Have you set up an Active Directory Organizational Unit structure? Do you want your Deployment Server to automatically match computer groups to that structure? This guide will help you set up Deployment Server Computer Groups to automatically synchronize to your Active Directory Organizational Units.
First, you will need to verify that all the appropriate credentials are found in your Domain Accounts List. Go to Tools > Options > Domain Accounts. Click the Add button and fill out the information of the Domain Account for each of your Domains. This account should have permissions to query Active Directory to determine Organizational Unit membership. It is also the account used for joining computers to the Domain, so it should have permissions to do a Domain Join.
Click to view.
Second, you will need to have either the AClient or DAgent (for Vista) installed on all of your computers. AClient reports Organizational Unit membership to Deployment Server. If you are importing computers from a .csv or .xls file, make sure to include domain and Organizational Unit information in the import file.
Third, run the following SQL Query against your Deployment Server database.
--------Start Here-------- IF EXISTS (SELECT * FROM sysobjects WHERE name='ou2group' AND xtype='TR') DROP TRIGGER ou2group GO CREATE TRIGGER ou2group ON computer AFTER UPDATE AS IF (UPDATE(msnet_domain_ou) OR UPDATE(msnet_dns_domain)) BEGIN DECLARE @Done bit DECLARE @Left int DECLARE @Right int DECLARE @GroupName varchar(64) DECLARE @DomainOrganizational Unit varchar(256) DECLARE @ParentID int DECLARE @GroupID int SELECT @Done = 0, @Left = 0, @Right = 0 SELECT @GroupName = msnet_dns_domain, @DomainOU = msnet_domain_ou FROM INSERTED SELECT @ParentID = group_id FROM computer_group WHERE parent_id IS NULL AND name = @GroupName IF @ParentID IS NULL BEGIN EXEC ins_group @GroupName, @ParentID SELECT @ParentID = group_id FROM computer_group WHERE parent_id IS NULL AND name = @GroupName END WHILE @Done = 0 BEGIN SET @Left = @Right + 1 SET @Right = CHARINDEX('/', @DomainOU, @Left) IF @Right = 0 BEGIN SET @Right = LEN(@DomainOU) + 1 SET @Done = 1 END SET @GroupName = SUBSTRING(@DomainOU, @Left, @Right - @Left) SET @GroupID = NULL SELECT @GroupID = group_id FROM computer_group WHERE parent_id = @ParentID AND name = @GroupName IF @GroupID IS NULL BEGIN EXEC ins_group @GroupName, @ParentID SELECT @ParentID = group_id FROM computer_group WHERE parent_id = @ParentID AND name = @GroupName END ELSE SET @ParentID = @GroupID END SELECT @GroupID = group_id FROM INSERTED IF((SELECT COUNT(1) FROM computer WHERE group_id = @GroupID) < 2) DELETE FROM computer_group WHERE group_id = @GroupID UPDATE computer SET group_id = @ParentID WHERE computer_id = (SELECT computer_id FROM INSERTED) END GO --------End Here--------
You have just added a SQL Trigger that will be run every time a computer record is updated. When it is run, it will add the computer to a Computer Group that matches its Active Directory Organizational Unit membership. You might want to force your computers to update so that the membership is updated immediately. To force an update, open the Deployment Server Console and select View > Reset Client Connections. When the computers connect back to Deployment Server, you will see that they are automatically added to a Computer Group structure that matches your Active Directory Organizational Unit.
I will now explain, step-by-step, what the SQL Trigger does.
DECLARE @Done bit A true/false value that will be set to 1 (true) when all groups for the computer's Organizational Unit have been created
DECLARE @Left int This is the character position where the current Organizational Unit we are looking at starts
DECLARE @Right int This is the character position where the current Organizational Unit we are looking at ends
DECLARE @GroupName varchar(64) This is the name of the Organizational Unit we are looking at
DECLARE @DomainOU varchar(256) This is the entire Organizational Unit in the format Organizational Unit/Organizational Unit/Organizational Unit/...
DECLARE @ParentID int This is the Computer Group number of the parent group of the computer or the Organizational Unit we are looking at
DECLARE @GroupID int This is the Group number of the Organizational Unit we are looking at
SELECT @GroupName = msnet_dns_domain, @DomainOU = msnet_domain_ou FROM INSERTED SELECT @ParentID = group_id FROM computer_group WHERE parent_id IS NULL AND name = @GroupName
IF @ParentID IS NULL BEGIN EXEC ins_group @GroupName, @ParentID SELECT @ParentID = group_id FROM computer_group WHERE parent_id IS NULL AND name = @GroupName END
WHILE @Done = 0 BEGIN
SET @Left = @Right + 1 SET @Right = CHARINDEX('/', @DomainOU, @Left) IF @Right = 0 BEGIN SET @Right = LEN(@DomainOU) + 1 SET @Done = 1 END SET @GroupName = SUBSTRING(@DomainOU, @Left, @Right - @Left)
SET @GroupID = NULL SELECT @GroupID = group_id FROM computer_group WHERE parent_id = @ParentID AND name = @GroupName
IF @GroupID IS NULL BEGIN EXEC ins_group @GroupName, @ParentID SELECT @ParentID = group_id FROM computer_group WHERE parent_id = @ParentID AND name = @GroupName END
ELSE SET @ParentID = @GroupID END
SELECT @GroupID = group_id FROM INSERTED IF((SELECT COUNT(1) FROM computer WHERE group_id = @GroupID) < 2) DELETE FROM computer_group WHERE group_id = @GroupID
UPDATE computer SET group_id = @ParentID WHERE computer_id = (SELECT computer_id FROM INSERTED)
Thank you so much
...BEGIN begin transaction DELETE FROM computer_group WHERE group_id = @GroupID if (@@error != 0) rollback transaction else commit transactionENDbegin transactionUPDATE computer SET group_id = @ParentID WHERE computer_id = (SELECT computer_id FROM INSERTED)if (@@error != 0) rollback transactionelse commit transaction...