Name machines via K1 with K2 post install script
Hey guys,
My name is Colin, I've been a stalker around here for a little while and I was just at the Konference with a bunch of people in Sydney earlier in the week. There I made a promise to drop in a script which we use in some of our smaller deployments. Hopefully this helps some of you guys out and if it does feel free to leave some feed back. Its deffinately got room for expansion and I'll make a list of changes and recommendations to larger orgs for its use. As we start to use our K2 more (now that WIM is supported as of the beta) I'll enhance and grow it. [:D]
What it does:
In a nut shell it queries the machines bios and pulls the serial number then throws it into an sql query which joins our Asset table and Asset_data_5 table (which is computer asset type data in our environment, you can tell yours by looking in the address bar of your browser after clicking the Asset Type in the Assets section of your K1). After making the join it uses the serial number it has received and gets the appropriate data field Asset_NAME. After its stored the name, it goes through the motions of a simple domain join. Detecting if the machine already exists and asks if you want to delete it or not. If it cannot find an asset it will prompt for a machine name.
How We Use It:
- In our environment we created a final post install task which was an application type with the script 'start /wait wscript.exe RenameBasedOnAssetV2.vbs' and attached the script to it.
- We created the assets in advance via a spreadsheet provided by the manufacturer and ran a report prior to deployment which checked for duplicate serial numbers
Recommendations:
- This works primarily on the premis of the machine being in AD already as a random machine name but should work otherwise also, remember if you random the machine name DO NOT INSTALL THE AGENT BEFORE RUNNING THIS POST INSTALL, otherwise you'll get two machine accounts and a bogus name which wont change untill you clean up your assets again
- Create another asset field for your Computer type named 'Auto Naming Enabled?' type Single Select values Yes/No and query this also to ensure that the machine is even ALLOWED to be auto named.
- You could also only allow logged on user to make changes by checking for an assigned user field if you set it.
- If you drop the script in plain text with a delegated user and password in the top you should probably self delete the file also as an extra precaution, or obfusicate it
- Use the registry function down the bottom to detect if the MySQL driver you use in the script is installed during run, I took it out because not all registries are created equal, didnt want to risk messing with peoples heads
- Use this as the final post install action, running this and then rebooting the machine will be a good time for the gpo to push the agent out (personally we tack on a run once for next logon which moves the machine in AD, gpo then pushes the agent and the machine has a check in forced)
Changes you as a user of the script should make:
- Rename it to VBS. Yeah... I said it...
- Upon downloading the script you should open it up and change the values at the top of the script where appropriate and have a bit of a read through it. I've commented and indented it to suit me and added some extra to help others but if you've got questions about it just ask.
- Have a bit of a play around with it, this works in my environment a treat (though we dont use our K2 for large deployments, WDS handles that for now) it may not work as planned in yours, I suppose this is also the disclaimer part of the post haha!
Where Problems with probably arise with this
- We use BIOS Serial Number as the 'Mapped Inventory Field' and Serial Number as the 'Matching Asset Field' on our Computer asset type, TEST THE HELL OUT OF THIS before pushing it out as you may end up with duplicate assets this KUID mis matches without doing this (KACE Guys help me out here does this happen? It hasnt happened here yet though.)
- If you've changed your reporting username and or password or have multiple orgs you'll need to change the .CommandText on line 83
- If your user doesnt have permissions to perform these actions you'll obviously have troubles, make sure the user has rights in the OU your machine is currently in
- If your MySQL driver isnt installed before this then it will return bugger all
- If your info in the asset database is wrong and/or someone has created duplicate assets this will steer you wrong
- If you install the KAgent before this and let it sync before renaming you'll likely get the wrong info go to your server, this is the second warning!
- Again on the .CommandText area on line 83, your Serial Number field may not be Field_34, you'll need to play around and find out what yours is. I recommend FlySpeed SQL for this, its my best friend at the moment.
Okkkkay, so thats a long list of warnings and info etc, read it, play with it, let me know if it works for you and we'll all go from there! I'm just trying to cover myself and make sure I dont get a bunch of angry guys looking for my home address. [;)]
have a good one!
Cheers,
Col
BGS
My name is Colin, I've been a stalker around here for a little while and I was just at the Konference with a bunch of people in Sydney earlier in the week. There I made a promise to drop in a script which we use in some of our smaller deployments. Hopefully this helps some of you guys out and if it does feel free to leave some feed back. Its deffinately got room for expansion and I'll make a list of changes and recommendations to larger orgs for its use. As we start to use our K2 more (now that WIM is supported as of the beta) I'll enhance and grow it. [:D]
In a nut shell it queries the machines bios and pulls the serial number then throws it into an sql query which joins our Asset table and Asset_data_5 table (which is computer asset type data in our environment, you can tell yours by looking in the address bar of your browser after clicking the Asset Type in the Assets section of your K1). After making the join it uses the serial number it has received and gets the appropriate data field Asset_NAME. After its stored the name, it goes through the motions of a simple domain join. Detecting if the machine already exists and asks if you want to delete it or not. If it cannot find an asset it will prompt for a machine name.
- In our environment we created a final post install task which was an application type with the script 'start /wait wscript.exe RenameBasedOnAssetV2.vbs' and attached the script to it.
- We created the assets in advance via a spreadsheet provided by the manufacturer and ran a report prior to deployment which checked for duplicate serial numbers
- This works primarily on the premis of the machine being in AD already as a random machine name but should work otherwise also, remember if you random the machine name DO NOT INSTALL THE AGENT BEFORE RUNNING THIS POST INSTALL, otherwise you'll get two machine accounts and a bogus name which wont change untill you clean up your assets again
- Create another asset field for your Computer type named 'Auto Naming Enabled?' type Single Select values Yes/No and query this also to ensure that the machine is even ALLOWED to be auto named.
- You could also only allow logged on user to make changes by checking for an assigned user field if you set it.
- If you drop the script in plain text with a delegated user and password in the top you should probably self delete the file also as an extra precaution, or obfusicate it
- Use the registry function down the bottom to detect if the MySQL driver you use in the script is installed during run, I took it out because not all registries are created equal, didnt want to risk messing with peoples heads
- Use this as the final post install action, running this and then rebooting the machine will be a good time for the gpo to push the agent out (personally we tack on a run once for next logon which moves the machine in AD, gpo then pushes the agent and the machine has a check in forced)
- Rename it to VBS. Yeah... I said it...
- Upon downloading the script you should open it up and change the values at the top of the script where appropriate and have a bit of a read through it. I've commented and indented it to suit me and added some extra to help others but if you've got questions about it just ask.
- Have a bit of a play around with it, this works in my environment a treat (though we dont use our K2 for large deployments, WDS handles that for now) it may not work as planned in yours, I suppose this is also the disclaimer part of the post haha!
- We use BIOS Serial Number as the 'Mapped Inventory Field' and Serial Number as the 'Matching Asset Field' on our Computer asset type, TEST THE HELL OUT OF THIS before pushing it out as you may end up with duplicate assets this KUID mis matches without doing this (KACE Guys help me out here does this happen? It hasnt happened here yet though.)
- If you've changed your reporting username and or password or have multiple orgs you'll need to change the .CommandText on line 83
- If your user doesnt have permissions to perform these actions you'll obviously have troubles, make sure the user has rights in the OU your machine is currently in
- If your MySQL driver isnt installed before this then it will return bugger all
- If your info in the asset database is wrong and/or someone has created duplicate assets this will steer you wrong
- If you install the KAgent before this and let it sync before renaming you'll likely get the wrong info go to your server, this is the second warning!
- Again on the .CommandText area on line 83, your Serial Number field may not be Field_34, you'll need to play around and find out what yours is. I recommend FlySpeed SQL for this, its my best friend at the moment.
Okkkkay, so thats a long list of warnings and info etc, read it, play with it, let me know if it works for you and we'll all go from there! I'm just trying to cover myself and make sure I dont get a bunch of angry guys looking for my home address. [;)]
have a good one!
Cheers,
Col
BGS
0 Comments
[ + ] Show comments
Answers (10)
Please log in to answer
Posted by:
auscoit
13 years ago
Hi All,
I have modified Colin's script to make things easier to configure and writes directly into unattend.xml!
UPDATED - v1.2
- Support for 32bit and 64bit systems now available! All from the same task!
Older - v1.1
- Script no longer uses WSNAME. It uses XMLDOM instead to edit the Unattend.xml
*** DOWNLOAD THE SCRIPT HERE [v1.2] ***
*** VIEW THE README HERE [v1.2] ***
It now does the following:
1. Installs the MySQL ODBC driver (in the KBE)
2. Queries K1000 Asset DB for Asset name based on BIOS Serial Number
2. Write returned Asset Name into the specified unattend.xml file (I set mine to C:\Windows\Panther\unattend.xml)
This file is designed to be used as a Post Install task in KBE (i.e. before the reboot).
Configuration is simple:
1. Download the file
2. Extract the ZIP to a temporary location
3. Follow the instructions in the Readme to define the settings
4. ZIP up again and upload to K2000 as Post Install KBE
5. All done :)
I have written much more detailed instructions on how to set this up in the README.pdf
Have a look and let me know how you go!
Any feedback is appreciated.
Lets not forget Colin! Legend :)
Regards,
David Wedrat
Ausco Modular
I have modified Colin's script to make things easier to configure and writes directly into unattend.xml!
- Support for 32bit and 64bit systems now available! All from the same task!
- Script no longer uses WSNAME. It uses XMLDOM instead to edit the Unattend.xml
*** DOWNLOAD THE SCRIPT HERE [v1.2] ***
*** VIEW THE README HERE [v1.2] ***
It now does the following:
1. Installs the MySQL ODBC driver (in the KBE)
2. Queries K1000 Asset DB for Asset name based on BIOS Serial Number
2. Write returned Asset Name into the specified unattend.xml file (I set mine to C:\Windows\Panther\unattend.xml)
This file is designed to be used as a Post Install task in KBE (i.e. before the reboot).
Configuration is simple:
1. Download the file
2. Extract the ZIP to a temporary location
3. Follow the instructions in the Readme to define the settings
4. ZIP up again and upload to K2000 as Post Install KBE
5. All done :)
I have written much more detailed instructions on how to set this up in the README.pdf
Have a look and let me know how you go!
Any feedback is appreciated.
Lets not forget Colin! Legend :)
Regards,
David Wedrat
Ausco Modular
Comments:
-
This process seems to be broken with 6.0.
Have you had a chance to look into this yet?
Corey - cserrins 10 years ago-
Hey Corey, I haven't had a look into the K2 v6 as yet, we've been avoiding the update for both K1 and K2 due to some issues listed in the changelog that have broken things (ldap labels mainly) and we've moved away from the K2 entirely for imaging now, although we still use this sort of method for all of our imaging via WDS (queries via K1). Where does it seem to be falling down? Can the queries execute and echo information to cmd? - Roonerspism 10 years ago
-
When I search in the source code for the table as per your instructions on the K1 v. 6, I don't see similar items. I haven't researched it yet, but once I saw the instructions would be different, I decided to reach out first before reinventing the wheel. - cserrins 10 years ago
-
Cant reply to your comment for some reason, but wow, if asset_data_5 (default computer asset relational table, thought maybe just index has changed?) doesn't exist sounds like maybe the table schema has changed in the K1 as of v6 by the looks of it.... that could be problematic for the applications which we've written about that. I'll spin up a k1 instance and see if I can pull out a table relationship diagram for when we migrate. - Roonerspism 10 years ago
Posted by:
auscoit
13 years ago
Posted by:
Roonerspism
13 years ago
You give the man grapes and he makes wine!
Awesome work David, glad I could help lay down some framework for you guys. Its great to see this as a pre-boot post install task now, makes it much more flexible I think (possible authentication methods/user selectable post install tasks maybe in future?).
I'll deffinately be giving this new and improved script a run through its paces soon (when our school wide audit and 600 odd machine image run is over).
Cheers,
Col
Awesome work David, glad I could help lay down some framework for you guys. Its great to see this as a pre-boot post install task now, makes it much more flexible I think (possible authentication methods/user selectable post install tasks maybe in future?).
I'll deffinately be giving this new and improved script a run through its paces soon (when our school wide audit and 600 odd machine image run is over).
Cheers,
Col
Posted by:
auscoit
13 years ago
Posted by:
auscoit
13 years ago
UPDATED - v1.1 - Script no longer uses WSNAME. It uses XMLDOM instead to edit the Unattend.xml
This tested OK in x32 KBE / OS and theoritically should work in x64
I haven't had a chance to test in KBE x64 and Windows 7 x64 - but plan to over the next few days...
If someone beats me to it and wants to give it a crack I'd love to know how it goes!
(see original post)
This tested OK in x32 KBE / OS and theoritically should work in x64
I haven't had a chance to test in KBE x64 and Windows 7 x64 - but plan to over the next few days...
If someone beats me to it and wants to give it a crack I'd love to know how it goes!
(see original post)
Posted by:
auscoit
13 years ago
Corey,
I used the Win 32bit connector from here:
http://dev.mysql.com/downloads/connector/odbc/
They do have a Win 64bit as well - but I haven't tested it.
As for adding the ODBC connector into the KBE - are you talking about slipstreaming it into the KBE build script (i.e. from the K2000 Media Manager)?
I used the Win 32bit connector from here:
http://dev.mysql.com/downloads/connector/odbc/
They do have a Win 64bit as well - but I haven't tested it.
As for adding the ODBC connector into the KBE - are you talking about slipstreaming it into the KBE build script (i.e. from the K2000 Media Manager)?
Posted by:
auscoit
12 years ago
OK ok ok ok... NEW UPDATE!
UPDATED - v1.2
- Support for 32bit and 64bit systems now available! All from the same task!
Read Instructions here!
UPDATED - v1.2
- Support for 32bit and 64bit systems now available! All from the same task!
Read Instructions here!
Posted by:
cserrins
12 years ago
I'm having issues in x64 where the ComputerName node is not getting written to the file, has anyone else had this issue?
Comments:
-
My bad, in changing something I made a syntax error, everything works as expected. - cserrins 12 years ago
Posted by:
crist@cityhigh.org
12 years ago
Posted by:
Roonerspism
12 years ago
Yep, we do that here, the major OU's which we use are essentially divided into 'Staff(Laptop,Desktop,Tablet) and Student(Laptop,Desktop,Tablet)'. By having a 'Machine Type' field which lists these we are able to perform a query in the postimage script we use then move the machine type to a particular directory.
There's lots of ways you can do it, another method would be to have the ou written out entirely and just drop that into a script which moves them, it all depends on your structure and how many ou's you're using.
The great thing about the K1 is that you can really put anything you want in. ie, using the K1 with out imaging we now have Opt Out admin rights for the assigned user of the machine (parents who dont want lil jimmy destroying everything), appended installs to run during setup, cdkeys which get copied into the registry, permissions for allowing or denying re-image, machine specific driver installs.
There's not really anything you cant do with it during the image process. Its crazy dynamic.
There's lots of ways you can do it, another method would be to have the ou written out entirely and just drop that into a script which moves them, it all depends on your structure and how many ou's you're using.
The great thing about the K1 is that you can really put anything you want in. ie, using the K1 with out imaging we now have Opt Out admin rights for the assigned user of the machine (parents who dont want lil jimmy destroying everything), appended installs to run during setup, cdkeys which get copied into the registry, permissions for allowing or denying re-image, machine specific driver installs.
There's not really anything you cant do with it during the image process. Its crazy dynamic.
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
so that the conversation will remain readable.