
Adding a computer account to an AD group
Hi guys
I have a requirement to find a way to join a Win2k Pro computer to a
domain and then add the computer account to a specific group via .vbs.
The script is called after the first successful logon.
Currently I call .hta which requests the username, password and domain
name before using those credentials to call netdom. This works fine and
the machine goes to the correct domain and OU. I then use "opendsobjct"
to authenticate to the domain and use the "group.add" to add the
computer account to the group. This seems to work.
However, when I go into AD users and computers and look at the target
groups membership (comprised entirely of computer accounts) I see the
computer name, but an Icon for a "user" account that is slightly grayed
out.(the hair is grey as opposed to black!). The account looks normal
when viewed outside of the group membership tab.
What have i done wrong? I can't find anything specifying a particular
syntax needed for adding workstation accounts to groups and why on earth
is the account appearing as a user account when you look in the group?
A portion of the script I use is :
--------------------------------------------------
Set objNetwork = CreateObject("WScript.Network")
strComputer = objNetwork.ComputerName
computer = "CN=" + strComputer +
",OU=NoteBookTest,DC=xx,DC=xxxxxxx,DC=COM"
group = "CN=AppsPC-Notebook,DC=xx,DC=xxxxxx,DC=com"
Set prov2 = GetObject("LDAP:")
Set groupobj = prov2.OpenDSObject("LDAP://xx.xxxxxx.com/" & group,
domainname + "\" & username, password, ADS_SECURE_AUTHENTICATION)
fqcomputer = "LDAP://" & computer
groupobj.Add fqcomputer
MsgBox "Done...hopefully"
---------------------------------------------
I know the script isnt very pretty ;-)
Does anybody have a clue why I'm getting problems? Anybodys suggestions
are much appreciated!
Thanks, and have a good day.
Kind Regards
Ross Draper
*** Sent via Developersdex http://www.*-*-*.com/ ***
Don't just participate in USENET...get rewarded for it!