Jump to content


eric.vennekotter

Add computer to Active Directory group during OSD

Recommended Posts

Hello everyone!

 

I deploy applications to device collections that are populated by AD group membership. This is working great, but it causes some trouble when imaging an unknown computer.

 

When going through OSD, I would like to have an option to specify which AD group the computer should belong to (it already prompts for a computer name and adds it to a specific OU that I specified). After the group is specified and the computer gets named and added to the domain, I can then have the task sequence deploy software based on which AD group it is a member of, just like I do after the computer is known to SCCM.

 

Is this possible? Or is there a better way to handle application installs to unknown computers during OSD?

 

I want the application install to happen during OSD so that I can specify the order of installation and so that I can be sure the computer is "ready to go" as soon as the Windows logon screen appears.

 

Any help is appreciated!

Share this post


Link to post
Share on other sites


You can add computers to an Active Directory group in the OSD. Off the top of my head one way to place an unknown computer in a different AD group would require you to input a TSVariable at the start of the OSD, this variable could be used to determine which OU you put the computer in. You would need to create multiple Network Settings tasks for each OU you wanted to place computers in and then have them run conditionally depending on the TSVariable. It will make your Task Sequence look untidy to edit but will look no different to the end user. It also probably doesn't make sense to do if you have hundreds of OUs you want to put computers in but for 3 or 4 it should work fine.

Share this post


Link to post
Share on other sites

Thanks for the reply but what I'm looking for is the ability to add a computer to an Active Directory security group, not an Organizational Unit. All of my software is deployed based on group membership instead of OU placement. I would do it OU based, but group membership is more flexible in most situations.

Share this post


Link to post
Share on other sites

Sure you can do this, write a script to add the computer account into your AD security group. Then run the script during the TS.

Share this post


Link to post
Share on other sites

I'll have to find one out there that I can use (I don't have a lot of experience writing scripts). I assume that if I want to be able to specify which group the computer goes into, I'll have to prompt for a TS variable? If that's the case, how do I pass that variable into a script?

Share this post


Link to post
Share on other sites

Variables are represented by %variable% So in your script you would reference the TS Variable you create that way. I can't help on the script itself sorry.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...