Custom OSD Scripting - Back End Script
Here is the back end script that does all of the work. I've made some comments on the script in efforts to keep this post less wordy and more scripty. Again if you have any specific questions please let me know.
Set env = Createobject("Microsoft.SMS.TSEnvironment") 'Calling the TS Environmen
strDescription = env("OSDComputerDescription") 'From the Front End Script
strOU = env("OSDDomainOUName") 'From the Front End Script
strManaged = env("OSDManaged") 'From the Front End Script
strComputer = env("OSDComputerName") 'From the Front End Script
strAdminUserName = env("OSDAdminUserName") 'From the Small UserName/Password Script
strAdminPassword = env("OSDAdminPassword") 'From the Small UserName/Password Script
strUser = env("OSDUserName") 'From the Front End Script
'''''''''''''''''''''''''''''''''''''''''Set Computer Description on AD object.
strDNComputer = "CN=" & strComputer & "," & strOU
Const ADS_SECURE_AUTHENTICATION = &H0001
Const ADS_SERVER_BIND = &H0200
Set OpenAD = GetObject("LDAP:")
Set objComputer = OpenAD.OpenDSObject("LDAP://DomainController.domain.com/" & strDNComputer, strAdminUserName, strAdminPassword, ADS_SECURE_AUTHENTICATION + ADS_SERVER_BIND)
objComputer.Put "Description" , strDescription
objComputer.SetInfo
'''''''''''''''''''''''''''''''''''''''Set computer description on local computer
Const HKEY_LOCAL_MACHINE = &H80000002
strComputer = "."
Set objRegistry = GetObject ("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "System\CurrentControlSet\Services\lanmanserver\parameters"
strValueName = "srvcomment"
objRegistry.SetStringValue HKEY_LOCAL_MACHINE, strKeyPath, strValueName, strDescription
'''''''''''''''''''''''''''''''''''''''Add Computer to security groups based on the managed scenario.
Const ADS_PROPERTY_APPEND = 3
If strManaged = "(LM)" Then
strGroup = "CN=isManaged,OU=Policy,DC=Domain,DC=com"
Set objGroup = OpenAD.OpenDSObject("LDAP://DomainController.domain.com/" & strGroup, strAdminUserName, strAdminPassword, ADS_USE_ENCRYPTION + ADS_SECURE_AUTHENTICATION)
Else
strGroup = "CN=isnotManaged,OU=Policy,DC=net,DC=smith,DC=com"
Set objGroup = OpenAD.OpenDSObject("LDAP://DomainController.domain.com/" & strGroup, strAdminUserName, strAdminPassword, ADS_USE_ENCRYPTION + ADS_SECURE_AUTHENTICATION)
End If
objGroup.PutEx ADS_PROPERTY_APPEND, "member", Array(strDNComputer)
objGroup.SetInfo
'''''''''''''''''''''''''''''''''''''''Add user and other security groups to local security groups
If strManaged = "(LM)" Then
Set oGrp = GetObject("WinNT://" & strComputer & "/Power Users")
Set oUsr = GetObject("WinNT://domain/Domain Users")
oGrp.Add(oUsr.ADsPath)
Else
Set oGrp = GetObject("WinNT://" & strComputer & "/Administrators")
Set oUsr = GetObject("WinNT://" & strUser)
Set oUsr2 = GetObject("WinNT://ADSecurityGroup")
oGrp.Add(oUsr.ADsPath)
oGrp.Add(oUsr2.ADsPath)
End IF
That is all I've got on these scripts at this time. I will continue to update this blog with additional scripts and SMS/CM/Crazy world goodness as I come across it.
neilp