RIS OU Location based on user

May 31, 2011 at 6:21 AM

Hi All,

I was wondering if there has been any web service developed to to give MDT the RIS workstation location account functionality.

An example of this is that in our current environment (RIS/WDS) our Computer OU location is determined on what USER we use to login into WDS with.

e.g. wdsaccountfred would join the computer to ou=workstation/fred etc.

I looked at Michael Niehaus code however looks like it only changed the computer name. Am I correct?

Currently I am looking at using profiles in MDT to detemine computer OU location however this will get messy with our labs as we have over 100 OU's.

A web service sounds like a better way to but when it comes to programming Im pretty daft.

Any help is greatly appreciated.

Cheers

Greg Turnbull

Coordinator
Jun 6, 2011 at 7:42 PM

Hi Greg,

not 100% sure I really understood what you were asking for. What information would you like to use to identify the OU used to add the computer to?

Regards

Maik

Jun 6, 2011 at 9:59 PM

Hi Maik,

Thanks for getting back to me.

You asked "What information would you like to use to identify the OU used to add the computer to?"

Basically Im looking for a way to ensure that a OU in which a user is located within is the one that the computer is moved into when it joins the domain.

So the OU location is dependant on the user account location within active directory and the account used to image the computer.

This functionality is included in WDS & RIS however doesnt seem to exist in MDT by default without some sort of web service to do the job, although I found through some help on the internet that I can use selection profiles to do this but it is limited and would become messy with a large amount of mutliple OU's.

I have pasted some of my customsettings.ini here as it may give you an idea on what I am trying to accomplish.

[WDS7GeneralDesk] (This is the account I login to MDT with for imaging and by using this acount it sets the OU in which the computer will be moved to when it joins the domain)
MachineObjectOU=OU=7GeneralDesktop,OU=7General,OU=7Staff,OU=7Workstations,OU=Windows7,OU=OS,DC=*
WizardSelectionProfile=WINDOWS7X64DESKTOPS

The problem with this is that I have to add a selection profile for every OU and user that we want to use to dtermin the location of the computer within active directory.

I hope this makes more sense. If not let me know and I will do some screenshots.

Cheers

Greg Turnbull

 

Coordinator
Jun 14, 2011 at 7:30 AM

Hi Greg,

so you are using different User accounts during your MDT Deployment?

If so, there are a couple ways I could imagine how to do that. The easiest one is probably getting the distinguished name of the User. That gives you the correct path. Remove the CN={samaccountname} part of it and you have a valid OU path. This could then be used to set MachineObjectOU to correctly join and/or move the computer account.

Currently there is no web service function that allows you to get this information. But I could add another one similar to "GetComputerAttribute" ("GetUserAttribute" ?)

Coordinator
Jun 15, 2011 at 10:14 AM

Hi Greg,

I've published the Beta 2 of the upcoming Release 7.3 at http://mdtcustomizations.codeplex.com/releases/view/26318. It contains a function called "GetUserParentPath" that returns the parent path of the supplied user. That should normally be the correct OU. Just give it a test if that fits your needs.

Regards

Maik

Jul 8, 2011 at 5:41 AM

Hi Maik,

Sorry for my tardy reply.

Havent been able to get back to this until very recently.

Thankyou very much for getting back to me.

This sounds exactly like what I am trying to achieve.

I successfully installed the webservice and was able to use the invoke script to test it the basics.

What I havent been able to work out is how to I add this to my customsettings.ini file.

Is this even possible.

I have tried the following in my cs.ni with no sucess

***************************************************************************************

[Settings]

Priority=GetUserParentPath,Default

Properties=Username

[GetUserParentpath]

WebService=http://servername/mdtweb/ad.asmx/GetUserParentPath

Parameters=Username

MachineObjectOU=Username

***********************************************************************************************

The bdd.log spits out the following errors:

 "No valid specified parameter 'USERNAME'"

So its looks like it is not capturing the UserID I am using fro MDT.

Any suggestions what I am doing wrong.

Cheers

Greg Turnbull

 

Coordinator
Jul 8, 2011 at 6:48 AM

The MDT property is called "UserID". So you have to tell the web service call to use the value of UserID for the Parameter Username. You could do it like this:

[Settings]
Priority=GetUserParentPath,Default

[GetUserParentPath]
WebService=http://servername/mdtweb/ad.asmx/GetUserParentPath
Parameters=UserID
UserID=Username
MachineObjectOU=string

 

Regards
Maik

Oct 4, 2013 at 7:41 AM
Hi Maik,

Unfortunately it's not working.

[Settings]
Priority=GetUserParentPath,Default

[GetUserParentPath]
WebService=http://swigemdt001.unhcr.local/DeploymentWebservice/ad.asmx/GetUserParentPath
Parameters=UserID
UserID=Username
MachineObjectOU=string

The error message is always the same : "no value specified for parameter 'USERID', web service results could be unpredictable.
any idea ?

How to get the MDT 2012 property of "USERID" and use it into the webservice ?

Thanks