Sign in to follow this  
Followers 0
the1mavin

Issue running script in WinPE

7 posts in this topic

Hello,

We've got an issue with PC reimaging where if the PC existed in AD prior to being imaged GPO applies and "breaks" my Provisioning process.  In order to work around this I am attempting to move the computer object to the default Computer OU prior to Provisioning and then move it to the correct long term OU at the end of the Provisioning process.

I've put together a AutoIt script puts the PC name together based on the algorithm <PC>-<ComputerSerial> using WMI pulls and then using AD UDFs moves the PC to the default "Computer" OU in AD.  The compiled script works properly in Windows, but fails in WinPE.  When testing in Windows, I am logged in with a local account on the PC not a domain account.

The error I receive is "Line 4131 (file "x:PreOSMove.exe"): Error: Variable must be of type "Object"."

I added a couple MsgBox lines to the code to see if I could determine where it is failing (sorry I am a rookie, so advanced debugging is over my head, but I'm willing to learn so any ideas here are appreciated as well).  The script successfully displays up to "MsgBox(0, "Computer name", $compname)". 

Since the script is only 50 lines long I suspect the error lies in the way I am using one of the AD functions, in the If statement in the WorkstationMove function.

What am I missing...

Thanks!

; query WMI for Serial Number
; build computer name as PC-<Serial>
; query AD for existing PC and move to "Computers" OU if it exists

#include <Array.au3>
#include <ad.au3>

$wbemFlagReturnImmediately = 0x10
$wbemFlagForwardOnly = 0x20
$colItems = ""
$strComputer = "localhost"

$Serial=""
$objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
$colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_SystemEnclosure", "WQL", $wbemFlagReturnImmediately + $wbemFlagForwardOnly)

If IsObj($colItems) then
   For $objItem In $colItems
      $Serial = $objItem.SerialNumber
      MsgBox(0,"Serial Number", "WMI SerialNumber:  " & $Serial)
   Next
Else
   Msgbox(0,"WMI Results","No WMI Objects Found for class - unable to retrieve SerialNumber: "
& "Win32_SystemEnclosure" )
Endif

$compname = "PC-" & $Serial

_WorkstationMove()
Exit

Func _WorkstationMove()
    Global $iResult, $sAD_OU = "CN=Computers,DC=domain,DC=domain,DC=com"     ; Open Connection to the Active Directory
    Global $sAD_UserIdParam = "serviceAcct.svc@domain.domain.com", $sAD_PasswordParam = "complexPwd", $sAD_DNSDomainParam = "DC=domain,DC=domain,DC=com", $sAD_HostServerParam = "DCShortName",  $sAD_ConfigurationParam = "CN=Configuration,DC=domain,DC=domain,DC=com"
    _AD_Open($sAD_UserIdParam, $sAD_PasswordParam, $sAD_DNSDomainParam, $sAD_HostServerParam, $sAD_ConfigurationParam)
    $sComputer = $compname
    MsgBox(0, "Computer name", $compname)
    If _AD_ObjectExists($sComputer & "$") Then
            $aResult = _AD_GetobjectsInOU($sAD_OU, "(name=" & $sComputer & ")", 1)
        If @error = 0 Then
            MsgBox(0, "Info", "Computer: " & $sComputer & " is already defined in OU: " & $sAD_OU)
        ElseIf @error = 3 Then
            MsgBox(0, "Info", "Computer: " & $sComputer & " is not defined in OU: " & $sAD_OU & " and has to be moved!")
            _AD_MoveObject($sAD_OU, $compname & "$")
        Else
            MsgBox(0, "Error", "An error occurred when calling function _AD_GetobjectsInOU: @error = " & @error & ", @extended = " & @extended)
        EndIf
    EndIf
    _AD_Close()
EndFunc   ;==>_WorkstationMove

Share this post


Link to post
Share on other sites



Some of the WMI classes might be missing in the PE version, do a google search to see if the ones you're looking at aren't included and look for workarounds.


If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Share this post


Link to post
Share on other sites

I had a similar problem which I resolved outside of AutoIt. I had WinPE add the computer to the correct OU to begin with based on criteria set in the imaging XML files. This allowed me not to have to rely on scripts during the WinPE process. While it doesn't help your existing script, I can post my AutoAttend if you want to see how to automate things inside there.

Share this post


Link to post
Share on other sites

Some of the WMI classes might be missing in the PE version, do a google search to see if the ones you're looking at aren't included and look for workarounds.

Thanks for the idea - I added the MsgBox line items and verified that the WMI lookup for Serial is working properly.  I 'think' I am good on WMI, but failing later when trying to use one of the AD UDFs....

Share this post


Link to post
Share on other sites

I had a similar problem which I resolved outside of AutoIt. I had WinPE add the computer to the correct OU to begin with based on criteria set in the imaging XML files. This allowed me not to have to rely on scripts during the WinPE process. While it doesn't help your existing script, I can post my AutoAttend if you want to see how to automate things inside there.

kor - If you can post your AutoAttend it would be great, perhaps I am missing something there. 

Right now, I my unattend.xml is directed to my default Computers OU (<MachineObjectOU>CN=Computers,DC=domain,DC=domain,DC=com</MachineObjectOU>).  What I am seeing is that, if the PC has never existed in AD, it creates it in the Computers OU, but if the object already exists, it does NOT move it.  Since it is not moved it reboots during provisioning and applies the GPO for the OU that it was in previously.  Unfortunately these GPOs have too much security for the Provisioning process and I start seeing random failures because of them.

Share this post


Link to post
Share on other sites

Here is my customsettings.ini

This allows me to specific which OU the machines are added in based on the IP address they get when imaging. This way they are already created in the OU that I want and I have noticed that the imaging process takes care of rejoining an object if it already existed.


[settings]
Priority=DefaultGateway,Default,WSUSServer
Properties=MyCustomProperty
 
[Default]
OSInstall=Y
SkipCapture=YES
SkipAdminPassword=YES
SkipApplications=YES
SkipProductKey=YES
SkipComputerBackup=YES
SkipBitLocker=YES
SkipBDDWelcome=YES
UserID=
UserDomain=
UserPassword=
DomainAdmin=
DomainAdminPassword=
DomainAdminDomain=
JoinDomain=
TaskSequenceID=DEPLOY
SkipBuild=YES
_SMSTSORGNAME=
_SMSTSPackageName=Windows 7 Installation
SkipFinalSummary=YES
SkipSummary=YES
SkipUserData=YES
DeploymentType=NEWCOMPUTER
SkipDeploymentType=YES
SkipTimeZone=YES
SkipLocaleSelection=YES
FinishAction=RESTART
SkipComputerName=YES
SkipDomainMembership=YES
TimeZone=015
TimeZoneName=U.S. Mountain Standard Time
UserLocale=en-US
UILanguage=en-US
KeyboardLocale=en-US
OSDComputername=#Right(Replace("%macaddress001%",":",""),15)#
 
[WSUSServer]
 
[DefaultGateway]
10.0.2.1=DOM
10.0.4.1=DOM
10.0.8.1=DOM
10.0.33.1=BAL
10.0.36.1=BAL
10.0.40.1=BAL
10.0.65.1=CRK
10.0.68.1=CRK
10.0.72.1=CRK
10.0.97.1=GRF
10.0.100.1=GRF
10.0.104.1=GRF
10.0.129.1=ORN
10.0.132.1=ORN
10.0.136.1=ORN
10.0.161.1=BRN
10.0.164.1=BRN
10.0.168.1=BRN
 
[DOM]
MachineObjectOU=OU=Workstations,OU=Site1,DC=ad,DC=contoso,DC=com
[bAL]
MachineObjectOU=OU=Workstations,OU=Site2,DC=ad,DC=contoso,DC=com
[CRK]
MachineObjectOU=OU=Workstations,OU=Site3,DC=ad,DC=contoso,DC=com
[GRF]
MachineObjectOU=OU=Workstations,OU=Site4,DC=ad,DC=contoso,DC=com
[ORN]
MachineObjectOU=OU=Workstations,OU=Site5,DC=ad,DC=contoso,DC=com
[bRN]
MachineObjectOU=OU=Workstations,OU=Site6,DC=ad,DC=contoso,DC=com

Share this post


Link to post
Share on other sites

Very nice.  I am doing Win 7 machines with a simple unattend.xml (we're using LANDesk, for Provisioning so the script inserts the appropriate unattend.xml).

The file contains the OU in the Domain Join section and works properly for a new PC.  Unfortunately for an existing PC it joins the domain again, but does not move the computer object. 

Thanks for your time and info - I was hoping that there was something simple I am missing.

My goal would be -

  • If PC is in a Production OU - move it to the Provisioning OU (during PE phase)
  • Join domain in sysprep - remains in Provisioning OU
  • Complete Provisioning - move it to the Production OU (same code work fine in Windows to perform this step)

 

Since I am stuck here, I'm actually looking at skipping the domain join during sysprep right now and examing the possibility of joining the domain at/near the end of the Provisioning process using a script.  Seeing mixed success so far -- that may turn into another thread.

Here is my customsettings.ini

This allows me to specific which OU the machines are added in based on the IP address they get when imaging. This way they are already created in the OU that I want and I have noticed that the imaging process takes care of rejoining an object if it already existed.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0