AD Site A Laptops
AD Site B Desktops
AD Site B Laptops
... and so on
Hi Chris,
The most elegant solution is described here, citation: "computer/site information is not stored in AD. BUT, there is nothing stopping you from putting it there". It requires some effort…
OK, here goes even more simple solution. Do you know the joke that at present time good developer should not write code, he'd better delete code. So we'll try to get rid of script modifications. The second…
Hi Chris,
The most elegant solution is described here, citation: "computer/site information is not stored in AD. BUT, there is nothing stopping you from putting it there". It requires some effort on distributing a startup script to all computers in your environment. The whole solution including InTrust part might be the following:
$obj = new-object -com ADSystemInfo
$type = $obj.gettype()
$adsite = $type.InvokeMember("sitename","GetProperty",$null,$obj,$null)
if($adsite -eq $null){$adsite = "UNKNOWN"}
$root = [ADSI]"LDAP://DC=Contoso,DC=com"
$search = [adsisearcher]$root
$name = $ENV:COMPUTERNAME
$Search.Filter = "(&(SamAccountName=$name$))"
$computer = $Search.FindOne() | foreach{$cproperties=$_.GetDirectoryEntry()}
$adsiteinad = $cproperties.extensionattribute8
if($adsiteinad -eq $adsite){}else{
$cproperties.extensionattribute8 = [string]$adsite
$cproperties.SetInfo()
}
What do you think if it can be implemented in your environment?
Hi Chris,
The most elegant solution is described here, citation: "computer/site information is not stored in AD. BUT, there is nothing stopping you from putting it there". It requires some effort on distributing a startup script to all computers in your environment. The whole solution including InTrust part might be the following:
$obj = new-object -com ADSystemInfo
$type = $obj.gettype()
$adsite = $type.InvokeMember("sitename","GetProperty",$null,$obj,$null)
if($adsite -eq $null){$adsite = "UNKNOWN"}
$root = [ADSI]"LDAP://DC=Contoso,DC=com"
$search = [adsisearcher]$root
$name = $ENV:COMPUTERNAME
$Search.Filter = "(&(SamAccountName=$name$))"
$computer = $Search.FindOne() | foreach{$cproperties=$_.GetDirectoryEntry()}
$adsiteinad = $cproperties.extensionattribute8
if($adsiteinad -eq $adsite){}else{
$cproperties.extensionattribute8 = [string]$adsite
$cproperties.SetInfo()
}
What do you think if it can be implemented in your environment?