0

Writing last logged on user to a machine’s description field in AD (with serial and model of machine)

Originally from https://4sysops.com/archives/automatically-fill-the-computer-description-field-in-active-directory/.

  1. Open Active Directors Users and Computers MMC
  2. Right click on your domain, and select ‘properties’ from the context menu
  3. On the ‘security’ tab, click the ‘advanced’ button
  4. Click the ‘add’ button, type ‘Authenticated Users’. Then click OK.
  5. In the permission > properties >  dialogue, set the ‘apply to’ pull-down menu to ‘Descendant Computer Objects’, allow the option for ‘Write Description’

Save the following script as a vbs file, then create a logon script policy.

Set WshNetwork = WScript.CreateObject(“WScript.Network”)
Set objWMI = GetObject(“winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2”)
‘ Get service tag and computer manufacturer
For Each objSMBIOS in objWMI.ExecQuery(“Select * from Win32_SystemEnclosure”)
serviceTag = replace(objSMBIOS.SerialNumber, “,”, “.”)
manufacturer = replace(objSMBIOS.Manufacturer, “,”, “.”)
Next
‘ Get computer model
For Each objComputer in objWMI.ExecQuery(“Select * from Win32_ComputerSystem”)
model = trim(replace(objComputer.Model, “,”, “.”))
Next
‘ Get computer object in AD
Set objSysInfo = CreateObject(“ADSystemInfo”)
Set objComputer = GetObject(“LDAP://” & objSysInfo.ComputerName)
‘ Build up description field data and save into computer object if different from current description
‘ We also do not update computers with a description that starts with an underscore (_)
newDescription = WshNetwork.UserName & ” (” & serviceTag & ” – ” & manufacturer & ” ” & model & “)”
if not objComputer.Description = newDescription and not left(objComputer.Description,1) = “_”  then
objComputer.Description = newDescription
objComputer.SetInfo
end if

Leave a Reply

Your email address will not be published. Required fields are marked *