I am trying to get all the computers in an OU with their Name, Description and DistinguishedName properties, store them in a variable. Delete all the computers in the OU and re-create those computer accounts back into AD and place them at the top level OU using a script. Once the computers accounts were created, I want to copy the description of the old computers back into the newly created ones and move the newly created accounts from the top level OU into their correct OU using distinguishedname. Here is where I am stuck, I can’t figure out how to match each computer to the array variable that stores the description and distinguishedname. This is what I have so far:
$Lab = Read-Host "enter OU name"
$OU = Get-ADOrganizationalUnit -Filter 'Name -like $Lab' -Properties DistinguishedName | Select-object -expandProperty DistinguishedName
$ComputerTemplates = Get-ADComputer -Filter * -SearchBase $OU -Properties Name, Description, DistinguishedName | Select-Object Name, Description,
@{Name ='DistinguishedName'; Expression = {$_.DistinguishedName.split(',',2)1]}}
#foreach($comp in $ComputerTemplates)
#{
I am thinking of using loop to match the computers but I am stuck
#}
Hmmm … that sounds like a really weird requirement. Independendly from your question about how to code this - what is the purpose of this action? Are you aware of the fact, that the computers you deleted the AD objects of are no longer member of your AD domain? Even when you create new AD object with the same name the SIDs will be different.
So you actually want to move them to the same OU you’ve just deleted them from before?
And btw: If you already have the names and descriptions and OU (DN) in a variable you could just re-create them at the same place they have been using the properties from the variable.
so I work at a college where we would do reimaging of labs computers every summer to get things ready for the next semester. Normally, we would just do imaging, but this time, due to Microsoft changes to domain join hardening we need to do this at least for this summer. As you can imagine the number of computers in the labs that I have to complete, manually copying the description and moving back to their correct OU is something I don’t want to think about.
And yes, i understand that by deleting the accounts the SIDs will also be deleted and no longer a member of the domain. Once we re-create the account in AD, we use SCCM to reimage the devices and the task sequence will rejoin the newly created accounts back onto the domain.
OK, but if you want to delete and recreate the computer accounts at the same location as they were before you just need to use the properties you have in your $ComputerTemplates variable. There’s no need to create them in another OU, move them around and add descriptions later.
i am sorry for leaving out this piece of info, our sys admin has a script that we use to create the accounts. The script puts the accounts at that top level OU, unfortunately, we can’t modify the script to put the accounts where we want from the get-go, hence my trying to do this, which is not a big issue from my point of view, I look at it as an opportunity for me to learn powershell.
when I run $computertemplate.gettype() it’s an array, so my thinking was, if I do foreach loop, and say:
foreach ($comp in $computertemplate)
{ if $comp -in $computertemplate
{ if (test-path "ad:\cn:device name, OU=top level OU, DC=domain name)
grab that matching computer in the array (no idea how to do this)
copy the description of matching computer with set-adcomputer with
$computertemplate.description
move to correct OU with move-aobject with $computertemplate.distinguishedname
}
At least that’s what my thought process are at the moment, not sure if that’s the correct way to do this, but once I know how to match and grab the name in $computertemplate array, I can test it out.
