| Author | Messages | |
MikeGuest
Posts:10
 | | 05/01/2008 11:16 AM |
| Greetings,
We have a system we're implementing which creates virtual XP desktop
machines and then deletes the VM once a user disconnects. One of the
side effects of this is that each system creates a computer account in a
specific OU, and the functionality does not exist within the product to
automatically remove those accounts.
It has been suggested that we set up a scheduled task on a DC to run the
following cmd
dsquery computer "OU Virtual Desktop Images, OU=..." -stalepwd 31 | dsrm
-noprompt
Does this sound a sensible approach or can you think of a more suitable
method?
Whatever the solution, it needs to be an automated process to minimise
the admin tasks when handed over to the support guys
Thanks in advance
*******************************************************************
This email is intended only for the addressee named above. As this email may contain confidential or privileged information, if you are not the named addressee or receive this message in error, please notify us immediately, delete it and do not make use of or copy it.
This message is protected by copyright. HML accepts no responsibility for viruses found in this message or any file attachment.
Homeloan Management Limited
Registered in England No. 2214839
1 Providence Place, Skipton, North Yorkshire BD23 2HL
********************************************************************
| | | |
| listmail
Posts:463
| | 05/01/2008 11:26 AM |
| The first question I would ask is "How the &(*^**&% did the vendor not
figure that one out as an issue when in the very initial parts of their
design phase?"
The second question I would ask is "When exactly will they be adding that
this quarter?"
The third question I would ask is "What else did they screw up?"
After that I would say that process should be fine. This is a pretty
specific case for machine account cleanup. If you know the objects are only
used for X hours or whatever as well you could also probably just delete
them daily by doing a query for all computer objects created in that OU more
than x hours ago (query against whenCreated).
If the vendor wants a couple of solutions... The first would be to look at
seeing if they can add the code to cleanup the objects up after the user
disconnects. If they can't figure out an easy way to do that they should
look at using Dynamic Objects and set a TTL of maybe a day or two or maybe a
week and then the DS will just remove the objects automatically when the TTL
expires.
--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm
_____
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Mike Guest
Sent: Thursday, May 01, 2008 11:14 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Automating the deletion of machine objects
Greetings,
We have a system we're implementing which creates virtual XP desktop
machines and then deletes the VM once a user disconnects. One of the side
effects of this is that each system creates a computer account in a specific
OU, and the functionality does not exist within the product to automatically
remove those accounts.
It has been suggested that we set up a scheduled task on a DC to run the
following cmd
dsquery computer "OU Virtual Desktop Images, OU=..." -stalepwd 31 | dsrm
-noprompt
Does this sound a sensible approach or can you think of a more suitable
method?
Whatever the solution, it needs to be an automated process to minimise the
admin tasks when handed over to the support guys
Thanks in advance
*******************************************************************
This email is intended only for the addressee named above. As this email may
contain confidential or privileged information, if you are not the named
addressee or receive this message in error, please notify us immediately,
delete it and do not make use of or copy it.
This message is protected by copyright. HML accepts no responsibility for
viruses found in this message or any file attachment.
Homeloan Management Limited
Registered in England No. 2214839
1 Providence Place, Skipton, North Yorkshire BD23 2HL
********************************************************************
| | | |
| colemancraig1
Posts:40
| | 05/01/2008 11:51 AM |
| Modify your dsquery so it doesn't get hung up on any child objects.
dsquery computer "OU Virtual Desktop Images, OU=..." -stalepwd 31 | dsrm -noprompt -subtree
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Mike Guest
Sent: Thursday, May 01, 2008 11:14 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Automating the deletion of machine objects
Greetings,
We have a system we're implementing which creates virtual XP desktop machines and then deletes the VM once a user disconnects. One of the side effects of this is that each system creates a computer account in a specific OU, and the functionality does not exist within the product to automatically remove those accounts.
It has been suggested that we set up a scheduled task on a DC to run the following cmd
dsquery computer "OU Virtual Desktop Images, OU=..." -stalepwd 31 | dsrm -noprompt
Does this sound a sensible approach or can you think of a more suitable method?
Whatever the solution, it needs to be an automated process to minimise the admin tasks when handed over to the support guys
Thanks in advance
*******************************************************************
This email is intended only for the addressee named above. As this email may contain confidential or privileged information, if you are not the named addressee or receive this message in error, please notify us immediately, delete it and do not make use of or copy it.
This message is protected by copyright. HML accepts no responsibility for viruses found in this message or any file attachment.
Homeloan Management Limited
Registered in England No. 2214839
1 Providence Place, Skipton, North Yorkshire BD23 2HL
********************************************************************
| | | |
|
|