Task Sequence – ADSI Script

myITforum.com Community Forum

Home Forums Blogs Live Support chat Search Articles Wiki FAQ Email Lists Register Login My Profile Inbox Address Book My Subscription My Forums

Photo Gallery Member List Search Calendars FAQ Ticket List Log Out

All Forums RSS Feed Subscription:

Task Sequence – ADSI Script

View related threads: (in this forum | in all forums)

Logged in as: Guest

Printable Version

All Forums >> [Management Products] >> System Center Products >> System Center Configuration Manager >> Task Sequence – ADSI Script

Page: [1]

Message

<< Older Topic Newer Topic >>

Task Sequence – ADSI Script - 9/25/2008 9:58:10 AM

xneilpetersonx

Posts: 159
Score: 1
Joined: 7/18/2006
Status: offline

I am trying to get a script working in a task sequence that will change the MACHINEOBJECTOU variable by selecting an OU from a populated list of existing OU’s. I have swiped most of this from Johan’s “Pretty Good Front end” script. I have also followed Johan’s instructions on adding ADSI support to my WINPE 2.0 image. The script does work when I run as an authenticated user, however does not run well when run in my task sequence, the OU’s do not populate. I understand that this is most probably permissions / authenticated user issue however I am against a wall n how to fix this. Below is the portion of the script retrieving the OU’s. One interesting thing to note is that if I remove the user name and password, this no longer works when running this as an authenticated user – because of this I had figured this user name and password would also be utilized in the task sequence and everything would work. Lastly I have read a piece by Ben Hunter that mentions updating the deployment rules in the CustomSettings.ini. Is this something I will need to do when using CM and MDT?

----------------------------------------------------------------------->
Sub GetOUs

Const ADS_SECURE_AUTHENTICATION = &H0001
Const ADS_SERVER_BIND = &H0200

Set objDSO = GetObject("LDAP:")
Set objOUComputers = objDSO.OpenDSObject("LDAP://OU=XXXXXWorkstations,OU=Workstations,DC=xxx,DC=xxxxx,DC=com", "USER NAME IS HERE", "PASSWORD IS HERE", ADS_SECURE_AUTHENTICATION + ADS_SERVER_BIND)

objOUComputers.Filter = Array("OrganizationalUnit")

For Each sOU In objOUComputers

    sOU.GetInfoEx Array("canonicalName"), 0
      arrCanonicalName = sOU.GetEx("canonicalName")

      For Each strValue in arrCanonicalName
          sCanonicalName = strValue
      Next

      Set objOption = Document.createElement("OPTION")
       objOption.Text = sCanonicalName
    objOption.Value = sOU.distinguishedName
    ddAvailableOUs.Add(objOption)

Next

End Sub

<------------------------------------------------------------------------

thanks for any help

neilp

Post #: 1

RE: Task Sequence – ADSI Script - 9/26/2008 10:59:22 AM

rbennett806

Posts: 840
Score: 15
Joined: 6/14/2006
Status: offline

Since nobody has chimed in I'll just toss this out there... I know that when I authenticate using a custom .HTA frontend I've got to first bind to a domain controller. So I use something like...

Set objNS = GetObject("LDAP:")
Set objRootDSE = objNS.OpenDSObject("LDAP://" & strDomainControllerFQDN & "/RootDSE", strUserName, strPassword, ADS_SERVER_BIND Or ADS_SECURE_AUTHENTICATION)
strDNSDomain = objRootDSE.Get("defaultNamingContext")
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"

I'm not sure if that's your problem though...

(in reply to xneilpetersonx)

Post #: 2

RE: Task Sequence – ADSI Script - 9/29/2008 3:37:25 PM

xneilpetersonx

Posts: 159
Score: 1
Joined: 7/18/2006
Status: offline

Thanks for this. I am still struggling to get this working, but this has help steer me closer. One additional question - at what point in your TS are your running these scripts?

Thanks again

neilp.

(in reply to rbennett806)

Post #: 3

RE: Task Sequence – ADSI Script - 9/29/2008 3:44:48 PM

rbennett806

Posts: 840
Score: 15
Joined: 6/14/2006
Status: offline

We kick off our OS deployments from a bootable SCCM OS Image Installation CD (bare metal scenario), and the .HTA kicks up at the start of the process. But it doesn't modify any of the existing variables, just pre-populates needed SCCM resource objects and Active Directory items...

(in reply to xneilpetersonx)

Post #: 4

RE: Task Sequence – ADSI Script - 10/8/2008 4:56:50 AM

aboren

Posts: 3
Score: 0
Joined: 10/8/2008
Status: offline

Hi, got some code 4 ya.
Ive made a "better" OU list creation if you got more OUs then the one Johan A have released.

Use the functions combined to create your OU list & then hook it to your HTA listbox name.
Then set a TaskSequence Variable (code for this exists in the MS supplied UnknownComputer.hta) eg. TSvar_OUtojoin with the value from the listbox you have choosen.
Inside your TaskSequense at the step where you join a domain, type %TSvar_OUtojoin% in the OU field.

Replace the domain/account, password, ldap path & strBaseOUConnString with your Values/variables.
(There may be missing declarations & variables for you, my script is VERY massive in total so i tried to rewrite this part as Transparent as i could.)

Sub GetOUList
'Option Explicit
     Dim strBaseOUConnString
     Dim objOULevel
     Dim OUintLevel
     Dim objRootDSE
     Dim OpenOU
     Const ADS_SECURE_AUTHENTICATION = &H0001
  Const ADS_SERVER_BIND = &H0200
     
     Set OpenOU = GetObject("LDAP:")
     strBaseOUConnString = "ou=computers,ou=resources,dc=domain,dc=com"
  Set objOULevel = OpenOU.OpenDSObject("LDAP://server.domain.com/" & strBaseOUConnString & "", "domain\account", "PASSWORD", ADS_SECURE_AUTHENTICATION + ADS_SERVER_BIND)
  objOULevel.Filter = Array("OrganizationalUnit")
  GetOURecurse objOULevel, 0, strBaseOUConnString
End Sub

Function GetOURecurse(objOU, OUXLevel, strBaseConn)
 Dim objOUObject, strConnString, objActiveOption, ldapQ, OpenSesame, objDefOption, objremOUdOption
 Const ADS_SA = &H0001
 Const ADS_SB = &H0200
  If defOUnr = 0 Then
  For Each objremOUdOption In OUDropdown.Options'The referenced Listbox in your HTA
  objremOUdOption.removeNode
  Next
  Set objDefOption = Document.CreateElement("OPTION")
  objDefOption.Text = "----- Pick Destination OU -----"
  objDefOption.Value = "9999"
  OUDropdown.Add objDefOption
  OUDropdown.value = "9999"
  End If
  defOUnr = 1
 Set OpenSesame = GetObject("LDAP:")
 For Each objOUObject In objOU
  If UCase(Left(objOUObject.Name, 3)) = "OU=" Then
   strConnString = objOUObject.DistinguishedName
   Set objActiveOption = Document.CreateElement("OPTION")
      If OUXLevel = 0 Then
       objActiveOption.Text = Replace(objOUObject.Name, "OU=", "")
      Else
       objActiveOption.Text = String(OUXLevel * 4, " ") & "->   " & Replace(objOUObject.Name, "OU=", "")
      End If
      objActiveOption.Value = strConnString
      OUDropdown.Add objActiveOption
      Set ldapQ = OpenSesame.OpenDSObject("LDAP://server.domain.com/" & strConnString & "", "domain\account", "PASSWORD", ADS_SA + ADS_SB)
      ldapQ.Filter = Array("OrganizationalUnit")
   GetOURecurse ldapQ, OUXLevel + 1, strBaseConn
  End If
 Next
End Function

My codeblock for adding the TSvariable, setting the OU to join variable. (Requires alot more, but its all in the MS$ provided UnknownComputer.hta found in the SDK)

 If AddToOU = "True" Then
    Log ("Creating Task sequence variable OSDDomainOUName" )
    ' TS variable "OSDDomainOUName" is used as variable in the OU field at "Apply Network Settings"
    returnVal = SetTSVar ("OSDDomainOUName", JoinarOU)
    Sleep (5000)
    If returnVal <> 0 Then
        Log ("Failed to set TS Variable OSDDomainOUName code: " & returnVal & ".")
        StatusInfo ("ERROR - Check the Log.")
        logFileSystemObject.Close
        logFileSystemObject = null        
        Main = returnVal
        Exit Function
    End If

_____________________________

/Andreas

(in reply to rbennett806)

Post #: 5