the1mavin Posted October 21, 2013 Share Posted October 21, 2013 Hello, We've got an issue with PC reimaging where if the PC existed in AD prior to being imaged GPO applies and "breaks" my Provisioning process. In order to work around this I am attempting to move the computer object to the default Computer OU prior to Provisioning and then move it to the correct long term OU at the end of the Provisioning process. I've put together a AutoIt script puts the PC name together based on the algorithm <PC>-<ComputerSerial> using WMI pulls and then using AD UDFs moves the PC to the default "Computer" OU in AD. The compiled script works properly in Windows, but fails in WinPE. When testing in Windows, I am logged in with a local account on the PC not a domain account. The error I receive is "Line 4131 (file "x:PreOSMove.exe"): Error: Variable must be of type "Object"." I added a couple MsgBox lines to the code to see if I could determine where it is failing (sorry I am a rookie, so advanced debugging is over my head, but I'm willing to learn so any ideas here are appreciated as well). The script successfully displays up to "MsgBox(0, "Computer name", $compname)". Since the script is only 50 lines long I suspect the error lies in the way I am using one of the AD functions, in the If statement in the WorkstationMove function. What am I missing... Thanks! expandcollapse popup; query WMI for Serial Number ; build computer name as PC-<Serial> ; query AD for existing PC and move to "Computers" OU if it exists #include <Array.au3> #include <ad.au3> $wbemFlagReturnImmediately = 0x10 $wbemFlagForwardOnly = 0x20 $colItems = "" $strComputer = "localhost" $Serial="" $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2") $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_SystemEnclosure", "WQL", $wbemFlagReturnImmediately + $wbemFlagForwardOnly) If IsObj($colItems) then For $objItem In $colItems $Serial = $objItem.SerialNumber MsgBox(0,"Serial Number", "WMI SerialNumber: " & $Serial) Next Else Msgbox(0,"WMI Results","No WMI Objects Found for class - unable to retrieve SerialNumber: " & "Win32_SystemEnclosure" ) Endif $compname = "PC-" & $Serial _WorkstationMove() Exit Func _WorkstationMove() Global $iResult, $sAD_OU = "CN=Computers,DC=domain,DC=domain,DC=com" ; Open Connection to the Active Directory Global $sAD_UserIdParam = "serviceAcct.svc@domain.domain.com", $sAD_PasswordParam = "complexPwd", $sAD_DNSDomainParam = "DC=domain,DC=domain,DC=com", $sAD_HostServerParam = "DCShortName", $sAD_ConfigurationParam = "CN=Configuration,DC=domain,DC=domain,DC=com" _AD_Open($sAD_UserIdParam, $sAD_PasswordParam, $sAD_DNSDomainParam, $sAD_HostServerParam, $sAD_ConfigurationParam) $sComputer = $compname MsgBox(0, "Computer name", $compname) If _AD_ObjectExists($sComputer & "$") Then $aResult = _AD_GetobjectsInOU($sAD_OU, "(name=" & $sComputer & ")", 1) If @error = 0 Then MsgBox(0, "Info", "Computer: " & $sComputer & " is already defined in OU: " & $sAD_OU) ElseIf @error = 3 Then MsgBox(0, "Info", "Computer: " & $sComputer & " is not defined in OU: " & $sAD_OU & " and has to be moved!") _AD_MoveObject($sAD_OU, $compname & "$") Else MsgBox(0, "Error", "An error occurred when calling function _AD_GetobjectsInOU: @error = " & @error & ", @extended = " & @extended) EndIf EndIf _AD_Close() EndFunc ;==>_WorkstationMove Link to comment Share on other sites More sharing options...
BrewManNH Posted October 21, 2013 Share Posted October 21, 2013 Some of the WMI classes might be missing in the PE version, do a google search to see if the ones you're looking at aren't included and look for workarounds. If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag GudeHow to ask questions the smart way! I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from. Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays. - ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script. - Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label. - _FileGetProperty - Retrieve the properties of a file - SciTE Toolbar - A toolbar demo for use with the SciTE editor - GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI. - Latin Square password generator Link to comment Share on other sites More sharing options...
kor Posted October 21, 2013 Share Posted October 21, 2013 I had a similar problem which I resolved outside of AutoIt. I had WinPE add the computer to the correct OU to begin with based on criteria set in the imaging XML files. This allowed me not to have to rely on scripts during the WinPE process. While it doesn't help your existing script, I can post my AutoAttend if you want to see how to automate things inside there. Link to comment Share on other sites More sharing options...
the1mavin Posted October 21, 2013 Author Share Posted October 21, 2013 Some of the WMI classes might be missing in the PE version, do a google search to see if the ones you're looking at aren't included and look for workarounds. Thanks for the idea - I added the MsgBox line items and verified that the WMI lookup for Serial is working properly. I 'think' I am good on WMI, but failing later when trying to use one of the AD UDFs.... Link to comment Share on other sites More sharing options...
the1mavin Posted October 21, 2013 Author Share Posted October 21, 2013 I had a similar problem which I resolved outside of AutoIt. I had WinPE add the computer to the correct OU to begin with based on criteria set in the imaging XML files. This allowed me not to have to rely on scripts during the WinPE process. While it doesn't help your existing script, I can post my AutoAttend if you want to see how to automate things inside there. kor - If you can post your AutoAttend it would be great, perhaps I am missing something there. Right now, I my unattend.xml is directed to my default Computers OU (<MachineObjectOU>CN=Computers,DC=domain,DC=domain,DC=com</MachineObjectOU>). What I am seeing is that, if the PC has never existed in AD, it creates it in the Computers OU, but if the object already exists, it does NOT move it. Since it is not moved it reboots during provisioning and applies the GPO for the OU that it was in previously. Unfortunately these GPOs have too much security for the Provisioning process and I start seeing random failures because of them. Link to comment Share on other sites More sharing options...
kor Posted October 21, 2013 Share Posted October 21, 2013 Here is my customsettings.ini This allows me to specific which OU the machines are added in based on the IP address they get when imaging. This way they are already created in the OU that I want and I have noticed that the imaging process takes care of rejoining an object if it already existed. [settings] Priority=DefaultGateway,Default,WSUSServer Properties=MyCustomProperty [Default] OSInstall=Y SkipCapture=YES SkipAdminPassword=YES SkipApplications=YES SkipProductKey=YES SkipComputerBackup=YES SkipBitLocker=YES SkipBDDWelcome=YES UserID= UserDomain= UserPassword= DomainAdmin= DomainAdminPassword= DomainAdminDomain= JoinDomain= TaskSequenceID=DEPLOY SkipBuild=YES _SMSTSORGNAME= _SMSTSPackageName=Windows 7 Installation SkipFinalSummary=YES SkipSummary=YES SkipUserData=YES DeploymentType=NEWCOMPUTER SkipDeploymentType=YES SkipTimeZone=YES SkipLocaleSelection=YES FinishAction=RESTART SkipComputerName=YES SkipDomainMembership=YES TimeZone=015 TimeZoneName=U.S. Mountain Standard Time UserLocale=en-US UILanguage=en-US KeyboardLocale=en-US OSDComputername=#Right(Replace("%macaddress001%",":",""),15)# [WSUSServer] WSUSServer=http://dom-sccm:8530 [DefaultGateway] 10.0.2.1=DOM 10.0.4.1=DOM 10.0.8.1=DOM 10.0.33.1=BAL 10.0.36.1=BAL 10.0.40.1=BAL 10.0.65.1=CRK 10.0.68.1=CRK 10.0.72.1=CRK 10.0.97.1=GRF 10.0.100.1=GRF 10.0.104.1=GRF 10.0.129.1=ORN 10.0.132.1=ORN 10.0.136.1=ORN 10.0.161.1=BRN 10.0.164.1=BRN 10.0.168.1=BRN [DOM] MachineObjectOU=OU=Workstations,OU=Site1,DC=ad,DC=contoso,DC=com [bAL] MachineObjectOU=OU=Workstations,OU=Site2,DC=ad,DC=contoso,DC=com [CRK] MachineObjectOU=OU=Workstations,OU=Site3,DC=ad,DC=contoso,DC=com [GRF] MachineObjectOU=OU=Workstations,OU=Site4,DC=ad,DC=contoso,DC=com [ORN] MachineObjectOU=OU=Workstations,OU=Site5,DC=ad,DC=contoso,DC=com [bRN] MachineObjectOU=OU=Workstations,OU=Site6,DC=ad,DC=contoso,DC=com Link to comment Share on other sites More sharing options...
the1mavin Posted October 21, 2013 Author Share Posted October 21, 2013 Very nice. I am doing Win 7 machines with a simple unattend.xml (we're using LANDesk, for Provisioning so the script inserts the appropriate unattend.xml). The file contains the OU in the Domain Join section and works properly for a new PC. Unfortunately for an existing PC it joins the domain again, but does not move the computer object. Thanks for your time and info - I was hoping that there was something simple I am missing. My goal would be - If PC is in a Production OU - move it to the Provisioning OU (during PE phase) Join domain in sysprep - remains in Provisioning OU Complete Provisioning - move it to the Production OU (same code work fine in Windows to perform this step) Since I am stuck here, I'm actually looking at skipping the domain join during sysprep right now and examing the possibility of joining the domain at/near the end of the Provisioning process using a script. Seeing mixed success so far -- that may turn into another thread. Here is my customsettings.ini This allows me to specific which OU the machines are added in based on the IP address they get when imaging. This way they are already created in the OU that I want and I have noticed that the imaging process takes care of rejoining an object if it already existed. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now