Active Directory Computer Description Script

From TrialWorks Wiki
Jump to: navigation, search


This article describes a technique to update the Computer Description filed in Active Directory via VBS script when users logon to the network. The following information will be visible in the description field:

  • User name
  • Time of last logon


The procedure requires users to be granted access to modify the Computers OU in Active Directory and the creation of a script file.

Active Directory

Set security in Active Directory to allow updates by users:

  • Find the container for Computers
  • Right-click and Delegate Control. The simplest method, but least secure, is to give full rights to Domain Users.


Create a file called "ComputerDescription.VBS" and place it in SYSVOL or Group Policy container. Enter the code below and add it to your logon script.

Set objSysInfo = CreateObject("ADSystemInfo")
Set objUser = GetObject("LDAP://" & objSysInfo.UserName)
Set objComputer = GetObject("LDAP://" & objSysInfo.ComputerName)
strMessage = objUser.CN & " logged in at " & objComputer.CN & " " & Now & "."
'objUser.Description = strMessage
objComputer.Description = strMessage