Reply to Message

View discussion in a popup

Replying to:
juice13
Contributor
Contributor

Yes, this is a major shortcoming in my opinion, and is forcing a bunch of kludge solutions.

As mentioned above, using the sysprep file makes the VDM option to name each host the same as the VM unavailable.

Because of this I am trying to use the Run Once script from the customization wizard.

1) Create your template, and include a script that will move the host to the appropriate ou (and then reboot to ensure that the new group policy for that ou takes effect)

Notes:

-This script is going to have to be run as a domain user that has permissions to move computers between ou's (ie. Account Operator).

-It will also need to have permission to reboot the local computer, so make sure the user is a member of the local admins group or appropriate on the template.

-I use the RunAsSPC (suggested by someone else) program to run the script as a specific domain user. RunAsSpc allows you to encrypt the users password, and also I beleive it does a checksum on the script to make sure it is not changed once you create the "crypt" file. You can then create a shortcut which will call RunAsSpc, and have it run your script with the credentials that you saved in the crypt file.

2) Create your customization specification within Virtual Center. Include all the usual items such as XP license key etc. In the Run Once section, have it login once as the local administrator, and run the shortcut you created in the previous step. This customization spec can then be used in VDM to deploy your desktops, and will call the script you included in your template.

Hey did I mention this was an ugly kludge? I'm using VI 3.0.2 and VC 2.0.2, so maybe they've made the customization wizard better in VC 2.5. All it needs to do is handle the OU change, and we wouldn't have to bother with something ugly like this. Does someone using VC 2.5 know if the customization wizard can perform the OU change (without using a sysprep file)?.

Regards

Justin

Here's the script I'm using (Can't remember where I got most of it):

Option Explicit

Dim strDestOU, strObjToMove, strObjDN, objObjToMove

Dim WshNetwork, objShell, strShutdown

Const ForReading = 1, ForWriting = 2, ForAppending = 8

Set WshNetwork = WScript.CreateObject("WScript.Network")

'******************************************************

'* Specify OU for computer object to be moved to here!!

'******************************************************

strDestOU = "OU=Non-Persistent,OU=VDI,OU=Workstations,DC=company,dc=com"

strObjToMove = WshNetwork.ComputerName & "$" 'Append $ - Needed for computer objects

strObjDN = GetObjDN(strObjToMove, "computer")

If strObjDN <> "" Then

Set objObjToMove = GetObject("LDAP://" & strObjDN)

Call MoveUserToOU(strObjDN, strDestOU)

Else

WScript.Echo "Can't find object in AD: " & strObjToMove

End If

'* The following will initiate a reboot after 10 seconds

'*******************************************************

strShutdown = "shutdown -r -t 30"

'NOTE: Rebooting too quickly does not give the Virtual Desktop Agent enough time to communicate with the VDM server

set objShell = CreateObject("WScript.Shell")

objShell.Run strShutdown

WScript.Quit

'****************************************************************************************

'****************************************************************************************

Function MoveUserToOU(strUserDN, strDestOU)

'Moves a user to a new OU

'Just pass the DNs of the target OU and the user object

Dim objOU

Set objOU = GetObject("LDAP://" & strDestOU)

objOU.MoveHere "LDAP://" & strUserDN, vbNullString

End Function

Function GetObjDN(sObjShortName, sObjType)

'This function queries AD for a user by SAMAccountName and returns the distinguishedName for it

'(DN is used for LDAP binds...)

Dim sDomainADsPath, sProperties, strCmdTxt

Dim sUser, sPassword

Dim oCon, oCmd, oRecordSet

Dim intRecordCount

sDomainADsPath = "LDAP://" & ADRoot

Set oCon = CreateObject("ADODB.Connection")

oCon.Provider = "ADsDSOObject"

oCon.Open "ADProvider", sUser, sPassword

Set oCmd = CreateObject("ADODB.Command")

Set oCmd.ActiveConnection = oCon

sProperties = "distinguishedname"

strCmdTxt = "<" & sDomainADsPath & ">;(&(objectCategory=" & sObjType & ")(SamAccountName=" & sObjShortName & "));" & sProperties & ";subtree"

oCmd.CommandText = strCmdTxt

oCmd.Properties("Page Size") = 100

On Error Resume Next

Set oRecordSet = oCmd.Execute

On Error goto 0

intRecordCount = oRecordSet.RecordCount

If intRecordCount = 1 Then

oRecordSet.MoveFirst

While Not oRecordSet.EOF

Dim strObjDN, arrObjDN, strDNPart, intDNPart, intOUDNEntry

'Get the object's distinguishedname

strObjDN = oRecordSet.Fields("distinguishedname")

oRecordSet.MoveNext

Wend

GetObjDN = strObjDN

Else

WScript.Echo "ERROR: Expected exactly 1 record from AD. Records received = " & oRecordSet.RecordCount

'GetObjDN = False

End If

End Function ' End of GetObjDN Function

Function ADRoot()

Dim oRootDSE

On Error Resume Next

Set oRootDSE = GetObject("LDAP://RootDSE")

'If Err.Number <> 0 Then

'ADRoot = "DC=DS,DC=AD,DC=SSMHC,DC=com"

'Else

ADRoot = oRootDSE.Get("defaultNamingContext")

'End If

End Function

View solution in original post

Reply
0 Kudos