So recent change in my environment. As some of you may be aware, Group Policy does not get applied to the Computer / Use OU natively built into ActiveDirectory. So I normally use this little GEM here to move computer’s into a low end testing OU until they are ready to move into prod.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 |
Private Function ServerCompliance() As Boolean Console.WriteLine(Now.ToString & " " & System.Reflection.MethodInfo.GetCurrentMethod().ToString) Try If IsNothing(ServersInActiveDirectory) Then Debug.WriteLine("Did not find any user accounts in AD") Return Nothing End If ChangeList &= vbCrLf & "--Server Admin Exceptions / Objects out of Place (NT,LX,VM)--" & vbCrLf Dim DOM As New DirectoryEntry("WinNT://MyDomain.Com") For Each Result As SearchResult In ServersInActiveDirectory Dim Hostname As String = Result.Properties("samAccountName")(0).ToString.Replace("$", "") Try Dim DOMUSR As DirectoryEntry DOMUSR = DOM.Children.Find("admin_" & Hostname, "group") Catch ex As FileNotFoundException Dim Secentry = New DirectoryEntry("LDAP://MyDomain.Com/OU=Server Admin Exceptions,OU=Security Groups,OU=IT Administration,DC=info,DC=sys") Secentry = Secentry.Children.Add("cn=admin_" & Hostname.ToLower, "Group") Secentry.Properties("sAMAccountName").Value = "admin_" & Hostname.ToLower Secentry.Properties("description").Value = "Special Admin group for this server." Secentry.CommitChanges() Catch ex As Exception ChangeList &= ex.Message & vbCrLf End Try If DoesServiceExist("EMSRC", Hostname) Then ChangeList &= "EMSRC: FOUND" & vbCrLf End If Try 'Debug.WriteLine(Result.Path) 'For Each MyKey In Result.Properties.PropertyNames 'Debug.WriteLine(vbTab & MyKey) 'For Each MyKeyer In Result.Properties(MyKey) 'Debug.WriteLine(vbTab & vbTab & MyKeyer.ToString) 'Next 'Next 'Check for CN=Computers,DC=info,DC=sys If Result.Path.EndsWith("CN=Computers,DC=info,DC=sys") Then ChangeList &= Result.Properties("samAccountName")(0) & vbCrLf 'Result.GetDirectoryEntry.MoveTo(New DirectoryEntry("LDAP://MyDomain.Com/OU=NoHBOCAdmin,OU=Tier 3,OU=Servers - WSUS Policy,DC=info,DC=sys")) Result.GetDirectoryEntry.MoveTo(New DirectoryEntry("LDAP://MyDomain.Com/OU=Tier 3,OU=Servers,OU=Datacenter,DC=info,DC=sys")) End If If Result.Path.Contains("OU=Tier 1") Then If UpdateTierInDataCenter(Result.Properties("samAccountName")(0).ToString.Replace("$", ""), 1) Then ChangeList &= Result.Properties("samAccountName")(0) & " Updated to Tier 1 in Datacenter Portal" & vbCrLf Else End If End If If Result.Path.Contains("OU=Tier 2") Then If UpdateTierInDataCenter(Result.Properties("samAccountName")(0).ToString.Replace("$", ""), 2) Then ChangeList &= Result.Properties("samAccountName")(0) & " Updated to Tier 1 in Datacenter Portal" & vbCrLf Else End If End If If Result.Path.Contains("OU=Tier 3") Then If UpdateTierInDataCenter(Result.Properties("samAccountName")(0).ToString.Replace("$", ""), 3) Then ChangeList &= Result.Properties("samAccountName")(0) & " Updated to Tier 1 in Datacenter Portal" & vbCrLf Else End If End If Catch ex As Exception ChangeList &= vbCrLf & ex.Message & vbCrLf End Try Try Select Case DetectOS(Hostname) Case OS.Windows If CheckIfAdminGroup(Hostname, "Administrators", "admin_" & Hostname) = False Then If AddADGroupToLocalServerGroup(Hostname, "admin_" & Hostname) Then ChangeList &= "admin_" & Hostname & " added to " & Hostname & vbCrLf Else ChangeList &= "FAILED: admin_" & Hostname & " added to " & Hostname & vbCrLf End If End If Case Else Continue For End Select Catch ex As Exception ChangeList &= vbCrLf & ex.Message & vbCrLf End Try 'For Each MyProp As PropertyValueCollection In Result.Properties 'Debug.WriteLine(MyProp.PropertyName.ToString & " - " & MyProp.Value.ToString) 'Next Next ChangeList &= vbCrLf & "--Servers with DHCP turned on--" & vbCrLf For Each Result As SearchResult In ServersInActiveDirectory Dim Servername As String = Result.Properties("samAccountName")(0).ToString.Replace("$", "") If DetectOS(Servername) = OS.Windows Then GetDHCPNetworkFromServer(Servername) End If Next Catch ex As Exception EisenhowerErrorHandler.ErrorHandlerFunction(ex, False, True, False, {"LoadActiveDirectoryAccounts"}) Return False End Try Return True 'For Each MyProp As PropertyValueCollection In ThisUserObject.Properties 'Debug.WriteLine(MyProp.PropertyName.ToString & " - " & MyProp.Value.ToString) 'Next End Function |