MoveComputerToOU using DC local to web service

Sep 21, 2011 at 7:31 AM

Using version 7.3 of web service on a Windows 2008 R2 server we are trying to use the webservice to move computer to a build OU. The computer is getting moved but it's on the DC local to the web service. This is with a Windows 7 client in a 2003 forest.

Apart from installing the webservice on each site, is there any other way to get this working?

Coordinator
Sep 21, 2011 at 9:00 AM

The webservice will try to connect to a Domain Controller that is local to the computer requesting the move. It does this based on the IP Address of the caller and verifies them against the configured subnets per site. If it isn't able to identify a DC local to the computer, it will take a DC local to the web server, so that the actions happens at least and just have to replicate throughout the Domain. In most cases where this happens, the subnets aren't configured correctly, or the request was sent using IPv6. Currently there is no logic for IPv6 implemented.

For more information, check the logs (http://mdtcustomizations.codeplex.com/wikipage?title=Webservice%20Troubleshooting).

Regards

Maik

 

Sep 21, 2011 at 11:39 AM

I have checked the subnets and they are correctly assigned in AD sites. We are currently capturing an updated image so will try with IPv6 disabled and will comment here when tested.

Coordinator
Sep 21, 2011 at 1:04 PM

As said, check the logs. They should tell you more.

Regards

Maik

Sep 21, 2011 at 2:48 PM

Got logging working. (needed to give write access to log directory)

Shows it's a Root/Child domain issue.

Switched to ADex and debug shows it returns the Root domain controller, not the Child which is where all the clients are. All changes are then made on the wrong DC and with the speed of the client it's happening before replication.

Mar 8, 2013 at 8:42 PM
Was this issue ever resolved? I've experienced this exact same thing. The MoveComputerToOU function finds a local DC for computer but when it's trying to find the distinguished name of the computer and OU it goes against DC's local to the web service. It should be using the DC's local to the computer for the distinguished name lookup. This will help to minimize replication type issues when the machine account is newly created.
Mar 11, 2013 at 1:48 PM

We ended up putting a delay in the Task sequence to allow for replication and moved on

Andy Dawson