Move a Computer to an Active Directory Organizational Unit (VBS)

Purpose: During a SCCM 2012 Computer Deployment, troubleshoot your AD permissions

Ok – before you start with all the “Hey dude, there is a built-in action to do this!” -talks, hear me out first. Remember all those SCCM Task Sequence changes you made? And then tried the Task Sequence out by installing an operating system? You noticed that you had problems getting a computer to move to the correct Active Directory (AD) Organisational Unit (OU)? Made some troubleshooting changes and then tried again? Here is where this script will come in handy! You do not need to run through the Task Sequence just to see if your computer will now actually move to the correct OU (because this can take an hour, right?). You could do a new Task Sequence, with only one action, just to test if your workstation moves around AD  – but lets not stress that delicate System Center product with this. Most of the time problems with handling workstations in AD through SCCM are about permissions.

Usage: cscript.exe IT_OSD_VBS_MoveComputerADOU.vbs (no parameters exist)
Debugging: You can uncomment the msgbox rows, to see what values you are receiving.
Configuration: You need to change the AD OU location to suit your own environment.


1) Login to a management workstation with the service account you are using to run the script.
2) Run this script as the service account (if you bother, you can do this without logging in as the service account, with the “runas” commmand).
3) If you are receiving “Access Denied” message – you need to alter the permissions to the AD OU containers for the service account some more.
4) Once the script succeeds for the workstation, you can be 99% sure that it will work when ran by SCCM TS as well.

As a disclamer, the original script was not created by me, all hail the original author, i just continued his work!

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
' //***************************************************************************
' // ***** Script Header *****
' //
' // Solution:          ConfigMgr
' // Original File:     MoveComputerToCorrectOU.vbs
' // Author:            Jakob Gottlieb Svendsen, Coretech A/S. http://blog.coretech.dk 
' // Purpose:           Move computer to the correct OU that remains in variable MachineObjectOU
' //                    Run inside TS after install 
' //
' // Usage:     MoveComputerToCorrectOU.vbs
' //
' //
' // CORETECH A/S History:
' // 0.0.1  JGS 17/12/2009  Created initial version.
' // 0.0.2  MIP 17/03/2009  Added feature to add argument to script
' // 0.0.3  JGS 02/12/2010  Changed to ADSystemInfo for the DN retrieval, instead of a homemade function.
' //                        Thanks to Nico_ at Technet Forums       
' // 0.0.4  JKO 20/09/2012  Created different configuration options, renamed file, added debug options
' //                        AD OU is now hardcoded value (not in task sequence variable to allow different usage)
' //
' // ***** End Header *****
' //***************************************************************************
' *****************************************************************************
' ** Configure the script
' *****************************************************************************
strLDAPofOU="OU=Desktops,OU=Computers,DC=domain,DC=locale"
' *****************************************************************************
 
On Error Resume Next
 
'Get MachineObjectOU Value
Set wshNetwork = CreateObject("WScript.Network")
Set oFso = CreateObject("Scripting.FileSystemObject")
Set objSysInfo = CreateObject( "ADSystemInfo" )
Set ArgObj = WScript.Arguments
 
'Use first argument as target OU
strMachineObjectOU = strLDAPofOU
strComputerDN = objSysInfo.ComputerName
'msgbox(strMachineObjectOU)
 
nComma = InStr(strComputerDN,",")
strCurrentOU = Mid(strComputerDN,nComma+1)
strComputerName = Left(strComputerDN,nComma - 1)
'msgbox(strCurrentOU)
 
'If current ou is different than target OU. Move object
If UCase(strCurrentOU) <> UCase(strMachineObjectOU) Then
    Set objNewOU = GetObject("LDAP://" & strMachineObjectOU)
    Set objMoveComputer = objNewOU.MoveHere("LDAP://" & strComputerDN, strComputerName)
    'msgbox("LDAP://" & strComputerDN & strComputerName)
End If 
 
'//----------------------------------------------------------------------------
'//  End Script
'//----------------------------------------------------------------------------
' //***************************************************************************
' // ***** Script Header *****
' //
' // Solution:  		ConfigMgr
' // Original File:     MoveComputerToCorrectOU.vbs
' // Author:			Jakob Gottlieb Svendsen, Coretech A/S. http://blog.coretech.dk 
' // Purpose:   		Move computer to the correct OU that remains in variable MachineObjectOU
' //					Run inside TS after install	
' //
' // Usage:     MoveComputerToCorrectOU.vbs
' //
' //
' // CORETECH A/S History:
' // 0.0.1	JGS 17/12/2009  Created initial version.
' // 0.0.2	MIP 17/03/2009 	Added feature to add argument to script
' // 0.0.3  JGS 02/12/2010  Changed to ADSystemInfo for the DN retrieval, instead of a homemade function.
' //						Thanks to Nico_ at Technet Forums		
' // 0.0.4  JKO 20/09/2012  Created different configuration options, renamed file, added debug options
' // 						AD OU is now hardcoded value (not in task sequence variable to allow different usage)
' //
' // ***** End Header *****
' //***************************************************************************
' *****************************************************************************
' ** Configure the script
' *****************************************************************************
strLDAPofOU="OU=Desktops,OU=Computers,DC=domain,DC=locale"
' *****************************************************************************

On Error Resume Next

'Get MachineObjectOU Value
Set wshNetwork = CreateObject("WScript.Network")
Set oFso = CreateObject("Scripting.FileSystemObject")
Set objSysInfo = CreateObject( "ADSystemInfo" )
Set ArgObj = WScript.Arguments

'Use first argument as target OU
strMachineObjectOU = strLDAPofOU
strComputerDN = objSysInfo.ComputerName
'msgbox(strMachineObjectOU)

nComma = InStr(strComputerDN,",")
strCurrentOU = Mid(strComputerDN,nComma+1)
strComputerName = Left(strComputerDN,nComma - 1)
'msgbox(strCurrentOU)

'If current ou is different than target OU. Move object
If UCase(strCurrentOU) <> UCase(strMachineObjectOU) Then
	Set objNewOU = GetObject("LDAP://" & strMachineObjectOU)
	Set objMoveComputer = objNewOU.MoveHere("LDAP://" & strComputerDN, strComputerName)
	'msgbox("LDAP://" & strComputerDN & strComputerName)
End If 

'//----------------------------------------------------------------------------
'//  End Script
'//----------------------------------------------------------------------------

Leave a Reply

Your email address will not be published. Required fields are marked *


− five = three

Post Navigation