Cary Shultz said:Mark,
Looks like I am the ldifde person today!
There is indeed a way that you can find this information out. I would
suggest that the *best* way to do this would be via scripting. However, I
am not that well versed in the wonderful world of scripting! So, I am stuck
with ldifde / csvde / ADModify and the new ds tools. There are also a
couple of really cool utilities out there that will do this for you very
very very quickly.
Let's take a look at ldifde first - since it is 'built-in" to WIN2000. All
we are going to do is make an ldap query looking for a specific set of
attributes and their corresponding values. It is that simple!
Unfortunately, you need to know the correct attributes and syntax! That can
be the challenging part. The Service Pack is obviously a part of the
Computer. Clearly part of the Operating System. So, we are going to look
for four things: the computer's DN, the operatingSystem, the
operatingSystemVersion and the operatingSystemServicePack.
Here is what you would enter when you are sitting at the DC:
c:\>ldifde -f servicepacks.ldf -s servername.yourdomain.com -t 389 -d
"DC=yourdomain,DC=com" -p subtree - r
"(&(objectCategory=computer)(objectClass=user))" -l
"DN,operatingSystem,operatingSystemVersion,operatingSystemServicePack"
Please note that the -s and the -t switches are optional and not really
necessary. I simply include them as a personal preference. The -s switch
is you naming the server to which you want ldifde to bind ( will default to
the server on which you are running it ) and the -t switch is you telling
ldifde on what port you want ldifde to run the ldap query ( ldifde will
default to the default ldap port. You guessed it - 389 ).
You will be presented with a file called 'servicepacks.ldf' ( you can call
it whatever you want ) that will contain all of your computer account
objects with their Distinguished Name and the three other attributes. The
DN would look something like this:
DN: CN=seanspc,CN=computers,DC=yourdomain,DC=com
I am not really familiar with csvde as I always use ldifde but csvde would
have a similar syntax and it does put the 'output' in an Excel spreadsheet.
I personally like the .ldf format but sorting would be an easier task in
Excel!
There is also a tool that Joe Richards wrote. It is called oldcmp and you
usually use it to disable / delete computer accounts but one of the cool
things about it is that it will create a report ( in a variety of formats -
I like the DHTML format myself ) that will include exactly the information
that you need. You can find this tool at his website, which is located at
http://www.joeware.net. Just go to the free C++ tools area and scroll down
about 2/3 of the way!
If you are running WIN2000 Domain Controllers that are at SP3 or better and
you have a WIN XP Pro system available you can use the ds tools. Please
note that these tools are really WIN2003 tools so if you have not 'upgraded'
the WIN2000 schema ( via adprep /forestprep and adprep /domainprep ) then
the functionality might be lacking in a few areas. I have yet to use these
tool ( but am going to this weekend! ).
Sean, I hope that this helps you!
Cary
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.