[download id=”19″]
UPDATE: New improved script 0.0.3 uploaded. Thanks to Nico_ at Technet Forums!
Hello everyone
My collegue Michael Petersen, needed a script to move computers to another OU, after re-installing them via SCCM/ConfigMgr.
He have written a blog post to show how to use it in a Task Sequence: https://blog.ctglobalservices.com/mip/using-ts-variables-when-running-a-script-under-a-different-account/
therefore i developed this small script
All you needs to do is to run it with the CN for the new OU (without the LDAP://) in the commandline like this:
cscript.exe MoveOU.vbs “OU=HQ,dc=woodgrovebank,dc=com”
' //***************************************************************************
' //***************************************************************************
' // ***** Script Header *****
' //
' // Solution: ConfigMgr
' // File: MoveComputerToCorrectOU.vbs
' // Author: Jakob Gottlieb Svendsen, Coretech A/S. https://blog.ctglobalservices.com
' // Purpose: Move computer to the correct OU that remains in variable MachineObjectOU
' // Run inside TS after install
' //
' // Usage: MoveComputerToCorrectOU.vbs
' //
' //
' // CORETECH A/S History:
' // 0.0.1 JGS 17/12/2009 Created initial version.
' // 0.0.2 MIP 17/03/2009 Added feature to add argument to script
' // 0.0.3 JGS 02/12/2010 Changed to ADSystemInfo for the DN retrieval, instead of a homemade function.
' // Thanks to Nico_ at Technet Forums
' //
' // Customer History:
' //
' // ***** End Header *****
' //***************************************************************************
'//----------------------------------------------------------------------------
'// Main routines
'//----------------------------------------------------------------------------
On Error Resume Next
'Get MachineObjectOU Value
Set wshNetwork = CreateObject("WScript.Network")
Set oFso = CreateObject("Scripting.FileSystemObject")
Set objSysInfo = CreateObject( "ADSystemInfo" )
Set ArgObj = WScript.Arguments
'Use first argument as target OU
strMachineObjectOU = ArgObj(0)
strComputerDN = objSysInfo.ComputerName
nComma = InStr(strComputerDN,",")
strCurrentOU = Mid(strComputerDN,nComma+1)
strComputerName = Left(strComputerDN,nComma - 1)
'If current ou is different than target OU. Move object
If UCase(strCurrentOU) <> UCase(strMachineObjectOU) Then
Set objNewOU = GetObject("LDAP://" & strMachineObjectOU)
Set objMoveComputer = objNewOU.MoveHere("LDAP://" & strComputerDN, strComputerName)
End If
'//----------------------------------------------------------------------------
'// End Script
'//----------------------------------------------------------------------------
[…] […]
Thanks, very useful !.
Thanks so much for posting this! The in-built task sequence steps for joining to domain and specifying OU don’t move to OU if the computer object already exists in AD and is already in an OU. A bit useless! I’ve incorporated this script into my task sequence and it works great. Cheers!
[…] solution is using this great VBSscript provided by Coretech.dk you can find it here:http://blog.coretech.dk/scripting/vbscript-move-computer-object-to-another-ou-via-command-line-param… The script will move the computer if it is not already in the specified OU, i was thinking of […]
Great script! Thanks for sharing!
I wrote a post about how I use it in a Task Seqeunce. http://ccmexec.com/?p=686
Again, thanks!
Regards,
Jörgen
Hi! I’m sure this is a great script but I cant’t manage to get it to run in my TS. If I run it manually from the computer it works fine. I also tried to copy it in the TS to the computer and run with command line, no luck. Any suggestions?
Hello Erik
Since you have not put any error message / log output in your comment, i have no chance of knowing that problem you have
i suggest to look at this article about running commands with variables in TS
http://blog.coretech.dk/mip/using-ts-variables-when-running-a-script-under-a-different-account/
and also the above guide in Jörgen’s comment
http://ccmexec.com/?p=686
Hi Jakob
Script works by itself when running out of fully operational Win 7 OS, but when running from the task in a TS, it fails with this error “CScript Error: Can’t find script engine “VBScript” for script …
I am using the same method depicted at:http://ccmexec.com/2010/12/move-computer-to-the-correct-ou-during-deployment/
I should mention, I am using domain admin account to run the script out of task in my Windows 7 Image deployment Task Sequence ….not the computer system account. All my tasks executing VB Scripts run perfectly well in the same TS (while deploying the very same image) when running in the context of the system account
Interesting: when I tried to deploy one of my test Win 7 images using the same TS script worked.
Is my production Image broken?
Thanks
Hi Lubo,
Are you loading the user profile of the account used to run the script?
I had similar failures with other VBS scripts I am running in another user context and they got resolved by loading the user’s profile.
Hi, thank you for your reply. No error messages, I have put this as the last step after installing SW. Some lines from the SMSTS log (If this is to much, let me know :):
Variable name: _SMSTSRunCommandLineAsUser TSManager 24.06.2011 08:08:38 336 (0x0150)
Variable name: SMSTSRunCommandLineUserName TSManager 24.06.2011 08:08:38 336 (0x0150)
Variable name: SMSTSRunCommandLineUserPassword TSManager 24.06.2011 08:08:38 336 (0x0150)
Action command line: smsswd.exe /run:P010003C cscript.exe MoveOU.vbs “OU=Desktop,OU=Computers,OU=xxxxxxxx,dc=xxxxx,dc=no” TSManager 24.06.2011 08:08:38 336 (0x0150)
Hi again,
Finally got it working,:). Removed the dashes in the string and retyped them, must have been a copy error or a typo i guess. cscript.exe MoveOU.vbs “OU=Desktop,OU=Computers,OU=xxxxxxxx,dc=xxxxx,dc=no”
Thanks!
I am trying to test it now. But i do have a question. I have a staging OU, so i can run this script and move the client to staging OU “in case if client is already in AD” and then run the script as the very last step to move in to the perm OU?
When i run it manually i get no error msg but its not moving client to a new OU. When i try to run it from the TS the script is failing.
cscript.exe “%SCRIPTROOT%MoveOU.vbs “OU=Windows7,OU=***,OU=***,OU=***,DC=***,DC=***,DC=com”
Thanks for sharing this, it was exactly what I needed to resolve issues with GPO doing unwanted things during the OSD process. Works great for us
MDT users: which part of the task sequence are you guys adding the vbs to?
This script runs great once I copy it to the local machine. The issue that I am having is that I am PXE booting a PC and it is pulling a MINIT… computername. How can I add a variable to use when searching AD instead of using the currenlty assigned computername?
I am fairly new to scripting, but hacking away everyday.
Thanks.
P.S.
To those who can not run it inside of a TS, I have resolved this by copying it to the local C:, running it, and then deleted it from the C: in my TS.
@Ben
thnx for sharing the fix about the TS, before i got to reply.
It is always a good idea to copy script to local PC if you are having problems
about the computername
just change
strComputerDN = objSysInfo.ComputerName
to
strComputerDN = “CN=MyPC,DC=Contoso,DC=com”
unfortunately you will have to use the FQDN and not the NEtbios computername
if you want to search by name instead you can implement at script like this one
http://gallery.technet.microsoft.com/scriptcenter/0d865bfb-bb10-4147-86c2-f2b68a438de9
@Jakob
thnx for the quick reply. I think that I worded my question wrong. I am wanting a popup box to ask me for the desired new name of the PC. Then I want the script to move that PC to a specific OU. Then that same name should be passed to the UDI for the computer name portion. Below is what I have so far. It does pass the name to the UDI, but it does not move the PC to the correct OU. All of this is being run in a TS.
On Error Resume Next
‘Added variables
Dim OSDComputerName
‘Popup to get OSDComputername
strComputer = InputBox(“Enter Computer Name:”)
Set myTSEnv = CreateObject(“Microsoft.SMS.TSEnvironment”)
myTSEnv(“OSDComputerName”) = strComputer
‘Get MachineObjectOU Value
Set wshNetwork = CreateObject(“WScript.Network”)
Set oFso = CreateObject(“Scripting.FileSystemObject”)
Set objSysInfo = CreateObject( “ADSystemInfo” )
Set ArgObj = WScript.Arguments
‘Use first argument as target OU
strMachineObjectOU = ArgObj(0)
‘strComputerDN = objSysInfo.ComputerName
strComputerDN = objSysInfo.OSDComputerName
nComma = InStr(strComputerDN,”,”)
strCurrentOU = Mid(strComputerDN,nComma+1)
strComputerName = Left(strComputerDN,nComma – 1)
‘If current ou is different than target OU. Move object
If UCase(strCurrentOU) UCase(strMachineObjectOU) Then
Set objNewOU = GetObject(“LDAP://” & strMachineObjectOU)
Set objMoveComputer = objNewOU.MoveHere(“LDAP://” & strComputerDN, strComputerName)
End If
Hi ben,
How you solve in the end?
Could you share?
hello ben
there are sevreal problems in your approach.
1. You cannot show a messagebox or any other interaction with the user from a TS. It is not possible, since the TS does not run in the same context as the user (it runs in administrive context / local_system). at least that is what the documentation says, so i always keep from it, but maybe it does work on some machines?
2. You are assigning a computername to myTSEnv(“OSDComputerName”) but using it as objSysInfo.OSDComputerName ?
3. what kind of computername are you typing in ? is it DistinguishedName as required?
– Jakob
I can’t seem to get this to work even from the command prompt. Using 0.0.3 version
Usage:
cscript.exe moveou.vbs “OU=XXXX,OU=XXX,OU=XX,DC=XXX,DC=XXX,DC=XXX”
used dsquery computer to verify LDAP ifo.
Any way to troubleshoot this with a log or something?
Thanks.
Robert
Hello
I’m trying to use this script in a sccm TS. This TS is migrating a machine from XP to win7 and is using the MDT integrated DB to change the computername. The new computerobject is than put into the correct OU in AD.
What I want to do is to use a script like this to move the old computerobject to a OU for migrated computers.
I have noticed that the old computername is stored in the SCCM variable _SMSTSMachineName during the complete TS. So I am thinking of running this like:
cssript.exe moveou.vbs “OU-….” %SMSTSMachineName%
My skills in vb scripting are limited, but so far I have come up with the following change to the script:
‘Use first argument as target OU
strMachineObjectOU = ArgObj(0)
strComputerDN = ArgObj(1)
So far this is not working for me. Any ideas
@Ben.
You could use a HTA to pass variables from HTA to the TS.
Heres a great post on it http://www.windows-noob.com/forums/index.php?/topic/3245-how-can-i-pass-values-from-the-hta-to-the-task-sequence/
i also use a script to ask for a computer if the computer name begins with “minint” great when you install a new computer.
Does anyone has this working?
I am trying to run this manually from the local script. Not getting any errors. However the workstation is not moving to a new OU.
cscript.exe MoveOU.vbs “OU=Windows7,OU=**,OU=**,OU=**,DC=**,DC=**,DC=com”
Sorry for not giving more information.
I am getting an error on the following line:
Set objNewOU = GetObject(“LDAP://” & strMachineObjectOU)
(null): A referral was returned from the server
Hey Mike,
The error probably relates to incorrect DC statements. Please check that you haven’t made a typo or entered any wrong information.
“A referral was returned from the server” basically means that the LDAP server you contacted, doesn’t recognize the requested DC path.
Hi Jakob
Great script! Thanks for sharing!
It works for me great when i am rebuilding a existing PC or Laptop which is already in Active Directory
cant get it to work when doing bare metal PC. i am getting error 0x80004005 . can this script work on bare metal
thanks for you help
hello Sundeep
thank you 🙂
If it is a new PC, is there a AD object that it can move?
please explain more about what you are trying to do, and how you do it.
Hi Jakob
Thanks for replying back . i am trying to build a brand new PC out of the box . there is no AD object for this machine . i want to use your script to move the PC to a particular OU when building via task sequence (SCCM)
thanks for you help
hello Sundeep
yo should be able to do that if you put this script in the end of your Task Sequence.
maybe this forum thread will help you
http://www.windows-noob.com/forums/index.php?/topic/5183-move-computer-to-the-good-ou/
Hi Jakob
Thanks for replying . i finally got it going yesterday ..thanks for providing the link
the script is going to save me a lot of time
keep up the good work
sundeep
Can this script be run from a local machine account?
Could it prompt for a domain user name/password with rights to move computers to OUs?
Thanks for this one!
Hi Jacob,
I was face error on move desktop OU as using your script.
MY workstationw as stuck in STaging OU….
But i can do the manually move using your script.
My Error as : Litetouch Deployment Failed, Return code = -2147467259 0x80004005
Failed to run the action: Custom move acct to laptop OU.
FYI, its working lastime…
Dont know why recently failed to move at staging OU to laptop/Dekstop OU….
hello whelen
0x80004005 is access denied.
i believe you can a permission problem. Try running the script manully as the user you use in the task sequence.
Hi Jakob,
Thanks for your reply.
your r right that code was access issue.
I try to using other domain admin account also not luck.
Funny was its sometime can move…sometimes fail…:”(
Hi Jakob,
Is that any ways i can verified whether the task sequenceof run this step as the following account?
Because i can manually move, but using it was failed…
Hi Jokob,
I saw a reply as:
Ben says:
31st August 2011 at 21:37
P.S.
To those who can not run it inside of a TS, I have resolved this by copying it to the local C:, running it, and then deleted it from the C: in my TS.
How can i copy the MoveOU.vbs to C: in my ts?
Max says:
30th August 2011 at 10:48
MDT users: which part of the task sequence are you guys adding the vbs to?
I never saw an answer to Max’s question. Which is the same one I have. The script works, but my policies (legal notice) are applied before the script is run. After I click okay to accept the legal notice the script moves the computer to a staging OU.
Thanks
After going over a few of the blog posts on your site, I truly
like your technique of blogging. I saved it to
my bookmark website list and will be checking back in the near future.
Take a look at my website as well and let me know what you
think.
Each time I get an errorcode 1 and the machine is not moved within AD (permissions for account are correct).
What does errorcode 1 mean?
hello.
error code 1 can be alot of things (vbscript is not good at return codes)
please try removing the “On error resume next” and please write the detailed error message and code.
Hi Jakob,
What I have to change if I want to set the destination OU as a string inside the script and not as a command line parameter?
I’ve done a lot of attemps but I cannot make it works.
Thank you,
Phil
hello Phil
These are the lines that handles the arguments from commandline:
Set ArgObj = WScript.Arguments
‘Use first argument as target OU
strMachineObjectOU = ArgObj(0)
you can remove these lines and write your OU directly into the variable
strMachineObjectOU = “OU=myOU,CN=mydomain,CN=com”
This is a popular script!!! So popular in fact that others are now claiming the work to be theirs!
http://www.intrntpirate.com/?p=199
LOL! oh well.. thats life on the internet 😀
Hi,
After the new machine is built, we require it to maintain the domain group memberships it had before the migration.
What would be the best way to achieve this?
[…] http://blog.coretech.dk/jgs/vbscript-move-computer-object-to-another-ou-via-command-line-parameter/ […]
Hi! We are deploying our computers with ZENworks and not SCCM, therefor I cannot specify the use of network credentials to run the script.
Is there a way to hardcode in the script a username and password?
Thanks!
JM
Wow, great script. Thanks.
I do have a question though. I am using this script in my unattend.xml firstlogoncommands to change the computers OU. I’ve got it to work but in order for it to move the computer to the correct OU I have to login using my administrator account. After I login it magically moves to the new OU. I am deploying using WDS.
Do you have any ideas on what the issue might be?
[…] Déplacer l’ordinateur dans un OU différent http://blog.coretech.dk/jgs/vbscript-move-computer-object-to-another-ou-via-command-line-parameter/ […]
For those having issues with the script not working that are sure the script is running in the right place within the OSD and with an account that has proper permissions, check the “quote” characters. If you copied and pasted using the “Usage example” at the top of this page, the quote characters are not correct 😉
cscript.exe MoveOU.vbs “OU=HQ,dc=woodgrovebank,dc=com”
Quotes should be ” not ”
Hey, i have tried to get your script working for days now…
I am very frustrated about my TS. In my full installed Win 8.1, the script works perfectly! Only in my TS the Script won’t work….
I have tested many solutions found in the web.
– Testing various orders from TS
– Doing Restart before or After the Script
– Running the Script with a Batch file
I have cleared some erros. but it doesnt work yet.
I have copied the script locally and run it locally. Actually i just become this error:
Expand a string: WinPEandFullOS TSManager 01.09.2015 10:05:32 2220 (0x08AC)
Executing command line: smsswd.exe /run: cscript.exe %SystemDrive%WindowsCCMMoveOu.vbs “OU=A-A A,OU=BBB,OU=CCC,dc=DDD,dc=EEE” TSManager 01.09.2015 10:05:32 2220 (0x08AC)
[ smsswd.exe ] InstallSoftware 01.09.2015 10:05:32 2624 (0x0A40)
PackageID = ” InstallSoftware 01.09.2015 10:05:32 2624 (0x0A40)
BaseVar = ”, ContinueOnError=” InstallSoftware 01.09.2015 10:05:32 2624 (0x0A40)
ProgramName = ‘cscript.exe C:WindowsCCMMoveOu.vbs “OU=A-A A,OU=BBB,OU=CCC,dc=DDD,dc=EEE”‘ InstallSoftware 01.09.2015 10:05:32 2624 (0x0A40)
SwdAction = ‘0001’ InstallSoftware 01.09.2015 10:05:32 2624 (0x0A40)
Getting linked token InstallSoftware 01.09.2015 10:05:32 2624 (0x0A40)
Get RunAs private desktop SMSTS-354609SMSTSDesktop InstallSoftware 01.09.2015 10:05:35 2624 (0x0A40)
Run command line under a user account InstallSoftware 01.09.2015 10:05:35 2624 (0x0A40)
Command line for extension .exe is “%1” %* InstallSoftware 01.09.2015 10:05:35 2624 (0x0A40)
Set command line: Run command line InstallSoftware 01.09.2015 10:05:35 2624 (0x0A40)
Working dir ‘c:WindowsCCM’ InstallSoftware 01.09.2015 10:05:35 2624 (0x0A40)
Executing command line: Run command line InstallSoftware 01.09.2015 10:05:35 2624 (0x0A40)
Create a process under given user token InstallSoftware 01.09.2015 10:05:35 2624 (0x0A40)
Process completed with exit code 1 InstallSoftware 01.09.2015 10:05:36 2624 (0x0A40)
Command line returned 1 InstallSoftware 01.09.2015 10:05:36 2624 (0x0A40)
Process completed with exit code 1 TSManager 01.09.2015 10:05:37 2220 (0x08AC)
What can I do now? Can you help me out of this?
Thanks in Advance 🙂
This script works great when I run it manually. But I can’t for the life of me get it to work within a MDT TS. It always fails with return code -2147467259 0x80004005
I’m starting to think it’s the “Run this step as the following account” function that isn’t working as it should.
I know that the account I’m using under “Run this step as the following account” has the correct permissions. Because if I manually run CMD as a different user and use the same account and credentials that I use within the TS and just run “cscript.exe MoveOU.vbs “OU=myOU,CN=mydomain,CN=com”” it moves the computer object just fine.
But just to be sure it’s not a permission problem I’ve even tried using the Domain Admin account in the TS to move the computer object, but alas…
For those of you that actually got the script to work within a TS. Are you using MDT or SCCM and which version?
I’m using MDT 2013 Update 1 build 8298.
I’ve tried to copy the script to C:MININT and have the TS run the script from that location and I’ve tried running it from %scriptroot% but I always get the same error.
I use MDT heavily in the workplace and have developed the following scripts that should in almost any environment. Go the following links and read the descriptions. Have a blessed day folks, I hope this helps somebody!
Script to modify “DeployWiz_ComputerName.vbs” to support “FriendlyNames”
https://community.spiceworks.com/scripts/show/3430-custom-modify_deploywizcomputername
Script to generate “DomainOUList.xml” from Active Directory with or without “FriendlyNames”
https://community.spiceworks.com/scripts/show/3426-custom-domainoulist_create-ps1
Script to join the current workstation to Active Directory Domain
https://community.spiceworks.com/scripts/show/3374-custom-ztidomainjoin-ps1
Script to move the current workstation to the specified OU during deployment
https://community.spiceworks.com/scripts/show/3375-custom-ztimoveadcomputer-ps1
Hi Andrew,
Did you fix that ***I’m starting to think it’s the “Run this step as the following account” function that isn’t working as it should.*** issue ?
Seems that I have the same….. 🙁
Andrew,
Give this a try: http://blogs.technet.com/b/deploymentguys/archive/2012/04/24/run-command-line-as-domain-user-incorrect-function-error.aspx
Hi,
I am trying to get this to work in a TS with UDI.
I am using this command line: cscript.exe MoveOU.vbs “%OSDDomainOUName%”
The script runs and TS finishes with no errors, but the computer is not moved to the correct OU… Am I doing anything wrong?
Posting a link to the full script:
https://1drv.ms/t/s!Aj740-Ri_n4EgYIhDFH-v22C8-BZKQ
Don’t forget to change the extension after download 🙂
Hi Emo,
Try this:
https://1drv.ms/t/s!Aj740-Ri_n4EgYIhDFH-v22C8-BZKQ
The issue is spaces in the %OSDDomainOUName% value.
hi Jakob
thanks for the move computer object to another OU via Command line parameter.
is there a script to delete computer object from AD via command line parameter?
Does it work on Windows 10 ? It is not working for me.
Yes, it does work on Windows 10 and the only other thing that I’ve noticed with this script is that if you install applications and then later in the TS you use this script to move the machine – it would fail! So to get around it, I just used the script right after the drivers step followed by applications.
Running this script outside of TS on Windows 10 1607 x64 in a domain Admin command prompt. I get this error:
C:\dev\cscript PCmove.vbs “OU=Shiney,DC=Contoso,DC=com”
Microsoft (R) Windows Script Host Version 5.812
Copyright (C) Microsoft Corporation. All rights reserved.
C:\dev\PCmove.vbs(45, 24) Microsoft VBScript compilation error: Expected ‘Then’
That refers to this section in the code (<>):
‘If current ou is different than target OU. Move object
If UCase(strCurrentOU) <> UCase(strMachineObjectOU) Then
Set objNewOU = GetObject(“LDAP://” & strMachineObjectOU)
Set objMoveComputer = objNewOU.MoveHere(“LDAP://” & strComputerDN, strComputerName)
End If
I have not edited any part of the script.
Any ideas?
Disregard. it was a bad copy ‘n paste. I saw after my posting the portion of my post changed to which was not what my vbs had. I copied the script code from: https://www.windows-noob.com/forums/topic/5183-move-computer-to-the-good-ou/ and voila! Tested and verified and my computer moved OU’s. Onto testing it in the T.S. yay!
Thank you! This resolved the issue I was having too.
Hello
nothing happens when I run it from command prompt.
has anyone figured out how this should be used in MDT inside the TS?
thanks
[…] VBScript: Move computer object to another OU via. – Twitter: @JakobGSvendsen. Jakob Gottlieb Svendsen is a Microsoft Cloud and Data Center Management MVP (http://mvp.microsoft.com/en-us/default.aspx), Working as. […]
Thx for sharing your wisdom !!!!
For those wondering an easy way to copy a script to the local machine at the end of a MDT task sequence:
https://social.technet.microsoft.com/Forums/en-US/6c5b76f8-2bf8-4c71-b7e5-e5cd50f0b171/moving-pc-to-a-different-ou-near-the-end-of-a-task-sequence?forum=mdt
The script is working great on W10 1803 and 1909 !
Do you have a script that deletes the machine in AD (with a check if it already exists) ?
The script is working great on W10 20H2!
BUT, when i use MoveOU.vbs in a task sequence, it stops with the errors bellow IF the user in the “Run this step as the following account” option has the permissions instructed in this Microsoft document:
https://docs.microsoft.com/pt-br/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt#step-1-configure-active-directory-permissions
Litetouch deployment failed, Return Code = -2147467259 0x80004005
Property RetVal is now = -2147467259
THE INTERESTING is, if i logon a workstation with that same user and run the same script, it works.
Backing to the TS, when i try a DOMAIN ADMIN in the “Run this step as the following account” option, the task works fine!
SO the problem is really caused by user rights.
I am able to use this without issue to move to an OU I have built. The challenge I am facing is that we are wanting to use the default Computers OU and this script refuses to move an object to it. I use the following “OU=Computers,DC=domain,DC=com” and it doesn’t work.
Wow, I post this, and like always… FIGURE IT OUT! And, boy do I feel silly! For those who may come across this… It’s CN=Computers and not OU!