Zoho Banner September 2011

Posts tagged ‘computer object’

Sometimes it’s useful to pre-create computer objects in the correct OU before joining them to the domain.  This way, you know that they will immediately pick up whatever Group Policies have been assigned to the OU.  Of course, you can create the computer objects in AD manually using Active Directory Users and Computers (dsa.msc) or the new Active Directory Administrative Center (dsac).  However, if you’ve got more than a few computer objects to create it might be helpful to have a script.  Here’s a Powershell 1.0 sample:

########################################################## 
# Name: PreSeedComputerObjects.ps1 
# Author: Tony Murray 
# Version: 1.0 
# Date: 12/04/2010 
# Comment: PowerShell 1.0 script to 
# pre-create AD Computer objects from csv file 
# 
#########################################################     

# Set the target OU where the computer objects will be created 
$ComputerOU  = [ADSI]“LDAP://OU=Workstations,DC=contoso,DC=com“     

# Specify the folder and CSV file to use 
$folder = "C:\util\csv" 
Set-Location $folder     

$csv = Import-Csv “import.csv”     

# Parse the CSV file line by line 
foreach($line in $csv) { 
# Assign variables to each attribute 
$ComputerName = $line.ComputerName 
$samname = $ComputerName + "$" 
$Computer = $ComputerOU.create(“Computer”,”cn=$ComputerName”)     

# Populate the minimum set of attributes needed for computer objects 
$Computer.put(“sAMAccountName”,$samname) 
$Computer.put(“userAccountControl”,4128) 
# Commit the changes 
write-host "Adding $ComputerName to target OU" 
$Computer.setinfo() 
# Capture any errors (e.g. object already exists) and move on 
        trap 
            { 
            write-host "Error: $_" 
            continue 
            } 
} 
#End

The format of the CSV file is simply as follows:

ComputerName
<netbios_name_of_computer>

e.g.
ComputerName
wkstn001
wkstn002
wkstn003

The only other point of interest is that we need to define the sAMAccountName and the userAccountControl attributes in the script.  The sAMAccountName is simply the NetBIOS name of the machine with a “$” suffix.  It is also important to specify an appropriate value for userAccountControl – in this case a decimal value of 4128 which corresponds to 0×1020 (hex) or (PASSWD_NOTREQD | WORKSTATION_TRUST_ACCOUNT ).

As always, please let me know if you can think of ways to improve the script.  Yes, that includes you Brandon!

Note: When copying the script from the web site, replace the double-quotes before you try it. WordPress does some funky format changes!