in that
order"
WScript.Quit
End If
strComputer = WScript.Arguments(0)
sOU = WScript.Arguments(1)
set objOU = GetObject("LDAP://ou="; & sOU &
",ou=MGT,ou=_College-of-Management,dc=da,dc=univ,dc=com")
set ObjComputer = objOU.Create("Computer", "cn=" & strComputer)
objComputer.Put "SAMAccountName", strComputer & "$"
ObjComputer.SetInfo
That script is saved as Create-computer-accounts.vbs. Then inside of a
btach file, I will have the following format for my computer names
Create-computer-accounts.vbs BACKUPSERVER Workstations
Create-computer-accounts.vbs COM-391DC9C841E Workstations
Create-computer-accounts.vbs COM-F672140AC2E Workstations
Create-computer-accounts.vbs D978FN81 Workstations
Create-computer-accounts.vbs FAC_T40_IMAGE Workstations
Create-computer-accounts.vbs FILESHARE Workstations
Create-computer-accounts.vbs GEORGIA-11BECB5 Workstations
And on and on
So the Computer name accounts get created inside of the workstation OU.
But
after they are created, if I do a search for these computer accounts they
do
not show up in a search. Thus, I will try to add the same computer name
manually somewhere, but then I wil get a error message saying
"Windows cannot create the new computer object because the pre-Windows
2000
computer name is already in use.
So my overall question is , why would my script above create the account,
but only create it as a pre-windows 2000 computer name. And secondly,
once
that account is created, why won't it show up in a search.. Either by name
or
by pre-windows 2000 name???
.
- Prev by Date: Re: ADFS Issue...
- Next by Date: Re: ADFS Issue...
- Previous by thread: NTFS permission Analyzer
- Next by thread: Re: Terminal Server profile group policy not working
- Index(es):
Relevant Pages
|
