Any Way to Automate Adding a New Computer to an AD Group?

wrx7m

I want to be able to automatically add new laptops to an AD group that will allow them access to the wifi. I haven't found a way that works.

I tried a PowerShell script in an MDT task sequence during deployment, but couldn't get it to run correctly. I was also going to try to use PowerShell in a PDQ Deploy package, but that requires RSAT to be installed on the target system.

Is there a way to have a GPO add the computer to a group when it is located in a specific OU? Or any other suggestions on how to automate this?
TIA

JasGot

In a script, startup/logon or otherwise.

Net localgroup <group> <domain name><computer name>$ /ADD

Localgroup does not imply the local group on the workstation, that is determined by whether you have a domain name\ in front of the computer name

wrx7m

@JasGot said in Any Way to Automate Adding a Computer to an AD Group?:

Net localgroup <group> <domain name><computer name>$ /ADD

Localgroup does not imply the local group on the workstation, that is determined by whether you have a domain name\ in front of the computer name

Thanks. I will try that out.

JasGot

@wrx7m We use Net and NetDom to automate most tasks like this.

wrx7m

@JasGot said in Any Way to Automate Adding a New Computer to an AD Group?:

@wrx7m We use Net and NetDom to automate most tasks like this.

Any idea on how to get it to query the system for the hostname and use it? Otherwise, it looks like I would have to run this manually.

JasGot

@wrx7m %computername%

wrx7m

@JasGot said in Any Way to Automate Adding a New Computer to an AD Group?:

@wrx7m %computername%

lol - Don't know why I didn't think of that. Over-complicating it, I guess. Thanks

wrx7m

I get "The specified local group does not exist." when I try to run

Net localgroup DomainLaptopsWiFi domain.local %computername%$ /ADD

or

Net localgroup DomainLaptopsWiFi domain.local\%computername%$ /ADD

wrx7m

Net localgroup DomainLaptopsWiFi %computername%$ /add /DOMAIN

Literally using the word "DOMAIN" is what is needed to get it to connect to the domain controllers, as it shows that it connected to the DC for my domain. However, I am still getting the local group does not exist error.

The request will be processed at a domain controller for domain mydomain.local.

System error 1376 has occurred.

The specified local group does not exist.

black3dynamite

Using Add-ADGroupMember doesn't work?

wrx7m

@black3dynamite said in Any Way to Automate Adding a New Computer to an AD Group?:

Using Add-ADGroupMember doesn't work?

It does, if I want to manually run it from my workstation. Add-ADGroupmember requires RSAT to be installed on the system running the command.

black3dynamite

@wrx7m said in Any Way to Automate Adding a New Computer to an AD Group?:

net localgroup "DomainLaptopsWiFi" %computername%$ /add /domain

wrx7m

@black3dynamite said in Any Way to Automate Adding a New Computer to an AD Group?:

net localgroup "DomainLaptopsWiFi" %computername%$ /add /domain

Same error.

JasGot

@wrx7m My apologies, it's the dsmod command for computers against groups.

Just tested this:

I added a new group called "test" in the Employee Computers OU and then ran.

dsmod group "CN=test,OU=employee computers, DC=abc,DC=local" -addmbr "CN=jason-i7,OU=Employee Computers,DC=abc,DC=local"

dsmod succeeded:CN=test,OU=employee computers,DC=abc,DC=local

JasGot

And this will get you the full CN name:

dsquery computer domainroot -name %computername%

returns

"CN=JASON-I7,OU=Employee Computers,DC=abc,DC=local"

wrx7m

@JasGot said in Any Way to Automate Adding a New Computer to an AD Group?:

And this will get you the full CN name:

dsquery computer domainroot -name %computername%

returns

"CN=JASON-I7,OU=Employee Computers,DC=abc,DC=local"

Thanks. I will work on stringing these together.

wrx7m

@JasGot said in Any Way to Automate Adding a New Computer to an AD Group?:

dsmod group

Looks like this requires RSAT too.

JasGot

@wrx7m said in Any Way to Automate Adding a New Computer to an AD Group?:

@JasGot said in Any Way to Automate Adding a New Computer to an AD Group?:

dsmod group

Looks like this requires RSAT too.

Don't think so. At least these commands work on my workstation and server without RSAT installed.

wrx7m

@JasGot said in Any Way to Automate Adding a New Computer to an AD Group?:

@wrx7m said in Any Way to Automate Adding a New Computer to an AD Group?:

@JasGot said in Any Way to Automate Adding a New Computer to an AD Group?:

dsmod group

Looks like this requires RSAT too.

Don't think so. At least these commands work on my workstation and server without RSAT installed.

Hmm. I get unrecognized command or whatever the error is when it doesn't know what it is.

Obsolesce

This post is deleted!