New machine OU placement
Hi Guys we have an issue where users are creating multiple vm's every day and joining them to the network and we end up with a number of machine accounts dumped in the default computers container. I would dearly like something that would report the machines in that container at the end of the day and possibly the user that created it, site it was created in or some such so we could pick them up and move them into the right OU. Before i sit down to script something out has anyone had an experience in this respect and could recommend a solution. Thanks Greg ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: New machine OU placement
Can't you redirect them with redircmp? If you are creating VMs, you can script this to run after the machine is created 2009/4/15 Greg Mulholland g...@krystaltek.com Hi Guys we have an issue where users are creating multiple vm's every day and joining them to the network and we end up with a number of machine accounts dumped in the default computers container. I would dearly like something that would report the machines in that container at the end of the day and possibly the user that created it, site it was created in or some such so we could pick them up and move them into the right OU. Before i sit down to script something out has anyone had an experience in this respect and could recommend a solution. Thanks Greg ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: New machine OU placement
I can but i dont want to do this globally and i do mean globally and i would still need to now where they are supposed to go if we were to move them manually. I guess i could force them to use the netdom command to place the machine in the OU of their particular section. Thanks for the info, i had thought of using this tool, i guess i just need to find a way to do it whatever fits best Greg From: James Rankin [kz2...@googlemail.com] Sent: Wednesday, 15 April 2009 9:25 PM To: NT System Admin Issues Subject: Re: New machine OU placement Can't you redirect them with redircmp? If you are creating VMs, you can script this to run after the machine is created 2009/4/15 Greg Mulholland g...@krystaltek.commailto:g...@krystaltek.com Hi Guys we have an issue where users are creating multiple vm's every day and joining them to the network and we end up with a number of machine accounts dumped in the default computers container. I would dearly like something that would report the machines in that container at the end of the day and possibly the user that created it, site it was created in or some such so we could pick them up and move them into the right OU. Before i sit down to script something out has anyone had an experience in this respect and could recommend a solution. Thanks Greg ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: New machine OU placement
Would it help if you change the default OU systems and users are placed in when added to the domain? http://support.microsoft.com/kb/324949 Alternately you could schedule an OLDCMP.EXE job daily and work with that data. Dave From: Greg Mulholland [mailto:g...@krystaltek.com] Sent: Wednesday, April 15, 2009 4:19 AM To: NT System Admin Issues Subject: New machine OU placement Hi Guys we have an issue where users are creating multiple vm's every day and joining them to the network and we end up with a number of machine accounts dumped in the default computers container. I would dearly like something that would report the machines in that container at the end of the day and possibly the user that created it, site it was created in or some such so we could pick them up and move them into the right OU. Before i sit down to script something out has anyone had an experience in this respect and could recommend a solution. Thanks Greg ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: New machine OU placement
There are several ways to address it but it all depends on the situation, we disabled the ability to add computers to the computers container when we first installed AD. All the various workstation and server OU's have very specific delegations on who can add machines to them. If you just want reporting, turn on and configure DS auditing (or use a 3rd party tool) From: Greg Mulholland [mailto:g...@krystaltek.com] Sent: Wednesday, April 15, 2009 4:19 AM To: NT System Admin Issues Subject: New machine OU placement Hi Guys we have an issue where users are creating multiple vm's every day and joining them to the network and we end up with a number of machine accounts dumped in the default computers container. I would dearly like something that would report the machines in that container at the end of the day and possibly the user that created it, site it was created in or some such so we could pick them up and move them into the right OU. Before i sit down to script something out has anyone had an experience in this respect and could recommend a solution. Thanks Greg ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: New machine OU placement
We have changed the default OU that new computers are added to, this OU has a special Group Policy on it that has the machine locked down tight, they cannot do anything with the machine until it is moved to the correct OU, this has eliminated the mystery of computers just showing up in active directory. On Wed, Apr 15, 2009 at 12:12 PM, Free, Bob r...@pge.com wrote: There are several ways to address it but it all depends on the situation, we disabled the ability to add computers to the computers container when we first installed AD. All the various workstation and server OU’s have very specific delegations on who can add machines to them. If you just want reporting, turn on and configure DS auditing (or use a 3 rd party tool) *From:* Greg Mulholland [mailto:g...@krystaltek.com] *Sent:* Wednesday, April 15, 2009 4:19 AM *To:* NT System Admin Issues *Subject:* New machine OU placement Hi Guys we have an issue where users are creating multiple vm's every day and joining them to the network and we end up with a number of machine accounts dumped in the default computers container. I would dearly like something that would report the machines in that container at the end of the day and possibly the user that created it, site it was created in or some such so we could pick them up and move them into the right OU. Before i sit down to script something out has anyone had an experience in this respect and could recommend a solution. Thanks Greg -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: New machine OU placement
Yes I have scripts and this is pretty easy to do (done it many times), but, the fields you're looking for don't really exist. Naming conventions are how I usually key this. If you don't have that then this is a lot of work. If you want to do site based you could ping the machine and then map the IP to a site. That is pretty easy to do. If you want to do this user based, you need to be precreating the computer accounts with something that can do the logging for you and ideally put the accounts in the right place. The other option is to just leave them. If you're not getting any value from moving the machines then don't bother. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 Active Directory, 4th Ed - http://www.briandesmond.com/ad4/ Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian From: Greg Mulholland [mailto:g...@krystaltek.com] Sent: Wednesday, April 15, 2009 6:19 AM To: NT System Admin Issues Subject: New machine OU placement Hi Guys we have an issue where users are creating multiple vm's every day and joining them to the network and we end up with a number of machine accounts dumped in the default computers container. I would dearly like something that would report the machines in that container at the end of the day and possibly the user that created it, site it was created in or some such so we could pick them up and move them into the right OU. Before i sit down to script something out has anyone had an experience in this respect and could recommend a solution. Thanks Greg ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: New machine OU placement
Thanks everyone for their input. I think i have enough to look at. Greg From: Brian Desmond [br...@briandesmond.com] Sent: Thursday, 16 April 2009 4:41 AM To: NT System Admin Issues Subject: RE: New machine OU placement Yes I have scripts and this is pretty easy to do (done it many times), but, the fields you’re looking for don’t really exist. Naming conventions are how I usually key this. If you don’t have that then this is a lot of work. If you want to do site based you could ping the machine and then map the IP to a site. That is pretty easy to do. If you want to do this user based, you need to be precreating the computer accounts with something that can do the logging for you and ideally put the accounts in the right place. The other option is to just leave them. If you’re not getting any value from moving the machines then don’t bother. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 Active Directory, 4th Ed - http://www.briandesmond.com/ad4/ Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian From: Greg Mulholland [mailto:g...@krystaltek.com] Sent: Wednesday, April 15, 2009 6:19 AM To: NT System Admin Issues Subject: New machine OU placement Hi Guys we have an issue where users are creating multiple vm's every day and joining them to the network and we end up with a number of machine accounts dumped in the default computers container. I would dearly like something that would report the machines in that container at the end of the day and possibly the user that created it, site it was created in or some such so we could pick them up and move them into the right OU. Before i sit down to script something out has anyone had an experience in this respect and could recommend a solution. Thanks Greg ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~