Jump to content


Sigma

Established Members
  • Content Count

    2
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Sigma

  • Rank
    Newbie

Profile Information

  • Gender
    Male
  1. I am running a task sequence to decommission the computers on the network (format disk etc. but no OS installation). During this process I want to disable the computer account in AD on which that task sequence is running. I've written a VB Script that gets the Computer DN, connect to AD and try to disable the object. The script looks something like this: Set objComputer = GetObject( & computerDN ) objComputer.AccountDisabled = True objComputer.Put "Description", "Decommissioned" objComputer.SetInfo When I run this script in task sequence step, it throws "general access denied" error. The script successfully updates description if I remove the line: objComputer.AccountDisabled = True My thoughts are that the Task Sequence runs under "Local System" account and "Local System" account has full permissions on its computer account in AD. Correct me if I am wrong please. I can run the script under any other domain admin account (run as command line) but I don't see any reason to do this if above is true. (and it is true in case if I only update description). Any thoughts/ideas will be much appreciated. This Task Sequence step runs in Full Windows mode (not WinPE). Thanks.
  2. Can someone help create mandatory advertisement to run a task sequence using a script? Environment is SCCM 2007.
×
×
  • Create New...