+ Post New Thread
Results 1 to 5 of 5
O/S Deployment Thread, AD Comp Objects dont get "moved" to the correct OU (and more) in Technical; Hi all Here's a noodle twist for you. Our setup is a SCCM 2007 R2 SP2 setup [an elaborate multi ...
  1. #1
    tarquel's Avatar
    Join Date
    Jun 2005
    Location
    Powys, Mid-Wales, UK
    Posts
    1,740
    Thank Post
    13
    Thanked 45 Times in 35 Posts
    Rep Power
    29

    AD Comp Objects dont get "moved" to the correct OU (and more)

    Hi all

    Here's a noodle twist for you.

    Our setup is a SCCM 2007 R2 SP2 setup [an elaborate multi server setup too ] and everything seems to work a treat.

    For those that dont realise, MDT is such a welcome addition to SCCM. Makes alot of stuff so much the sweeter, but I digress slightly.

    With our MDT infused SCCM TS, everything works a treat except for two niggles I have.

    1: When deploying [from PXE] a captured SCCM Win7 OS build on a machine, everything works great - however, it doesnt place the computer object into the target OU that it has been told to in the Task Sequence.

    This also seems to apply in other uses of the TS i.e. running a Refresh using it etc, however, everything else seems to work fine i.e. Driver Injection, Software Update installs, Additional Software installs, Model Specific checks, etc.

    Seems to just be the comp obj that wont get moved to where I tell it.

    EDIT: Just tried it from fresh using PXE, with no computer object in AD, and SCCM with MDT put the computer object in to the correct OU I'm happy to say.

    However, I wager that if i move the AD object somewhere and then try again [leaving the computer object in AD] but just advertising it again, it wont move anywhere.

    The latter two posts in the following thread seem to ring two to what I have:
    http://social.technet.microsoft.com/...0-e0ca2fef3711

    however, I've tried the following script previously and I didnt get any joy with it:
    http://blog.coretech.dk/scripting/vb...ine-parameter/

    Could be I'm just missing something....


    2: The other niggle is that when rebuilding a machine in any sense, it creates a new SCCM computer object rather than reuse the existing one, causing there to be two objects.

    The one used at the time of (re)deployment is set to Obsolete and the AD computer ojbect association is set to the new one, tho the new one of course then isnt linked to Collections where it is needed, which isnt a problem at the moment, but will mess things up later on down the line.

    Just wondering if there is some option / command i can use to stop that happening, and additionally a command i can use (if it can continue to use the existing SCCM obj, rather than create a new one) that will allow me to remove / add the object to a collection as part of the deployment TS?

    Hope that makes sense,

    These two things are a bit annoying and i'm running out of time to get them working so any thoughts / ideas / help would be really appreciated here with this.

    [have given up with posting on the MS forums as u either get a poster reword your question and posing that as the answer etc hehe ]

    Cheers.
    Nathan
    Last edited by tarquel; 18th September 2010 at 10:29 PM.

  2. #2
    tarquel's Avatar
    Join Date
    Jun 2005
    Location
    Powys, Mid-Wales, UK
    Posts
    1,740
    Thank Post
    13
    Thanked 45 Times in 35 Posts
    Rep Power
    29
    Well, I've answered my own question 1 now

    Given enough time, i should be able to knock up some helpful tips on all this...

    Nath.

  3. #3

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,746
    Thank Post
    915
    Thanked 1,334 Times in 814 Posts
    Blog Entries
    1
    Rep Power
    447
    Quote Originally Posted by tarquel View Post
    Well, I've answered my own question 1 now

    Given enough time, i should be able to knock up some helpful tips on all this...

    Nath.
    Is no.1 not because it reusues the computer account rather then recreating it? Your correct in thinking that after build and ou move it wont move when you rebuild that pc.

    No.2, to basically fix this problem you need to move to native cert-based mode for sccm. That allows it to link the existing record to the machine after a wipe and means you dont need to clear out the obsolete entries.

  4. #4
    tarquel's Avatar
    Join Date
    Jun 2005
    Location
    Powys, Mid-Wales, UK
    Posts
    1,740
    Thank Post
    13
    Thanked 45 Times in 35 Posts
    Rep Power
    29
    Thanks for the reply ZH...

    No 1... Its basically what you said. That a SCCM doesnt support moving the comp object in AD if its already existing there. I've used a simple 3rd party method to do this.

    Why? you ask, because you can then ensure all the AD computer object of either a new or existing machine that are being installed/refreshed with Windows 7 all end up in the correct OU and dont require any intervention, confusion or forgetfulness by the techies performing the wipe

    I've also made a script for allowing it to auto add a AD comp obj to a AD group too whether its new or existing during the Task Sequence

    I'll post some sort of howto thingy if it sounds useful for others.

    No 2... ahh, I see That sounds like a bit of a nightmare to be honest, which is why we didnt go for native mode.

    Just to disgress a little, other than the reason I was talking about, are there any pros/cons to consider when changing to the native SCCM setup?

    Cheers
    Nath.

  5. #5
    TheScarfedOne's Avatar
    Join Date
    Apr 2007
    Location
    Plymouth, Devon
    Posts
    1,346
    Thank Post
    676
    Thanked 169 Times in 154 Posts
    Blog Entries
    78
    Rep Power
    85
    I have the same problem as No.2 - but get round it in a dirty kinda fashion! My collections which control the software deplyments later are based on AD queries by name sting. eg our computer rooms are CUR028XX CUR029XX etc whee 028 and 029 are the room numbers and XX is the machine number. I do a collection query using the name like CUR028% oe CUR029% etc and they still end up in the right place. I then have another collection where the query is obsolete is yes, and clear it out every now and then. Not too elegant I know, but it dodges the native mode for the moment. My main problem though is with duplicate wds guid's. Damn lazy mainboard programmers. Grrr! Problem is I cant seem to get the banned guid policy bit to work. Ideas?

SHARE:
+ Post New Thread

Similar Threads

  1. comp fix job
    By browolf in forum East Midlands Broadband Consortium (EMBC)
    Replies: 0
    Last Post: 30th January 2010, 10:27 PM
  2. Last Day Fun - Caption Comp
    By tech_guy in forum General Chat
    Replies: 28
    Last Post: 18th December 2009, 02:11 PM
  3. Christmas Wallpaper Comp
    By Hightower in forum General Chat
    Replies: 11
    Last Post: 1st December 2009, 07:45 PM
  4. RIS, Novatech and comp names
    By contink in forum Windows
    Replies: 19
    Last Post: 30th June 2008, 04:41 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •