0 votes

For creating a computer object, we want to check if the entered CN is already used in our AD. And for that we want to use a powershell script.

An other dot is, if the entered CN is in used, so we want to add the next free number.

f.e. we entered the CN = NBTEST but the CN is in used, so the powershell script will check with adding number on CN which CN is availible.

checked: NBTEST1 NBTEST2 ...

after this check we know that the next possible CN is NBTEST3

But now we have the problem, that we dont know., how to use this "new" CN for adding the object to our AD.

the powershell script should be start before creating the computer object, right?

Thanks for your help.

by (80 points)

1 Answer

0 votes
by (292k points)
selected by
Best answer

Hello,

Yes, it is possible. Have a look at the following tutorial: https://www.adaxes.com/help/ValidateModifyUserInputWithScript.

0

image.png

image.png

0

Hello,

Thank you for the provided screenshot. To test the script, it is required to actually create a computer. It is not possible to test such scripts by executing them in the editor or when viewing the action. The behavior is by design and cannot be changed.

0

ok I understood, but when I try to create the CPU in adaxes webapp, I get the message that the entered CPU name is in use. image.png

And that's exactly why we want to automatically adjust the name and create the computer object with the new name.

0

Hello,

Unfortunately, the screenshot is pretty unreadable and we cannot see the actual error. However, it might be something to do with AD checks. The script currently only validates the Computer Name (schema name cn) property. If there is no script validating the sAMAccountName property, the corresponding check must be added to this script. You can find the updated script below.

function IsComputerNameUnique($computerName)
{
    # Search parameters
    $searcher = $Context.TargetObject
    $searcher.Criteria = New-AdmCriteria "computer" -Expression {cn -eq $computerName -or sAMAccountName -eq "$computerName`$"}
    $searcher.SearchScope = "ADS_SCOPE_SUBTREE"
    $searcher.SizeLimit = 1
    $searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
    $searcher.VirtualRoot = $True

    try
    {
        # Execute search
        $searchResultIterator = $searcher.ExecuteSearch()
        $searchResults = $searchResultIterator.FetchAll()

        return $searchResults.Length -eq 0
    }
    finally
    {
        # Release resources
        if ($searchResultIterator){ $searchResultIterator.Dispose() }
    }
}

$computerName = "%cn%"

# Check whether the same object already exists.
if (IsComputerNameUnique $computerName)
{
    return
}

for ($i = 1;; $i++)
{
    # Build a new name
    $uniqueComputerName = $computerName + $i

    if (IsComputerNameUnique $uniqueComputerName)
    {
        # Rename the computer
        $Context.SetModifiedPropertyValue("cn", $uniqueComputerName)
        $Context.SetModifiedPropertyValue("sAMAccountName", "$uniqueComputerName`$")
        $Context.LogMessage("Full Name has been changed to $uniqueComputerName.", "Information")
        return
    }
}
0

thank you very much, it works. have a nice day

Related questions

0 votes
1 answer

Hi, would it be possible to script a workstation in AD and also directly from our local SCCM environment ?

asked Oct 28 by ddesmedt (40 points)
0 votes
1 answer

I have a dropdown-field on the web surface, which is populated by a script. The script looks up all groups in a specific OU and displays them. In the Property Pattern ... random order. What should i do to show the groups in alphabetical order in the portal?

asked Sep 15, 2020 by lohnag (160 points)
0 votes
1 answer

I have 18 domains managed by Adaxes and have noticed that Admin (full access) t all objects acts normally, but for piecemeal scopes like Service Desk that scopes to individual ... role (including 16 denies) and expect it to grow as we add more domains.

asked Sep 20, 2022 by DA-symplr (100 points)
0 votes
0 answers

I am trying to find a way to create Groups based off an OU and a list of options (check boxes) within the portal For example: Select the Target OU to add groups ... 3 - Remote Administrators Option 3 - Remote Developers Option 4 - Readers Option 4 - Writers

asked Sep 11, 2020 by dknapp (100 points)
0 votes
1 answer

This script description says it can find the manager via FullName Distinguished name or Display name. Wondering if we can change it to use employeeID or SamAccountName.

asked Oct 24, 2022 by mightycabal (1.0k points)
3,572 questions
3,261 answers
8,277 comments
547,995 users