Script Repository


Move computer based on IP address

August 21, 2017
999

The script moves a computer in Active Directory based on its IPv4 address. The target OU is selected based on the first 3 parts of the IPv4 address of the computer. For example, computers with IP addresses 10.0.2.16 and 10.0.2.38 will end up in the same OU, while a computer with IP address 10.0.3.16 will be moved into a different OU.

Each OU computers should be moved to must have the first 3 parts of IP address it accepts in a certain property of the OU itself (e.g. Description). Thus, for instance, a computer whose IP address is 10.0.1.5 will be moved to an OU whose description is 10.0.1, while a computer whose IP address is 10.0.2.36 will be moved to an OU whose description is 10.0.2.

To move computers with the help of a script on demand, you can create a Custom Command that executes the script. To do that on a schedule, create a Scheduled Task.

Note: The script relies on the DNS Host Name property of a computer account to resolve its IP address. The property is set automatically by a computer when it logs in to Active Directory. Thus, before running the script on a computer, make sure that it has logged in to Active Directory at least once. For this purpose, you can add the If DNS Host Name property is not empty condition to the Business Rule, Custom Command or Scheduled Task that uses the script.

Parameter:

  • $networkPrefixProperty - specifies the LDAP display name of the property that will be used to specify IP address prefix for an Organizational Unit.
Edit Remove
PowerShell
$networkPrefixProperty = "description" # TODO: modify me

function SearchObjects($filter)
{
    $domainName = $Context.GetObjectDomain("%distinguishedName%")
    $searcher = $Context.BindToObject("Adaxes://$domainName/rootDSE")
    $searcher.SearchFilter = $filter
    $searcher.SearchScope = "ADS_SCOPE_SUBTREE"
    $searcher.PageSize = 500
    $searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
    
    try
    {
        $searchResultIterator = $searcher.ExecuteSearch()
        $searchResults = $searchResultIterator.FetchAll()
        
        return ,$searchResults
    }
    finally
    {
        # Release resources
        if ($searchResultIterator){ $searchResultIterator.Dispose() }
    }
}

# Get IP address
try
{
    $addresses = [System.Net.Dns]::GetHostAddresses("%dNSHostName%")
}
catch
{
    $Context.LogMessage("An error occurred when searching for the computer IP address. Error: " + $_.Exception.Message, "Warning")
    return
}

$ipAddress = $addresses | Where-Object {$_.AddressFamily -eq [System.Net.Sockets.AddressFamily]::InterNetwork}
if ($ipAddress -is [System.Array])
{
    $Context.LogMessage("Found more than one IP address for the computer. Addresses: " + [System.String]::Join(";", $ipAddress), "Warning")
    return
}
if ($ipAddress -eq $NULL)
{
    $Context.LogMessage("No IPv4 addresses found.", "Warning")
    return
}

# Find target OU
$networkPrefix = ($ipAddress | Select-String -Pattern "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}").Matches[0]
$searchResults = SearchObjects "(&(objectCategory=organizationalUnit)($networkPrefixProperty=$networkPrefix))"
if ($searchResults.Length -eq 0)
{
    $Context.LogMessage("Organizational Unit for IP prefix '$networkPrefix' not found.", "Warning")
    return
}
elseif ($searchResults.Length -gt 1)
{
    $Context.LogMessage("Found more than one Organizational Unit for IP prefix '$networkPrefix'.", "Warning")
    return
}

# Move computer to the OU
$ou = $Context.BindToObjectEx($searchResults[0].AdsPath, $True)
$ou.MoveHere($Context.TargetObject.AdsPath , $NULL)


Comments ( 0 )
No results found.
Leave a comment