Re: How to tell when a computer was joined to the domain?

Discussion in 'Windows Server' started by neo [mvp outlook], Jul 14, 2007.

  1. neo [mvp outlook], Jul 14, 2007
    #1
    1. Advertisements

  2. As noted in the link, if the computer object was created in the domain when
    the computer was joined to the domain (not created ahead of time), the
    whenCreated attribute value will be the date the computer joined. In a
    VBScript, bind to the computer object and retrieve whenCreated. Or, use a
    command line tool.

    Set objComputer =
    GetObject("LDAP://cn=MyComputer,ou=Sales,dc=MyDomain,dc=com")
    Wscript.Echo objComputer.whenCreated

    --
    Richard Mueller
    Microsoft MVP Scripting and ADSI
    Hilltop Lab - http://www.rlmueller.net
     
    Richard Mueller [MVP], Jul 14, 2007
    #2
    1. Advertisements

  3. You can double click on a *.vbs file, and it will be run with whatever host
    program has been configured as the default on your computer, either
    cscript.exe or wscript.exe. I think wscript is usually the default. When you
    run a script with wscript, any Wscript.Echo statements result in a dialog
    box displaying the values. If you run the script with cscript the program
    runs in a command window. I generally run administrative VBScript programs
    at a command prompt with the cscript host. This way I see the output at the
    console, including error messages. For example, if the program is saved in a
    file called example.vbs, I run it at a command prompt with the command:

    cscript example.vbs

    this assumes I have navigated to the folder where the file example.vbs is
    saved. Otherwise, I must specify the path. If I want to redirect output to a
    text file (so it doesn't scroll off the screen and I can view the output in
    notepad), I use the //nologo optional parameter to suppress the logo
    information. For example:

    cscript //nologo example.vbs > report.txt

    To bind to an object with the LDAP provider you need the Distinguished Name
    (DN) of the object. This uniquely identifies the object and shows its
    location in the hierarchy of Active Directory. The computer with DN:

    cn=MyComputer,ou=Sales,dc=MyDomain,dc=com

    has Common Name "MyComputer". It is in the OU called "Sales", which is in
    the domain with DNS name MyDomain.com. Another domain might be
    MyDivision.MyCompany.net. Most likely, the NetBIOS name of this computer
    (the NT name, or "pre-Windows 2000 name") is "MyComputer", but that does not
    have to be true. If you know the NetBIOS name of a computer, you can use the
    NameTranslate object to convert this (in combination with the NetBIOS name
    of the domain) to the DN of the computer required by the LDAP provider.

    In a similar way, the NetBIOS name of the domain in my example is most
    likely "MyDomain", but again this might not be true. Fortunately, you can
    retrieve the DNS name of the domain from the RootDSE object and user the
    NameTranslate object to convert this to the NetBIOS name of the domain. For
    example:
    =====================
    ' Constants for the NameTranslate object.
    Const ADS_NAME_INITTYPE_GC = 3
    Const ADS_NAME_TYPE_NT4 = 3
    Const ADS_NAME_TYPE_1779 = 1

    ' Specify the NetBIOS name of the computer.
    strComputer = "WEST1003"

    ' Determine DNS name of domain from RootDSE.
    Set objRootDSE = GetObject("LDAP://RootDSE")
    strDNSDomain = objRootDSE.Get("defaultNamingContext")

    ' Use the NameTranslate object to find the NetBIOS domain name from the
    ' DNS domain name.
    Set objTrans = CreateObject("NameTranslate")
    ' Initialize NameTranslate by locating the Global Catalog.
    objTrans.Init ADS_NAME_INITTYPE_GC, ""
    ' Use the Set method to specify the DNS format of the object name.
    objTrans.Set ADS_NAME_TYPE_1779, strDNSDomain
    ' Use the Get method to retrieve the NetBIOS name.
    strNetBIOSDomain = objTrans.Get(ADS_NAME_TYPE_NT4)
    ' Remove trailing backslash.
    strNetBIOSDomain = Left(strNetBIOSDomain, Len(strNetBIOSDomain) - 1)


    ' Use the NameTranslate object to convert the NetBIOS name of the
    ' computer to the Distinguished Name required for the LDAP provider.
    ' Use the Set method to specify the NT format of the object name.
    objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & "\" & strComputer
    ' Use the Get method to retrieve the RPC 1779 Distinguished Name.
    strComputerDN = objTrans.Get(ADS_NAME_TYPE_1779)

    ' Bind to the computer object in Active Directory with the LDAP provider.
    Set objComputer = GetObject("LDAP://" & strComputerDN)



    ' Display whenCreated date, which should be the date when the computer

    ' joined the domain.

    Wscript.Echo objComputer.whenCreated

    ============

    The above is the most generic way, retrieving as much as possible
    programmatically. The only thing we cannot retrieve, which you must supply,
    is the NetBIOS name of the computer. If you are familiar with Distinguished
    Names, and know the DN for a computer, you use it to bind to the computer
    object immediately. The DN's take getting used to.
     
    Richard Mueller [MVP], Jul 14, 2007
    #3
  4. The error you described is raised when the Set method cannot find the object
    specified. With ADS_NAME_TYPE_NT4 the object name needs to be in the form:

    Domain\ObjectName

    where "Domain" is the NetBIOS name of the domain and "ObjectName" is the
    NetBIOS name of the object. In you case, since the Common Name is
    "Computer13", I would expect the NetBIOS name to be "Computer13", but this
    does not have to be the case. Notice that when I retrieve the NetBIOS name
    of the domain in the code, I stripped of the trailing backslash. I could
    have left this on, but I always use this code to retrieve the NetBIOS domain
    name. Then I need to append the "\" in the string I pass to the Set method
    of the NameTranslate object. If you added:

    Wscript.Echo strNetBIOSDomain
    Wscript.Echo strComputer

    You should have seen something like:

    MyDomain
    Computer13

    Neither value should have had a backslash. If all appears fine, then the
    only explanation I am aware of is that the NetBIOS name of the computer is
    not Computer13.

    One way to tell for sure is to use NameTranslate to convert the DN back to
    the NT form of the name. From ADSI Edit, you know the DN of the object. The
    code would be very similar:
    ===============
    ' Constants for the NameTranslate object.

    Const ADS_NAME_INITTYPE_GC = 3
    Const ADS_NAME_TYPE_NT4 = 3
    Const ADS_NAME_TYPE_1779 = 1

    ' Specify the Distinguished Name of the computer.

    ' Watch line wrapping, this is one line.

    strComputerDN = CN=Computer13,OU=General
    Desktops,OU=SBSComputers,OU=Computers,OU=MyBusiness,DC=<removed for
    posting>,DC=local"



    ' Use the NameTranslate object to convert the Distinguished Name

    ' of the object to the NetBIOS name.

    Set objTrans = CreateObject("NameTranslate")

    ' Initialize NameTranslate by locating the Global Catalog.
    objTrans.Init ADS_NAME_INITTYPE_GC, ""
    ' Use the Set method to specify the RPC 1779 format of the object name.
    objTrans.Set ADS_NAME_TYPE_1779, strComputerDN

    ' Use the Get method to retrieve the NT Name.
    strNTName = objTrans.Get(ADS_NAME_TYPE_NT4)

    Wscript.Echo strNTName

    ==============

    The output should be similar to:



    Domain\Computer13
     
    Richard Mueller [MVP], Jul 15, 2007
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.