Harish.H.Y

Hi, I am looking for a script to copy the Group Membership of one system to another in AD from a system which is not connected to domain, below is the script which i wrote but getting error " Could not find the Name or Insufficient Rights to see Name, at this stage "objTrans.Set ADS_NAME_TYPE_NT4, strDomain & "\" & strComputer2 & "$" " please help Basically what the script does is it will prompt for Old computer name for Source & new computer for destination & it will create a computer account & copy the group membership from source to destination computer. Option Explicit Dim strComputer1, strComputer2, strDomain, strOU, intAnswer, objNS, objRootDSE, objContainer Dim strUser, strPassword, objTrans, strComputerDN, strServer, objComputer, objClone strOU = "OU=Workstations ," Do strComputer1 = InputBox("Please enter the Old Computer Name to Get Group Membership:") If strComputer1 <> "" Then Exit Do Else msgbox "Old Computer Name Is Required", vbCritical End If Loop 'WScript.Echo "ComputerName: " & strComputer1 Do strComputer2 = InputBox("Please enter the New Computer Name to append Group Membership:") If strComputer2 <> "" Then Exit Do Else msgbox "New Computer Name Is Required", vbCritical End If Loop 'WScript.Echo "ComputerName: " & strComputer2 ' Specify user name and password. strUser = "administrator" strPassword = "Passw0rd" ' Specify Domain Controller. strServer = "AD" ' Retrieve NetBIOS name of the domain. strDomain = "TEST.COM" Const ADS_SECURE_AUTHENTICATION = &h0001 Const ADS_SERVER_BIND = &h0200 Const ADS_UF_WORKSTATION_TRUST_ACCOUNT = &h1000 Set objNS = GetObject("LDAP:") Set objRootDSE = objNS.OpenDSObject("LDAP://ad.test.com", _ strUser, strPassword, _ ADS_SERVER_BIND Or ADS_SECURE_AUTHENTICATION) Set objContainer = objNS.OpenDSObject("LDAP://ad.test.com/OU=Workstations,dc=test,dc=com", _ strUser, strPassword, _ ADS_SERVER_BIND Or ADS_SECURE_AUTHENTICATION) Set objComputer = objContainer.Create("Computer", "cn=" & strComputer2) objComputer.Put "sAMAccountName", strComputer2 & "$" objComputer.Put "userAccountControl", _ ADS_SECURE_AUTHENTICATION Or ADS_UF_WORKSTATION_TRUST_ACCOUNT objComputer.SetInfo ' Constants required for name translate Const ADS_NAME_INITTYPE_DOMAIN = 1 Const ADS_NAME_INITTYPE_SERVER = 2 Const ADS_NAME_INITTYPE_GC = 3 Const ADS_NAME_TYPE_NT4 = 3 Const ADS_NAME_TYPE_1779 = 1 wscript.echo "Computer1: " & strComputer1 wscript.echo "Computer2: " & strComputer2 ' Call function to return the distinguished name (DN) of the computer strComputerDN1 = getComputerDN(strComputer1,strDomain) strComputerDN2= getComputerDN(strComputer2,strDomain) WScript.Echo "ComputerDN1: " & strComputerDN1 WScript.Echo "ComputerDN2: " & strComputerDN2 function getComputerDN(strComputer, strDomain) 'Use NameTranslate to convert NT name into DN. Set objTrans = CreateObject("NameTranslate") ' Initialize by specifying Domain Controller. Specify credentials. objTrans.InitEx ADS_NAME_INITTYPE_DOMAIN, strDomain, strUser, strDomain, strPassword ' Use Set method to specify NT format of name. ' Be sure to append the "$" to the NetBIOS name of the computer. objTrans.Set ADS_NAME_TYPE_NT4, strDomain & "\" & strComputer2 & "$" strComputerDN = objTrans.Get(ADS_NAME_TYPE_1779) ' Use NameTranslate to convert NT name into DN. Set objTrans = CreateObject("NameTranslate") ' Initialize by specifying Domain Controller. Specify credentials. objTrans.InitEx ADS_NAME_INITTYPE_DOMAIN, strDomain, strUser, strDomain, strPassword ' Use Set method to specify NT format of name. ' Be sure to append the "$" to the NetBIOS name of the computer. objTrans.Set ADS_NAME_TYPE_NT4, strDomain & "\" & strComputer1 & "$" strComputerDN = objTrans.Get(ADS_NAME_TYPE_1779) End Function 'Bind to clone user object. Set objClone = GetObject("LDAP://ad.test.com" & "/" & strComputerDN1) ' Bind to new user object. Set objComputer = GetObject("LDAP://ad.test.com" & "/" & strComputerDN2) ' Enumerate direct group memberships of clone user. For Each objGroup in objClone.Groups ' Check if new user already a member. If (objGroup.IsMember(objComputer.AdsPath) = False) Then ' Add new user to the group. objGroup.Add(objComputer.AdsPath) End If Next

Since its a Window Refresh the system will already be a member of a AD group, so how to trigger the app install, is there any script which can start installation right after window 7 installation ?

Hi, We are trying to install some 100 applications right after Windows 7 migration & we are planning to have Security Groups for each application & the Computer account moved into the required groups, so that the required applications are installed only for that particular computer. Is there an option to install the applications right after the Window 7 is installed so that when the users login they should have the applications. The collection, set with Query AD takes time to discover the systems from the AD Group so the application installation takes time normally 24Hrs & there are 5000+ system accounts in the AD. Is there a way to do this ?