For this simple task I tackled it simply with a log-on script and a small amount of config to Active Directory. Make sure that the information about the manufacturer and the model of the system have appeared in the Description field of our computer in the AD console.
Microsoft further disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. Powershell cmdlet Set-ADComputer will help you to do it. It is easier to do with a group policy logon script so that the data in the AD record are updated at the computer startup.
There are several ways you can achieve this. Ones that come to mind are: To do this please follow the below steps: From a security perspective I think this is acceptable for almost all environments. Note we need the Read Description property to allow the script to compare existing variables with newly generated one.
So to sum the above up without scaring you too much, if you have a small environment and little AD changes you could put in the date and you probably wont have any problems for the next 20 years, but if you are a large organisation you need to consider this.
Because these USN counters are local, it is easy to ensure that they are reliable and never run backward that is, they cannot decrease in value. I would rely on SC12 to provide me with more detailed information if needed.
Instead it uses update sequence numbers USNs that are assigned by a counter that is local to each domain controller. Disclaimer The sample scripts are not supported under any Microsoft standard support program or service.
This technique can be used to automatically populate the Description field of a computers in Active Directory. WS12 has some differences in this space with the new Active Directory system.
Create an array containing the list of all computers in the given OU: Each time a change is made on an object like a computer the attribute on that object uSNChanged increases. We have refreshed the data in AD only for one computer. ActiveDirectory for Windows PowerShell module can help us.If you run this script as a regular user, then check ADUC, you should find that the computer object that the script was run from, has now a description field set.
All that remains now is to add the VBScript to the user login script. I do this via GPO (User configuration > Policies > Windows Settings > Scripts > Logon).
Each time a change is made on an object (like a computer) the attribute on that object (uSNChanged) increases. Changing the description of a computer object increases the uSNChanged value which allows it to replicate to other domain controllers.
Fancy stuff: you are in a dire need to automate AD object attribute writing. Usually (from SCCM point of view) this object is a computer object, and the attribute contains some additional information about the computer that your corporation has requested.
Sep 09, · Update Computer account description with logon details.
Add this as a logon script, it will write the users name and the date\time into the description field of the computer account of the machine being used. Dec 03, · Then a foreach will loop through each computer object, the dnshostname is used to query the computers remote registry hive, the distinguishedname is set as the unique primary identity for the AD computer and used in the 'set-adcomputer' to set the description with the retrieved dynamicsitename.
Nov 26, · And for each computer in the given text file, the script will find the MAC Address, IP address, Serial Number for that computer.
Now my problem is this issue. I want to then take that read computer name, search AD (Active Directory) for the corresponding (matching) computer number and then change that computer description field.Download