使用Powershell将计算机移至SCCM 2012任务序列中的新OU
[英]Move Computer to new OU in SCCM 2012 Task Sequence with Powershell
问题描述
How to move a computer to a new OU as a step in SCCM Task Sequence? 
在SCCM任务序列中,如何将计算机移至新的OU?
Requirements: 要求:
- Powershell instead of VBS Powershell代替VBS
- No "File" on the sccm client system sccm客户端系统上没有“文件”
As this is a Task Sequence step, the command will be executed locally on the SCCM Client so using the Active-Directory module is not an option unless the module is installed on every system that could be affected by this task. 由于这是一个“任务序列”步骤,因此该命令将在SCCM客户端上本地执行,因此除非在该任务可能影响的每个系统上都安装了该模块,否则不能选择使用Active-Directory模块。
Command-line execution defaults to CMD.exe, forcing to deal with painful string escape steps. 命令行执行默认为CMD.exe,强制执行痛苦的字符串转义步骤。
1 个解决方案
解决方案1
0 已采纳 2014-04-09 14:41:46
Looking around online I found a blog post that details SCCM allows for a step in Task Sequences called "Run Command Line". 在网上环顾四周,我发现了一篇博客文章 ,其中详细介绍了SCCM允许在任务序列中执行称为“运行命令行”的步骤。 However that blog post solution is not a stand-alone command line execution. 但是,该博客文章解决方案不是独立的命令行执行。
Additionally, I found a blog post with snippits for using ADSI instead of the Active-Directory module when attempting a Powershell solution to move the local host (any non-Domain Controller) to a new OU. 另外,我在尝试Powershell解决方案将本地主机(任何非域控制器)移动到新的OU时,发现了一个带有摘要的博客文章,其中提到使用ADSI而不是Active-Directory模块。
Combining those procedures into a single command line execution, it took some time, but i was able to work around combining the CMD.exe string parsing/escaping and the Powershell string parsing/escaping into a single command line execution that will work within a SCCM task sequence. 将这些过程组合到单个命令行执行中,花费了一些时间,但是我能够解决将CMD.exe字符串解析/转义和Powershell字符串解析/转义组合到单个命令行执行中的问题,该命令将在SCCM内运行任务序列。
- In SCCM2012: When editing a Task Sequence click Add, General, "Run Command Line" 在SCCM2012中:编辑任务序列时,单击“添加”,“常规”,“运行命令行”
Command line: 命令行:
C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe -command iex \" `$TargetOU=\"\"OU=TargetOUName,DC=ConglomiCo,DC=com\"\"; `$SysInfo=New-Object -ComObject \"\"ADSystemInfo\"\";`$ComputerDN=`$SysInfo.GetType().InvokeMember(\"\"ComputerName\"\",\"\"GetProperty\"\",`$Null,`$SysInfo,`$Null);`$Computer=[ADSI]\"\"LDAP://`$ComputerDN\"\";`$OU=[ADSI]\"\"LDAP://`$TargetOU\"\";`$Computer.psbase.MoveTo(`$OU);" \"
Note: Be sure to specify a domain account in the "Run Command Line" task that has the proper permissions: 注意:确保在“运行命令行”任务中指定具有适当权限的域帐户:
- Administrative execution permission on the SCCM Client system SCCM客户端系统上的管理执行权限
- AD permissions to move computer account objects 具有移动计算机帐户对象的AD权限
- Write access to the destination OU 写入对目标OU的访问权限
This solution contains the destination OU within the Command Line entry, however it is easily modifiable to read a registry entry, text file on the file system, etc which could contain the destination OU DN. 此解决方案在命令行条目中包含目标OU,但是可以很容易地对其进行修改,以读取注册表项,文件系统上的文本文件等,其中可能包含目标OU DN。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.