Export "Department" Location Porperty on DS to AD

We dont use the Location information in the DS but you can get all the information using SQL. I don't know exactly how to do this but the information is in dbo.location in the express SQL. Just run:
Use Express
Select * from dbo.location

To get the computer names you will need to join it to either the dbo.computer database or another that has both the computer names and the computer_id.

Aagain as far as pulling this information into AD, I don't know that much.

I was thinking I may have to connect to the SQL database ... but that would mean I have to establish an ODBC connection to the DS, and then have the computer run the query against the SQL db. BTW, I am running the script from the local computer.

Not a big deal if I am doing this one at a time, but I will have to push this script out from (8) DS's to 15,000+ computers. That may be too much of a load against the DS.

I am hoping there is a variable I could define / import / pull directly from the Altiris Computer Object and use in the VBS.

Perhaps someone knows of a way to pass a "Department" token to the VB Script?

simply create a VBS file with the DS token %DEPT% in the spot where you want the DEPT placed and make sure you do a token replacement and frim the file down to the machine on the file ie:

EMBEDED SCRIPT

REM ReplaceTokens .\vbscripts\depart.vbs .\temp\%ID%-dept.txt
firm.exe copy "\temp\%ID%-dept.txt" "prod:\vbscript\depart.vbs"

Then run the vbs and it will have the token replaced.

Set objComputer = GetObject _ 
    ("LDAP://CN=atl-dc-01,CN=Computers,DC=fabrikam,DC=com")

objComputer.Put "Location" , "%DEPT%"
objComputer.SetInfo

Of course you would want to add erro handling and maybe verify that it was empty to begin with like this

On Error Resume Next

Set objComputer = GetObject _
    ("LDAP://CN=atl-dc-01,CN=Computers,DC=fabrikam,DC=com")

objProperty = objComputer.Get("Location")
If IsNull(objProperty) Then
BLAH blah here

This should get you going in the right direction for what you want to do, but I might suggest doing what some of the other comments discussed do a single sql query and then do one massive updated to Active Direcoty instead of doing one pc at a time.

I was able to use the ReplaceTokens command and incorporated the %SITE% and %DEPT% tokens into the Task (see line 40 in the code below). I successfully created the object in AD, gave it the appropriate permissions and exported / imported the Altiris information.

Just an FYI ... in our environment, we had to make sure the user / service account this Task was running under had the appropriate AD permissions.

Here's my code (in case anyone's interested):

'=============================================================================================
' NAME:		PreStageComputerAccount.vbs
' AUTHOR:		J. Baldwin
' REVISION DATE:	2008-12-01
' DESCRIPTION:	This script is intended to be run via Altiris.
'		It will create computer accounts in the MyDomain domain 
'		and will reguire (3) Arguments:
'		  1.  OUs_DN,
'		  2.  Domain_Controller, and 
'		  3.  Group_To_Delegate_Join_Rights
'		EX:  PreStageComputerAccount.vbs "OU=WORKSTATIONS,OU=AUTOLOGON,OU=SITE,DC=MyDomain,DC=COM" "ADDC01.MyDomain.com" "AddAutoLogonWS"
'
'		Revisions:
'		  1.  2008-12-01	Original Script
'=============================================================================================

Option Explicit

'Declare and Set Variables / Constants
	Const ADS_UF_PASSWD_NOTREQD             = &h0020
	Const ADS_UF_WORKSTATION_TRUST_ACCOUNT  = &h1000
	Const ADS_ACETYPE_ACCESS_ALLOWED        = &h0
	Const ADS_ACETYPE_ACCESS_ALLOWED_OBJECT = &h5
	Const ADS_FLAG_OBJECT_TYPE_PRESENT      = &h1
	Const ADS_RIGHT_GENERIC_READ            = &h80000000
	Const ADS_RIGHT_DS_SELF                 = &h8
	Const ADS_RIGHT_DS_WRITE_PROP           = &h20
	Const ADS_RIGHT_DS_CONTROL_ACCESS       = &h100
	Const ALLOWED_TO_AUTHENTICATE           = "{68B1D179-0D15-4d4f-AB71-46152E79A7BC}"
	Const RECEIVE_AS                        = "{AB721A56-1E2f-11D0-9819-00AA0040529B}"
	Const SEND_AS                           = "{AB721A54-1E2f-11D0-9819-00AA0040529B}"
	Const USER_CHANGE_PASSWORD              = "{AB721A53-1E2f-11D0-9819-00AA0040529b}"
	Const USER_FORCE_CHANGE_PASSWORD        = "{00299570-246D-11D0-A768-00AA006E0529}"
	Const USER_ACCOUNT_RESTRICTIONS         = "{4C164200-20C0-11D0-A768-00AA006E0529}"
	Const VALIDATED_DNS_HOST_NAME           = "{72E39547-7B18-11D1-ADEF-00C04FD8D5CD}"
	Const VALIDATED_SPN                     = "{F3A64788-5306-11D1-A9C5-0000F80367C1}"
	Dim objWshNetwork : Set objWshNetwork   = WScript.CreateObject ("WScript.Network")
	Dim strComputer   : strComputer         = objWshNetwork.ComputerName
	Dim strOU         : strOU               = WScript.Arguments (0)					' "OU=WORKSTATIONS,OU=AUTOLOGON,OU=SITE,DC=MyDomain,DC=COM"
	Dim strDC         : strDC               = WScript.Arguments (1)					' "ADDC01.MyDomain.com"
	Dim strComUsr     : strComUsr           = WScript.Arguments (2)					' "AddAutoLogonWS"
	Dim strDesc       : strDesc             = "%SITE%" & " - " & "%DEPT%"				' Pull from Altiris' Site & Department field in Location Properties
	Dim objContainer  : Set objContainer    = GetObject ("LDAP://" &strDC &"/"& strOU)			' Bind to Active Directory, Computers container.
	Dim objComputer   : Set objComputer     = objContainer.Create ("Computer", "cn=" & strComputer)	' Build the actual computer account.
	    objComputer.Put "sAMAccountName", strComputer & "$"					' Build the actual computer account.
	    objComputer.Put "userAccountControl", ADS_UF_PASSWD_NOTREQD Or ADS_UF_WORKSTATION_TRUST_ACCOUNT	' Build the actual computer account.
	    objComputer.Put "Description", strDesc							' Build the actual computer account.
	    objComputer.SetInfo									' Build the actual computer account.
	Dim objSecDesc    : Set objSecDesc      = objComputer.Get ("ntSecurityDescriptor")			' Assign the ability to join to user or group
	Dim objDACL       : Set objDACL         = objSecDesc.DiscretionaryAcl				' Assign the ability to join to user or group
	Dim objACE1       : Set objACE1         = CreateObject ("AccessControlEntry")
	Dim objACE2       : Set objACE2         = CreateObject ("AccessControlEntry")
	Dim objACE3       : Set objACE3         = CreateObject ("AccessControlEntry")
	Dim objACE4       : Set objACE4         = CreateObject ("AccessControlEntry")
	Dim objACE5       : Set objACE5         = CreateObject ("AccessControlEntry")
	Dim objACE6       : Set objACE6         = CreateObject ("AccessControlEntry")
	Dim objACE7       : Set objACE7         = CreateObject ("AccessControlEntry")
	Dim objACE8       : Set objACE8         = CreateObject ("AccessControlEntry")
	Dim objACE9       : Set objACE9         = CreateObject ("AccessControlEntry")

'Test to make sure proper argunments are presented
	If (WScript.Arguments.Count < 1) Then  
	    WScript.Echo "Required Parameter missing.  Proper syntax CreateComputerAccount.vbs " & Chr(34) & "OUs_DN" & Chr(34) & " " & "Domain_Controller" & " " & Chr(34) & "Group_To_Delegate_Join_Rights" & Chr(34)
	    WScript.Quit (111)									' Use Altiris error handling however you desire
	End If  
' Main
	objACE1.Trustee    = strComUsr
	objACE1.AccessMask = ADS_RIGHT_GENERIC_READ
	objACE1.AceFlags   = 0
	objACE1.AceType    = ADS_ACETYPE_ACCESS_ALLOWED
 
	objACE2.Trustee    = strComUsr
	objACE2.AccessMask = ADS_RIGHT_DS_CONTROL_ACCESS
	objACE2.AceFlags   = 0
	objACE2.AceType    = ADS_ACETYPE_ACCESS_ALLOWED_OBJECT
	objACE2.Flags      = ADS_FLAG_OBJECT_TYPE_PRESENT
	objACE2.ObjectType = ALLOWED_TO_AUTHENTICATE
 
	objACE3.Trustee    = strComUsr
	objACE3.AccessMask = ADS_RIGHT_DS_CONTROL_ACCESS
	objACE3.AceFlags   = 0
	objACE3.AceType    = ADS_ACETYPE_ACCESS_ALLOWED_OBJECT
	objACE3.Flags      = ADS_FLAG_OBJECT_TYPE_PRESENT
	objACE3.ObjectType = RECEIVE_AS

	objACE4.Trustee    = strComUsr
	objACE4.AccessMask = ADS_RIGHT_DS_CONTROL_ACCESS
	objACE4.AceFlags   = 0
	objACE4.AceType    = ADS_ACETYPE_ACCESS_ALLOWED_OBJECT
	objACE4.Flags      = ADS_FLAG_OBJECT_TYPE_PRESENT
	objACE4.ObjectType = SEND_AS
 
	objACE5.Trustee    = strComUsr
	objACE5.AccessMask = ADS_RIGHT_DS_CONTROL_ACCESS
	objACE5.AceFlags   = 0
	objACE5.AceType    = ADS_ACETYPE_ACCESS_ALLOWED_OBJECT
	objACE5.Flags      = ADS_FLAG_OBJECT_TYPE_PRESENT
	objACE5.ObjectType = USER_CHANGE_PASSWORD
 
	objACE6.Trustee    = strComUsr
	objACE6.AccessMask = ADS_RIGHT_DS_CONTROL_ACCESS
	objACE6.AceFlags   = 0
	objACE6.AceType    = ADS_ACETYPE_ACCESS_ALLOWED_OBJECT
	objACE6.Flags      = ADS_FLAG_OBJECT_TYPE_PRESENT
	objACE6.ObjectType = USER_FORCE_CHANGE_PASSWORD
 
	objACE7.Trustee    = strComUsr
	objACE7.AccessMask = ADS_RIGHT_DS_WRITE_PROP
	objACE7.AceFlags   = 0
	objACE7.AceType    = ADS_ACETYPE_ACCESS_ALLOWED_OBJECT
	objACE7.Flags      = ADS_FLAG_OBJECT_TYPE_PRESENT
	objACE7.ObjectType = USER_ACCOUNT_RESTRICTIONS
 
	objACE8.Trustee    = strComUsr
	objACE8.AccessMask = ADS_RIGHT_DS_SELF
	objACE8.AceFlags   = 0
	objACE8.AceType    = ADS_ACETYPE_ACCESS_ALLOWED_OBJECT
	objACE8.Flags      = ADS_FLAG_OBJECT_TYPE_PRESENT
	objACE8.ObjectType = VALIDATED_DNS_HOST_NAME
 
	objACE9.Trustee    = strComUsr
	objACE9.AccessMask = ADS_RIGHT_DS_SELF
	objACE9.AceFlags   = 0
	objACE9.AceType    = ADS_ACETYPE_ACCESS_ALLOWED_OBJECT
	objACE9.Flags      = ADS_FLAG_OBJECT_TYPE_PRESENT
	objACE9.ObjectType = VALIDATED_SPN
 
	objDACL.AddAce objACE1
	objDACL.AddAce objACE2
	objDACL.AddAce objACE3
	objDACL.AddAce objACE4
	objDACL.AddAce objACE5
	objDACL.AddAce objACE6
	objDACL.AddAce objACE7
	objDACL.AddAce objACE8
	objDACL.AddAce objACE9
 
	objSecDesc.DiscretionaryAcl = objDACL
	objComputer.Put "ntSecurityDescriptor", objSecDesc
	objComputer.SetInfo

	WScript.Quit (222)										' Use Altiris error handling however you desire