Active Directory Computer Description Script

From TrialWorks Wiki
Jump to: navigation, search

Summary

This article describes a technique to update the Computer Description filed in Active Directory via VBS script when users logon to the network. The following information will be visible in the description field:

  • User name
  • Time of last logon

Technique

The procedure requires users to be granted access to modify the Computers OU in Active Directory and the creation of a script file.

Active Directory

Set security in Active Directory to allow updates by users:

  • Find the container for Computers
  • Right-click and Delegate Control. The simplest method, but least secure, is to give full rights to Domain Users.


Script

Create a file called "ComputerDescription.VBS" and place it in SYSVOL or Group Policy container. Enter the code below and add it to your logon script.



Set objSysInfo = CreateObject("ADSystemInfo")
 
Set objUser = GetObject("LDAP://" & objSysInfo.UserName)
Set objComputer = GetObject("LDAP://" & objSysInfo.ComputerName)
 
strMessage = objUser.CN & " logged in at " & objComputer.CN & " " & Now & "."
 
'objUser.Description = strMessage
'objUser.SetInfo
 
objComputer.Description = strMessage
objComputer.SetInfo