So recent change in my environment. As some of you may be aware, Group Policy does not get applied to the Computer / Use OU natively built into ActiveDirectory. So I normally use this little GEM here to move computer’s into a low end testing OU until they are ready to move into prod.

    Private Function ServerCompliance() As Boolean
    Console.WriteLine(Now.ToString & " " & System.Reflection.MethodInfo.GetCurrentMethod().ToString)
    Try
        If IsNothing(ServersInActiveDirectory) Then
            Debug.WriteLine("Did not find any user accounts in AD")
            Return Nothing
        End If

        ChangeList &= vbCrLf & "--Server Admin Exceptions / Objects out of Place (NT,LX,VM)--" & vbCrLf

        Dim DOM As New DirectoryEntry("WinNT://MyDomain.Com")

        For Each Result As SearchResult In ServersInActiveDirectory

            Dim Hostname As String = Result.Properties("samAccountName")(0).ToString.Replace("$", "")
            Try
                Dim DOMUSR As DirectoryEntry
                DOMUSR = DOM.Children.Find("admin_" & Hostname, "group")
            Catch ex As FileNotFoundException
                Dim Secentry = New DirectoryEntry("LDAP://MyDomain.Com/OU=Server Admin Exceptions,OU=Security Groups,OU=IT Administration,DC=info,DC=sys")
                Secentry = Secentry.Children.Add("cn=admin_" & Hostname.ToLower, "Group")
                Secentry.Properties("sAMAccountName").Value = "admin_" & Hostname.ToLower
                Secentry.Properties("description").Value = "Special Admin group for this server."
                Secentry.CommitChanges()
            Catch ex As Exception
                ChangeList &= ex.Message & vbCrLf
            End Try

            If DoesServiceExist("EMSRC", Hostname) Then
                ChangeList &= "EMSRC: FOUND" & vbCrLf
            End If

            Try
                'Debug.WriteLine(Result.Path)
                'For Each MyKey In Result.Properties.PropertyNames
                'Debug.WriteLine(vbTab & MyKey)
                'For Each MyKeyer In Result.Properties(MyKey)
                'Debug.WriteLine(vbTab & vbTab & MyKeyer.ToString)
                'Next
                'Next
                'Check for CN=Computers,DC=info,DC=sys
                If Result.Path.EndsWith("CN=Computers,DC=info,DC=sys") Then
                    ChangeList &= Result.Properties("samAccountName")(0) & vbCrLf
                    'Result.GetDirectoryEntry.MoveTo(New DirectoryEntry("LDAP://MyDomain.Com/OU=NoHBOCAdmin,OU=Tier 3,OU=Servers - WSUS Policy,DC=info,DC=sys"))
                    Result.GetDirectoryEntry.MoveTo(New DirectoryEntry("LDAP://MyDomain.Com/OU=Tier 3,OU=Servers,OU=Datacenter,DC=info,DC=sys"))
                End If

                If Result.Path.Contains("OU=Tier 1") Then
                    If UpdateTierInDataCenter(Result.Properties("samAccountName")(0).ToString.Replace("$", ""), 1) Then
                        ChangeList &= Result.Properties("samAccountName")(0) & " Updated to Tier 1 in Datacenter Portal" & vbCrLf
                    Else
                    End If
                End If
                If Result.Path.Contains("OU=Tier 2") Then
                    If UpdateTierInDataCenter(Result.Properties("samAccountName")(0).ToString.Replace("$", ""), 2) Then
                        ChangeList &= Result.Properties("samAccountName")(0) & " Updated to Tier 1 in Datacenter Portal" & vbCrLf
                    Else
                    End If
                End If
                If Result.Path.Contains("OU=Tier 3") Then
                    If UpdateTierInDataCenter(Result.Properties("samAccountName")(0).ToString.Replace("$", ""), 3) Then
                        ChangeList &= Result.Properties("samAccountName")(0) & " Updated to Tier 1 in Datacenter Portal" & vbCrLf
                    Else
                    End If
                End If
            Catch ex As Exception
                ChangeList &= vbCrLf & ex.Message & vbCrLf
            End Try


            Try
                Select Case DetectOS(Hostname)
                    Case OS.Windows
                        If CheckIfAdminGroup(Hostname, "Administrators", "admin_" & Hostname) = False Then
                            If AddADGroupToLocalServerGroup(Hostname, "admin_" & Hostname) Then
                                ChangeList &= "admin_" & Hostname & " added to " & Hostname & vbCrLf
                            Else
                                ChangeList &= "FAILED: admin_" & Hostname & " added to " & Hostname & vbCrLf
                            End If
                        End If
                    Case Else
                        Continue For
                End Select
            Catch ex As Exception
                ChangeList &= vbCrLf & ex.Message & vbCrLf
            End Try

            'For Each MyProp As PropertyValueCollection In Result.Properties
            'Debug.WriteLine(MyProp.PropertyName.ToString & " - " & MyProp.Value.ToString)
            'Next
        Next

        ChangeList &= vbCrLf & "--Servers with DHCP turned on--" & vbCrLf
        For Each Result As SearchResult In ServersInActiveDirectory
            Dim Servername As String = Result.Properties("samAccountName")(0).ToString.Replace("$", "")
            If DetectOS(Servername) = OS.Windows Then
                GetDHCPNetworkFromServer(Servername)
            End If
        Next
    Catch ex As Exception
        EisenhowerErrorHandler.ErrorHandlerFunction(ex, False, True, False, {"LoadActiveDirectoryAccounts"})
        Return False
    End Try
    Return True
    'For Each MyProp As PropertyValueCollection In ThisUserObject.Properties
    'Debug.WriteLine(MyProp.PropertyName.ToString & " - " & MyProp.Value.ToString)
    'Next
End Function

Leave a Reply

Your email address will not be published. Required fields are marked *

To create code blocks or other preformatted text, indent by four spaces:

    This will be displayed in a monospaced font. The first four 
    spaces will be stripped off, but all other whitespace
    will be preserved.
    
    Markdown is turned off in code blocks:
     [This is not a link](http://example.com)

To create not a block, but an inline code span, use backticks:

Here is some inline `code`.

For more help see http://daringfireball.net/projects/markdown/syntax