Active Directory Automation move by IP/Operation System

Question

I am looking to move systems based on IP and Operating system to correct a very disorganised OU structure for 5000+ machines.I am currently looking at a way of combining two powershell scripts listed below to be able to perform a move of Linux Ubuntu, Windows 7, Windows 10, and Mac OS.One being the following used to parse the IP addresses to the correct ou it was written for only windows 7..PowerShell################################################################################ 
# PowerShell routine to move Windows 7 Computers into OU structure based on IP # 
################################################################################ 
 
# Requires Active Directory 2008 R2 and the PowerShell ActiveDirectory module 
 
##################### 
# Environment Setup # 
##################### 
 
#Add the Active Directory PowerShell module 
Import-Module ActiveDirectory 
 
#Set the threshold for an "old" computer which will be moved to the Disabled OU 
$old = (Get-Date).AddDays(-60) # Modify the -60 to match your threshold  
 
#Set the threshold for an "very old" computer which will be deleted 
$veryold = (Get-Date).AddDays(-90) # Modify the -90 to match your threshold  
 
 
############################## 
# Set the Location IP ranges # 
############################## 
 
$Site1IPRange = "\b(?:(?:192)\.)" + "\b(?:(?:168)\.)" + "\b(?:(?:1)\.)" + "\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))" # 192.168.1.0/24 
$Site2IPRange = "\b(?:(?:192)\.)" + "\b(?:(?:168)\.)" + "\b(?:(?:2)\.)" + "\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))" # 192.168.2.0/24 
$Site3IPRange = "\b(?:(?:192)\.)" + "\b(?:(?:168)\.)" + "\b(?:(?:3)\.)" + "\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))" # 192.168.3.0/24 
 
######################## 
# Set the Location OUs # 
######################## 
 
# Disabled OU 
$DisabledDN = "OU=Disabled,DC=yourdomain,DC=com" 
 
# OU Locations 
$Site1DN = "OU=Site1,DC=yourdomain,DC=com" 
$Site2DN = "OU=Site2,DC=yourdomain,DC=com" 
$Site3DN = "OU=Site3,DC=yourdomain,DC=com" 
 
############### 
# The process # 
############### 
 
# Query Active Directory for Computers running Windows 7 (Any version) and move the objects to the correct OU based on IP 
Get-ADComputer -Filter { OperatingSystem -like "Windows 7*" } -Properties PasswordLastSet | ForEach-Object { 
 
    # Ignore Error Messages and continue on 
    trap [System.Net.Sockets.SocketException] { continue; } 
 
    # Set variables for Name and current OU 
    $ComputerName = $_.Name 
    $ComputerDN = $_.distinguishedName 
    $ComputerPasswordLastSet = $_.PasswordLastSet 
    $ComputerContainer = $ComputerDN.Replace( "CN=$ComputerName," , "") 
 
    # If the computer is more than 90 days off the network, remove the computer object 
    if ($ComputerPasswordLastSet -le $veryold) {  
        Remove-ADObject -Identity $ComputerDN 
    } 
 
    # Check to see if it is an "old" computer account and move it to the Disabled\Computers OU 
    if ($ComputerPasswordLastSet -le $old) {  
        $DestinationDN = $DisabledDN 
        Move-ADObject -Identity $ComputerDN -TargetPath $DestinationDN 
    } 
 
    # Query DNS for IP  
    # First we clear the previous IP. If the lookup fails it will retain the previous IP and incorrectly identify the subnet 
    $IP = $NULL 
    $IP = [System.Net.Dns]::GetHostAddresses("$ComputerName") 
 
    # Use the $IPLocation to determine the computer's destination network location 
    # 
    # 
    if ($IP -match $Site1IPRange) { 
        $DestinationDN = $Site1DN 
    } 
    ElseIf ($IP -match $Site2IPRange) { 
        $DestinationDN = $Site2DN 
    } 
    ElseIf ($IP -match $Site3IPRange) { 
        $DestinationDN = $Site3DN 
    } 
    Else { 
        # If the subnet does not match we should not move the computer so we do Nothing 
        $DestinationDN = $ComputerContainer     
    } 
 
    # Move the Computer object to the appropriate OU 
    # If the IP is NULL we will trust it is an "old" or "very old" computer so we won't move it again 
    if ($IP -ne $NULL) { 
        Move-ADObject -Identity $ComputerDN -TargetPath $DestinationDN 
    } 
}And the second being the operating system.Windows Shell Script###This command will move all Windows 7 computers to OU=Win7,OU=ComputerAccounts,DC=santhosh,DC=lab OU. 
 dsquery * CN=Computers,DC=santhosh,DC=lab -filter "(&(ObjectClass=computer)(objectCategory=Computer)(operatingSystemVersion=6.1))" | dsmove -newparent OU=Win7,OU=ComputerAccounts,DC=santhosh,DC=lab 
  
##This command will move all Windows XP computers to OU=Win7,OU=ComputerAccounts,DC=santhosh,DC=lab OU. 
  
dsquery * CN=Computers,DC=santhosh,DC=lab -filter "(&(ObjectClass=computer)(objectCategory=Computer)(operatingSystemVersion=5.1))" | dsmove -newparent OU=WinXP,OU=ComputerAccounts,DC=santhosh,DC=lab     How can i join the two so it will parse the correct operating system into the correct OU structure based on IP?

Answer

Hello,I modified your code to look for all Windows systems, if the computer has a match with your site IP range it will move the system to the site OU. If no IP site match it will look at if the OS version is 6.1 (Win7) or 5.1 (XP) and move it to the version OU. I have all clean up your code a little. Review and see if that helps you out.#CODE:<#.SYNOPSIS    PowerShell routine to move Windows 7 Computers into OU structure based on IP    Requires Active Directory 2008 R2 and the PowerShell ActiveDirectory module  .DESCRIPTION.LINK.EXAMPLE .NOTES#>##################### # Environment Setup # #####################  #Add the Active Directory PowerShell module Import-Module ActiveDirectory  #Set the threshold for an "old" computer which will be moved to the Disabled OU $old = (Get-Date).AddDays(-60) # Modify the -60 to match your threshold   #Set the threshold for an "very old" computer which will be deleted $veryold = (Get-Date).AddDays(-90) # Modify the -90 to match your threshold    ############################## # Set the Location IP ranges # ##############################$Site1IPRange = "\b(?:(?:192)\.)" + "\b(?:(?:168)\.)" + "\b(?:(?:1)\.)" + "\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))" # 192.168.1.0/24 $Site2IPRange = "\b(?:(?:192)\.)" + "\b(?:(?:168)\.)" + "\b(?:(?:2)\.)" + "\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))" # 192.168.2.0/24 $Site3IPRange = "\b(?:(?:192)\.)" + "\b(?:(?:168)\.)" + "\b(?:(?:3)\.)" + "\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))" # 192.168.3.0/24  ######################## # Set the Location OUs # ########################  # Disabled OU $DisabledDN = "OU=Disabled,DC=yourdomain,DC=com"  # OU Locations $Site1DN = "OU=Site1,DC=yourdomain,DC=com" $Site2DN = "OU=Site2,DC=yourdomain,DC=com" $Site3DN = "OU=Site3,DC=yourdomain,DC=com" $Win7OU = "OU=Win7,OU=ComputerAccounts,DC=santhosh,DC=lab"$WinXPOU = "OU=WinXP,OU=ComputerAccounts,DC=santhosh,DC=lab" ############### # The process # ############### # Query Active Directory for Computers running Windows (Any version) and move the objects to the correct OU based on IP Get-ADComputer -Filter { OperatingSystem -like "Windows*" } -Properties * | ForEach-Object {      # Ignore Error Messages and continue on     trap [System.Net.Sockets.SocketException] { continue; }      # Set variables for Name and current OU     $ComputerName = $_.Name     $ComputerDN = $_.distinguishedName     $ComputerPasswordLastSet = $_.PasswordLastSet     $ComputerContainer = $ComputerDN.Replace( "CN=$ComputerName," , "")    $ComputerOperatingSystemVersion = $_.OperatingSystemVersion     # If the computer is more than 90 days off the network, remove the computer object     if ($ComputerPasswordLastSet -le $veryold) {          Remove-ADObject -Identity $ComputerDN     }      # Check to see if it is an "old" computer account and move it to the Disabled\Computers OU     if ($ComputerPasswordLastSet -le $old) {          $DestinationDN = $DisabledDN         Move-ADObject -Identity $ComputerDN -TargetPath $DestinationDN     }      # Query DNS for IP      # First we clear the previous IP. If the lookup fails it will retain the previous IP and incorrectly identify the subnet     $IP = $NULL     $IP = [System.Net.Dns]::GetHostAddresses("$ComputerName")      # Use the $IPLocation to determine the computer's destination network location     #     #     Switch($IP){        {($IP -match $Site1IPRange)}{            $DestinationDN = $Site1DN            $IPMatch = "True"        }        {($IP -match $Site2IPRange)}{            $DestinationDN = $Site2DN            $IPMatch = "True"         }        {($IP -match $Site3IPRange)}{            $DestinationDN = $Site3DN            $IPMatch = "True"         }        "Default"{            $DestinationDN = $ComputerContainer        }    }    # Use the $ComputerOperatingSystemVersion to determine the computer's destination by version    #     #     If($IPMatch -ne "True"){        Switch($ComputerOperatingSystemVersion){            {($ComputerOperatingSystemVersion -match "6.1")}{                $DestinationDN = $Win7OU            }            {($ComputerOperatingSystemVersion -match "5.1")}{                $DestinationDN = $WinXPOU            }            "Default"{                $DestinationDN = $ComputerContainer            }        }    }     # Move the Computer object to the appropriate OU     # If the IP is NULL we will trust it is an "old" or "very old" computer so we won't move it again     if ($IP -ne $NULL) {         Move-ADObject -Identity $ComputerDN -TargetPath $DestinationDN     }    #Clear variables    Clear-Variable IPMatch}

Active Directory Automation move by IP/Operation System

Answers (1)

Posted by:

View more:

Related Questions

Related Links

Related Posts

Scripting

Active Directory Automation move by IP/Operation System

Answers (1)

Posted by:

Don't be a Stranger!

View more:

Related Questions

Related Links

Related Posts

Share