When re-imaging/provisioning an existing Computer, that is currently joined to our Active Directory, LANDesk provisioning fails on the "Join Domain" task. The reason is that a computer object with the same name already exists in AD.
My goal is to run a script that will delete the existing computer account prior to running the "Join Domain" task in Provisioning. An example given in this thread: Re: Question about unattend.xml states to add ADSI support to the boot.wim and run a VBS script.
My questions are:
- In which step should this VBS script be run, and what provisioning action should be taken? Execute File, Run command, etc
- What is the computer variable used by "Device Name Prompter" to record the device name that is entered by our technicians, is it %NAME%, %MACHINENAME%, etc
- This will help identify what I should put in the "strComputer" variable in the VBS script
- Lastly, if there is a better way to delete hostname in Provisioning so the AD Join will work smoothly, please let me know your ideas
Example of the VBS to delete computer account from AD:
Const ADS_SCOPE_SUBTREE = 2
strComputer = "YourComputerName"
strDomain = "YourDomain"
strADUser = "YourUserAccountThatHasPermissionsToDeleteObjects"
strADPass = "YourPassword"
Set objShell = CreateObject("wscript.shell")
'Setup ADO connection so that AD can be queried
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Properties("User ID") = strADUser
objConnection.Properties("Password") = strADPass
objConnection.Properties("Encrypt Password") = True
'Open ADO Connection
objConnection.Open "Active Directory Provider"
'Setup ADO Command
Set objCommand = CreateObject("ADODB.Command")
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 100
objCommand.Properties("Cache Results") = False
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.CommandText = "SELECT ADsPath FROM 'LDAP://" & strDomain & "' WHERE objectCategory='computer' AND Name='" & strComputer & "'"
'Execute Query and return LDAP Path
Set objRecordSet = objCommand.Execute
'Make sure the LDAP query returns any results. If not, then the object does not exist in AD and no action required
If objRecordSet.recordcount > 0 Then
strADsPath = ""
'Get the LDAP Path
While Not objRecordSet.EOF
strADsPath = objRecordSet.Fields("ADsPath").Value
'Retrieve LDAP object, and delete
If strADsPath <> "" Then
Set openDS = GetObject("LDAP:")
Set objComputer = openDS.OpenDSObject(strADsPath, strADUser, strADPass, ADS_SECURE_AUTHENTICATION + ADS_SERVER_BIND)
msgbox "Got: " & strADsPath