Rechercher dans ce blog

vendredi 30 mars 2018

MDT - MoveOU - LDAP - With Get Credential MDT SecureString























Import-Module Z:\Tools\Modules\ZTIUtility\ZTIUtility.psm1

function Base64Decode($textBase64In) {
    $b  = [System.Convert]::FromBase64String($textBase64In)
    $decoded = [System.Text.Encoding]::UTF8.GetString($b)
    return $decoded
}

$DomainAdmin = Base64Decode($tsenv:DomainAdmin)  
$DomainAdminDomain = Base64Decode($tsenv:DomainAdminDomain) 
$DomainAdminPassword = convertto-securestring -string (Base64Decode($tsenv:DomainAdminPassword)) -AsPlainText -Force


$ComputerName = $env:COMPUTERNAME
$OU = $tsenv:MACHINEOBJECTOU

$ldap = "LDAP://DC=XX,DC=XXX,DC=XX"
$ObjComputer = "(&(objectclass=computer)(cn= $ComputerName))"

if($DomainAdmin.Contains("\") -eq $true){
    $login_admin = "$DomainAdmin"
}
else
{
    $login_admin = "$DomainAdminDomain\$DomainAdmin"
}

#$AdPass = convertto-securestring -string $DomainAdminPassword -AsPlainText -Force
$AdCred = new-object -typename System.Management.Automation.PSCredential -argumentlist $login_admin , $DomainAdminPassword

Remove-Job *



start-job -Name "ChangeOU" -ScriptBlock {
    New-Item -Path C:\XXXXXXXXXXX\XXXXX -ItemType Directory -ErrorAction SilentlyContinue
    $ServeurLdap = $args[1]
    $LaMachineARechercher = $args[0]
    $DestinationOU = $args[2]
    $WriteLog = "C:\XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.log"

    $objDomain = New-Object System.DirectoryServices.DirectoryEntry  $ServeurLdap
    $objSearcher = New-Object System.DirectoryServices.DirectorySearcher
    $objSearcher.SearchRoot = $objDomain
    $objSearcher.PageSize = 10000
    $objSearcher.Filter = $LaMachineARechercher
    $objSearcher.SearchScope = "Subtree"
    $colResults = $objSearcher.FindAll()
    $ResultatMachine = ($colResults.Item(0)).path #$colResults.Item(0).Properties.Item("DistinguishedName")

    "$(Get-Date) - Actuellement : $(($colResults.Item(0)).path)" | Out-File -FilePath $WriteLog -Append
    "$(Get-Date) - Serveur LDAP : $ServeurLdap" | Out-File -FilePath $WriteLog -Append
    "$(Get-Date) - La machine : $LaMachineARechercher" | Out-File -FilePath $WriteLog -Append
    "$(Get-Date) - Destination : $DestinationOU" | Out-File -FilePath $WriteLog -Append


    $Object = New-Object -TypeName System.DirectoryServices.DirectoryEntry($ResultatMachine)
    $TargetOU = New-Object -TypeName System.DirectoryServices.DirectoryEntry("LDAP://$DestinationOU")
    $Object.psbase.Moveto($TargetOU)


    $objSearcher.Filter = $LaMachineARechercher
    $objSearcher.SearchScope = "Subtree"
    $colResults = $objSearcher.FindAll()
    "$(Get-Date) - Maintenant : $(($colResults.Item(0)).path)" | Out-File -FilePath $WriteLog -Append


} -Credential $AdCred -ArgumentList ($ObjComputer.Trim()), $ldap, $OU

$resultat = Receive-Job -Name ChangeOU -Wait


Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)