Posted on 06-07-2010 07:51 AM
Hi guys,
I'm looking for a way to script removal of a computer object from OD & AD...
It'll be served via self-service, so that local it guys can remove computers from OD before rebuilding without having access to WGM....
Where can I start looking for this? The scripts in the resource kit all point to the local machine, where if it's a rebuild (due to hardware failure for example) we would not be able to run the script locally.
Ben Toms
IT Support Analyst GREY Group
The Johnson Building, 77 Hatton Garden, London, EC1N 8JS
T: +44 (0) 20-3037-3819 |
Main: +44 (0) 20 3037 3000 | IT Helpdesk: +44 (0) 20 3037 3883
Grey Communications Group Limited
Registered No. 1795794, Registered in England
Registered Office The Johnson Building, 77 Hatton Garden, London, EC1N 8JS
VAT Number GB 404 6245 78
Posted on 06-07-2010 09:21 AM
Why not unbind from OD there's an od unbind script in the resources kit, that would remove the computer from the server
Om simply over write the od computer on reimage, that's what my macs do, I don't bit her unbinding from AD or OD
Sent from my iPad
Posted on 06-07-2010 09:34 AM
If you do a force unbind I am almost certain you can remove the
computer from OD as well
Posted on 06-07-2010 02:43 PM
Thanks guys.. The OD Unbind Script does remove the machine from OD by doing the following command:
/usr/sbin/dsconfigldap -f -v -r"$serverAddress" -u "$username" -p "$password"
However, if the machine DOES not already have the OD server in it’s OD settings it gives the error:
Attempting to remove server from configuration Status: Failed - Server does not exist in configuration.
According to dsconfigldap’s man page, you can use the –c option to set the computer id.. But that only works when binding..
-c computerid name to use if when binding to directory
Hmmm... Y’know what.. This may only be a site specific issue as we’ve only just started securely binding the macs & it’s the one with the old records without the $ that have issues..
So, I presume you all securely bind to the existing computer account? Does this work in the majority of re-imaging?
If so, then it’ll be fine me thinks..
I’ll just removed the odd account as & when there’s an issue...
Posted on 06-07-2010 03:07 PM
Hi
I just use the Casper od settings via the joss and do secure bind and it never fails, no need to remove old accounts
Sent from my iPad
Posted on 06-07-2010 03:09 PM
Cheers...
I think I’ve just been set in doing things “clean.”