+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 23
O/S Deployment Thread, Move workstation to another OU in Technical; Has anyone mastered a way of moving a workstation from the Computers OU to an OU of their choice during ...
  1. #1

    Join Date
    Jun 2008
    Posts
    719
    Thank Post
    118
    Thanked 64 Times in 52 Posts
    Rep Power
    31

    Move workstation to another OU

    Has anyone mastered a way of moving a workstation from the Computers OU to an OU of their choice during deployment?

    At the moment all my workstations get rebuilt and put into the Computers OU. If I try to put it elsewhere by entering the details on the Domain Join page then the workstation fails to rebuild.

    I've tried things such as:

    In the customsettings.ini
    MachineObjectOU=OU=Workstations,DC=School,DC=inter nal
    MachineObjectOU=OU=Workstations, DC=School, DC=internal [with spaces]

    In the domain join page when entering your details
    Workstations,DC=School,DC=internal
    school.internal/Workstations
    etc

    None of which worked.

    Just wondering if anybody has succeeded in this and if you could let me in on your secret. Thanks in advance.

  2. #2

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,225
    Thank Post
    875
    Thanked 2,717 Times in 2,302 Posts
    Blog Entries
    11
    Rep Power
    780
    I have done this, the secret is a perfectly formed path. I cheat and go into ADSI edit and then navigate to the OU I want then copy the path right from there. Just be caregul in ADSI edit as one wrongful delete can easily spoil your day/week.

  3. #3

    Join Date
    Jun 2008
    Posts
    719
    Thank Post
    118
    Thanked 64 Times in 52 Posts
    Rep Power
    31
    I did look into ADSI Edit and took a like-for-like of the path of the OU but it didn't work for me. Do you simply note down the path of a OU and then type it into MDT before setting off the deployment or do you write it into the customsettings.ini file?

  4. #4


    Join Date
    Mar 2009
    Location
    Leeds
    Posts
    6,647
    Thank Post
    229
    Thanked 865 Times in 743 Posts
    Rep Power
    297
    if its a rebuild might it be easier to tag the pc as managed and enter its guid then it should be rejoined in the same ou i believe

  5. #5

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    115
    Has anyone mastered a way of moving a workstation from the Computers OU to an OU of their choice during deployment?
    Yes with 2008 and now 2010, but I'm probably not doing the same kind of builds as you so YMMV (LiteTouch XP and I'm just building straight from I386 source, not bothering to subsequently image and deploying that afterwards).

    I'm using bootstrap.ini with entries in the [Default] section like:

    DomainOUs1=OU=A, OU=Workstations, DC=someschool, DC=local
    DomainOUs2=OU=B, OU=Workstations, DC=someschool, DC=local
    DomainOUs3=...

    They show up in the wizard "Join the computer to a domain or workgroup" Organizational Unit (optional) drop-down list and work.

  6. Thanks to PiqueABoo from:

    Chuckster (13th October 2010)

  7. #6
    eejit's Avatar
    Join Date
    Jun 2005
    Location
    Ireland
    Posts
    606
    Thank Post
    52
    Thanked 12 Times in 12 Posts
    Rep Power
    22
    I do this successfully too, but I'm almost afraid to say how after the torrent of abuse I received last time I used this tool.

    I deploy the adminpak as part of the build. You then have the dsmove tool available to you and you can move the PC many times during the build (i.e. to put it into an OU with no Windows Updates, then one that forces immediate installation of Windows Updates towards the end)

  8. #7

    Join Date
    Jun 2008
    Posts
    719
    Thank Post
    118
    Thanked 64 Times in 52 Posts
    Rep Power
    31
    Quote Originally Posted by PiqueABoo View Post
    Yes with 2008 and now 2010, but I'm probably not doing the same kind of builds as you so YMMV (LiteTouch XP and I'm just building straight from I386 source, not bothering to subsequently image and deploying that afterwards).

    I'm using bootstrap.ini with entries in the [Default] section like:

    DomainOUs1=OU=A, OU=Workstations, DC=someschool, DC=local
    DomainOUs2=OU=B, OU=Workstations, DC=someschool, DC=local
    DomainOUs3=...

    They show up in the wizard "Join the computer to a domain or workgroup" Organizational Unit (optional) drop-down list and work.

    I've tried this and it does show the drop down list. However, when the workstation rebuilds into the selected OU it doesn't fully connect onto the network. In the Task Sequence there is a step called 'Recover From Domain' under State Restore. When a rebuild is successful you will see the final bits of the task running across the screen and then it reboots to show you the login screen. With me, however, this is not the case.

    Is there anything different that you do? I too am using just the source files.


    Quote Originally Posted by eejit View Post
    I do this successfully too, but I'm almost afraid to say how after the torrent of abuse I received last time I used this tool.

    I deploy the adminpak as part of the build. You then have the dsmove tool available to you and you can move the PC many times during the build (i.e. to put it into an OU with no Windows Updates, then one that forces immediate installation of Windows Updates towards the end)
    Could you elaborate on the above about this dsmove tool, please. I'd like to know more about it and how it is actually used in your set up. Thanks.

  9. #8

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,225
    Thank Post
    875
    Thanked 2,717 Times in 2,302 Posts
    Blog Entries
    11
    Rep Power
    780
    Quote Originally Posted by PiqueABoo View Post
    Yes with 2008 and now 2010, but I'm probably not doing the same kind of builds as you so YMMV (LiteTouch XP and I'm just building straight from I386 source, not bothering to subsequently image and deploying that afterwards).

    I'm using bootstrap.ini with entries in the [Default] section like:

    DomainOUs1=OU=A, OU=Workstations, DC=someschool, DC=local
    DomainOUs2=OU=B, OU=Workstations, DC=someschool, DC=local
    DomainOUs3=...

    They show up in the wizard "Join the computer to a domain or workgroup" Organizational Unit (optional) drop-down list and work.
    This is also the way I do it, works well in our environments.

  10. #9

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    115
    I've tried this and it does show the drop down list. However,
    Could it be a credentials problem, as in the account it tries the OU moving with doesn't have the rights? Are there any associated failure events in the relevant DC security logs?

  11. #10
    eejit's Avatar
    Join Date
    Jun 2005
    Location
    Ireland
    Posts
    606
    Thank Post
    52
    Thanked 12 Times in 12 Posts
    Rep Power
    22
    Quote Originally Posted by Chuckster View Post
    Could you elaborate on the above about this dsmove tool, please. I'd like to know more about it and how it is actually used in your set up. Thanks.
    Sure no probs.
    I change the default container for all new machines to a folder called "New PCs" - that way you can at least apply policies to them - you can't apply policies to a container which is what the default "Computers" location is.
    I let the build occur there and then after I'm finished my "Install Appications" section - one of which is adminpak.msi, I create a new "Run Command Line" which is something like this:

    dsmove "CN=%computername%,OU=New PCs,DC=School,DC=internal" -newparent "OU=Workstations,DC=School,DC=internal"

    Make sure you tick the "Run this step as the following account" box and "Set" it as a domain admin and off you go.
    Last edited by eejit; 12th October 2010 at 02:43 PM. Reason: spelling errors

  12. Thanks to eejit from:

    Chuckster (13th October 2010)

  13. #11

    Join Date
    Jun 2008
    Posts
    719
    Thank Post
    118
    Thanked 64 Times in 52 Posts
    Rep Power
    31
    Quote Originally Posted by PiqueABoo View Post
    Could it be a credentials problem, as in the account it tries the OU moving with doesn't have the rights? Are there any associated failure events in the relevant DC security logs?
    I don't see any failures in the logs. How is your AD structure?

    Mine is..

    Schoolname.internal
    |_______Workstations
    |_____________ROOM
    |________________IT Suite 01
    |________________IT Suite 02
    etc


    So the syntax should be:

    DomainOUs1=OU=IT Suite 01, OU=Room, OU=Workstations, DC=schoolname, DC=internal
    DomainOUs2=OU=IT Suite 02, OU=Room, OU=Workstations, DC=schoolname, DC=internal

    It doesn't work the way it should do. I've noticed the workstation will get built and be put into the right OU, but the local administrator account will automatically log itself in each time you switch or reboot the machine. Are you getting this too?

    I've also noticed that if you rebuild the workstation again it'll fail. You have to delete the MININT and _SMSTaskSequence (?) folder on the C drive first before you can think of rebuilding.

    Having the computer rebuilt into the Computers OU is fine and you won't see either of those folders. Weird! Plus, you will always be presented with the login screen to put in your username and password.

    Any chance you could copy and paste your bootstrap.ini? Thanks.



    Quote Originally Posted by eejit View Post
    Sure no probs.
    I change the default container for all new machines to a folder called "New PCs" - that way you can at least apply policies to them - you can't apply policies to a container which is what the default "Computers" location is.
    I let the build occur there and then after I'm finished my "Install Appications" section - one of which is adminpak.msi, I create a new "Run Command Line" which is something like this:

    dsmove "CN=%computername%,OU=New PCs,DC=School,DC=internal" -newparent "OU=Workstations,DC=School,DC=internal"

    Make sure you tick the "Run this step as the following account" box and "Set" it as a domain admin and off you go.
    I will get this a try tomorrow and see what happens. Thanks.

  14. #12

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    115
    I've noticed the workstation will get built and be put into the right OU, but the local administrator account will automatically log itself in each time you switch or reboot the machine. <snip>You have to delete the MININT and _SMSTaskSequence (?) folder
    Yep. If that's happening it definitely means the task sequence hasn't finished (at the end it cleans up those folders and IIRC moves all the extremely dense logs from one of them in the Windows\temp folder). If it's getting into the right OU, then lets assume something after that is killing it... maybe around Windows Updates (I disable that).. are you installing any applications? Do you get to see the summary with info about what failed at the end or do you have it set to reboot?

  15. #13

    Join Date
    Jun 2008
    Posts
    719
    Thank Post
    118
    Thanked 64 Times in 52 Posts
    Rep Power
    31
    I don't use MDT to install any applications as I have a GPO to do it.

    I created a new task sequence with all the default settings and I'm not able to get anywhere with it. Also, I don't get the summary info or any info for that matter to tell me what went wrong. Rebooting the workstation returns me to the desktop with the local admin account logging me in.

    I can build successfully to the Computers OU but not anywhere else. What could I try?

  16. #14
    eejit's Avatar
    Join Date
    Jun 2005
    Location
    Ireland
    Posts
    606
    Thank Post
    52
    Thanked 12 Times in 12 Posts
    Rep Power
    22
    Yeah, sounds like the job just isn't finishing. Do you log to a server location during the build using something like this in your customsettings.ini?

    SLShareDynamicLogging=\\servername\Distribution$\l ogs\%OSDComputerName%

    (you need to make the logs folder - it won't make it itself)

    If not, have a look through the logs in the minint folder - it'll ALL be there, but it'll take some time to go through.

    What are you trying to build anyway? XP? Did you manage to get the adminpak deployed?

  17. Thanks to eejit from:

    Chuckster (13th October 2010)

  18. #15

    Join Date
    Jun 2008
    Posts
    719
    Thank Post
    118
    Thanked 64 Times in 52 Posts
    Rep Power
    31
    I don't produce and upload logs to a server, if that's what you mean, so I've enabled SLShareDymanic as you've stated and did another rebuild.


    Code:
    <![LOG[Not Wizard = False]LOG]!><time="13:37:04.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property WizardComplete is now = N]LOG]!><time="13:37:04.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[TSGuid changed via TaskSequenceID = W7-X86-STD]LOG]!><time="13:37:04.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property TSGuid is now = {e419ba40-a53d-49d8-8fb2-7f80e076606d}]LOG]!><time="13:37:04.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[	Open Control File: TaskSequences]LOG]!><time="13:37:04.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property TaskSequenceID is now = 12.10.10]LOG]!><time="13:37:09.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Found Task Sequence Item: //step[@type='BDD_InstallOS']]LOG]!><time="13:37:09.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Found Task Sequence step of type //step[@type='BDD_InstallOS'] = True]LOG]!><time="13:37:09.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[DeploymentType = NEWCOMPUTER]LOG]!><time="13:37:09.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property ImageProcessor is now = ]LOG]!><time="13:37:09.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property OSGUID is now = ]LOG]!><time="13:37:09.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property TaskSequenceName is now = 12.10.10]LOG]!><time="13:37:10.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property TaskSequenceVersion is now = 1.0]LOG]!><time="13:37:10.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property OSGUID is now = {77d124a8-2807-429e-90fb-6302a1171d46}]LOG]!><time="13:37:10.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property ImageIndex is now = 1]LOG]!><time="13:37:10.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property ImageSize is now = 8010]LOG]!><time="13:37:10.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property ImageFlags is now = Professional]LOG]!><time="13:37:10.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property ImageBuild is now = 6.1.7600.16385]LOG]!><time="13:37:10.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property ImageProcessor is now = x86]LOG]!><time="13:37:10.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property ImageLanguage001 is now = en-US]LOG]!><time="13:37:10.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[InstallFromPath: \\SVR-02\DeploymentShare$\Operating Systems\Windows 7 Professional x86\WIN7_001.wim]LOG]!><time="13:37:10.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property InstallFromPath is now = \\SVR-02\DeploymentShare$\Operating Systems\Windows 7 Professional x86\WIN7_001.wim]LOG]!><time="13:37:10.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[SourcePath: \\SVR-02\DeploymentShare$\Operating Systems\Windows 7 Professional x86]LOG]!><time="13:37:10.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property SourcePath is now = \\SVR-02\DeploymentShare$\Operating Systems\Windows 7 Professional x86]LOG]!><time="13:37:10.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[CheckForDisk: [0]  Partition: [1]]LOG]!><time="13:37:10.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Validated Disk exists]LOG]!><time="13:37:10.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property OSDComputerName is now = MININT-VAFV9KK]LOG]!><time="13:37:10.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[	Open Control File: Applications]LOG]!><time="13:37:28.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property TSGuid is now = {c06cfa41-c727-4fe7-a537-c9c3acce3043}]LOG]!><time="13:37:28.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property DeploymentType is now = NEWCOMPUTER]LOG]!><time="13:37:28.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property DefaultDestinationDisk is now = 0]LOG]!><time="13:37:28.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property DefaultDestinationPartition is now = 1]LOG]!><time="13:37:28.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property OSDComputerName is now = ICT-01]LOG]!><time="13:37:28.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property JoinDomain is now = ENGLAND.INTERNAL]LOG]!><time="13:37:28.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property DomainAdmin is now = Administrator]LOG]!><time="13:37:28.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[<Message containing password has been suppressed>]LOG]!><time="13:37:28.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property DomainAdminDomain is now = ENGLAND.INTERNAL]LOG]!><time="13:37:28.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property MachineObjectOU is now = OU=Admin, OU=ROOMS, OU=WORKSTATIONs, DC=England, DC=internal]LOG]!><time="13:37:28.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    <![LOG[Property JoinWorkgroup is now = ]LOG]!><time="13:37:28.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard"><![LOG[Property WizardComplete is now = Y]LOG]!><time="13:37:28.000+000" date="10-13-2010" component="Wizard" context="" type="1" thread="" file="Wizard">
    I'm going to be honest, I don't understand it all so I've copied and pasted the whole thing. From what I can see is, is that it's joining a workgroup but when you check the properties of My Computer it says the domain name. (Check the highligted bold bit)

    Just for the record, I am using Hyper-V and I've created a test network.
    My domain name is England.internal.
    IP address for DC1 is 192.168.1.1 and DC2 is 192.168.1.2.
    MDT server (SVR-02) is 192.168.1.3
    My task sequence is: W7-X86-STD

    All server OS'es are Win 2008 R2 Standard.

    This also happened in the live environment.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. On the move
    By neilmc in forum General Chat
    Replies: 1
    Last Post: 12th March 2010, 02:10 PM
  2. No Workstation ID
    By button_ripple in forum MIS Systems
    Replies: 6
    Last Post: 10th July 2009, 11:12 AM
  3. Replies: 2
    Last Post: 16th April 2009, 11:40 AM
  4. Move DC from A to B
    By Gatt in forum Windows Server 2008
    Replies: 4
    Last Post: 25th February 2009, 12:45 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •