Scan my AD and move a particular objects to an OU

[Guest]

I want to scan my AD database and move all Computer with
Service 2 and Service 3 to a particular OU so that I can
deploy a policy to upgrade tem to SP4 how can i do that.

Is there any script or utility to do that

 

[Marin Marinov]

I want to scan my AD database and move all Computer with
Service 2 and Service 3 to a particular OU so that I can
deploy a policy to upgrade tem to SP4 how can i do that.

Is there any script or utility to do that

IIUC, you want to execute the script for all computers with these 2
services present, right? Unless you have populated this information in
AD, there is now way that AD will know what services run on your servers
- it doesn't do inventory. However,here's an idea:
1) Export all server names in a text file
2) Run a script to check for the presence of the two services:
if Service2 and Service3 exist then
Export server name to file
3) Run a script that iterates through the names in the above file,
searches AD for a matching computer object name, and moves this Computer
object to the new OU. Alternatively, use the list as a reference, search
AD with "Find" and move the objects manually.

For all this you'll find plenty of samples on
http://www.microsoft.com/technet/scriptcenter

You can also use Scriptomatic and ADSI Scriptomatic for additional help.

HTH
--
Cheers,
Marin Marinov
MCT, MCSE 2003/2000/NT4.0,
MCSE:Security 2003/2000, MCP+I
-
This posting is provided "AS IS" with no warranties, and confers no
rights.

 

[Jerold Schulman]

I want to scan my AD database and move all Computer with
Service 2 and Service 3 to a particular OU so that I can
deploy a policy to upgrade tem to SP4 how can i do that.

Is there any script or utility to do that

Start with tip 7823 in the 'Tips & Tricks' at http://www.jsiinc.com

You can modify the script to only output what you want.

You can parse the CSV file with a FOR command and run DSMOVE, tip 7382.


Jerold Schulman
Windows: General MVP
JSI, Inc.
http://www.jsiinc.com

 

[Cary Shultz [A.D. MVP]]

In additional to what has already been suggested you might want to look at
ldifde to take a look at the WIN2000 systems to break them down via SP
level.

However, that is not going to move them for you.

HTH,

Cary

 

[Cary Shultz [A.D. MVP]]

BTW, should have included the ldifde syntax for you:

c:\>ldifde -f notw2ksp4.ldf -s server.yourdomain.com -t 389 -d
"DC=yourdomain,DC=com" -p subtree -r
"(&(objectCategory=computer)(operatingSystem=Windows Professional
2000)(!operatingSystemServicePack=Service Pack 4))"

This will give you the file 'notwin2ksp4.ldf ' of all WIN2000 systems that
are not currently at SP4.

HTH,

Cary

 

[Cary Shultz [A.D. MVP]]

Anonymous,

I do need to clarify something: by Service 2 and Service 3 I * A S S / U / M
E * that you mean Service Pack 2 and Service Pack 3.......

Cary