我们有一个脚本,可以自动将新映像的计算机添加到域中。加入域的功能始终成功。但是,当脚本尝试添加域组时,有 50% 的时间会失败。下面是脚本。我没有写它,我只是想弄清楚它为什么会失败。我替换了公司识别信息。有什么想法吗?
On Error Resume Next
Const HKEY_LOCAL_MACHINE = &H80000002
Dim WShell, oReg
Dim intReturn
Dim strComputer, strKeyPath, strPortConf, strValue, strTempDir, strUser, strChassis, strPath
Dim strDomain, strDomainUser, strDomainPW, strDomainOU
Dim booDesktop, booLaptop
Dim strPCName, objWMIService
strDomain = "ourDomain.com"
strDomainUser = "serviceaccountname"
strDomainPW = "serviceaccountpassword"
strDomainOU = "OU=Production,OU=General Workstations,DC=SOMETHING,DC=GOES,DC=HERE,DC=COM"
booLaptop = False
booDesktop = False
Set WShell = Wscript.CreateObject("Wscript.Shell")
Set fs = CreateObject("Scripting.FileSystemObject")
strComputer = "."
strUser = ""
strPath = ""
strTempDir = ""
strPath = GetPath(wscript.scriptfullname)
strTempDir = "C:\Windows\IT\scripts"
If right(strPath,1) <> "\" Then
strPath = strPath + "\"
End if
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
'------------
' Start code
'------------
Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & _
strComputer & "\root\default:StdRegProv")
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" _
& strComputer & "\root\cimv2")
Set colChassis = objWMIService.ExecQuery _
("Select * from Win32_SystemEnclosure",,16)
For Each objChassis in colChassis
For Each objItem in objChassis.ChassisTypes
Select Case objItem
Case 1 booDesktop = True 'Maybe Virtual Machine
Case 2 strChassis = "??"
Case 3 booDesktop = True
Case 4 booDesktop = True
Case 5 strChassis = "Pizza Box"
Case 6 booDesktop = True
Case 7 booDesktop = True
Case 8 booLaptop = True 'Portable
Case 9 booLaptop = True 'Laptop
Case 10 booLaptop = True 'Notebook
Case 11 strChassis = "Hand Held"
Case 12 strChassis = "Docking Station"
Case 13 strChassis = "All in One"
Case 14 strChassis = "Sub Notebook"
Case 15 booDesktop = True 'Space-Saving, SFF - Our standard desktop
Case 16 strChassis = "Lunch Box"
Case 17 strChassis = "Main System Chassis"
Case 18 strChassis = "Lunch Box"
Case 19 strChassis = "SubChassis"
Case 20 strChassis = "Bus Expansion Chassis"
Case 21 strChassis = "Peripheral Chassis"
Case 22 strChassis = "Storage Chassis"
Case 23 strChassis = "Rack Mount Unit"
Case 24 strChassis = "Sealed-Case PC"
End Select
Next
Next
'Add the machine into the domain if it is a Desktop or a Laptop
If booLaptop Then strDomainOU = "OU=Back Office,OU=Laptops," + strDomainOU
If booDesktop Then strDomainOU = "OU=Back Office,OU=Desktops," + strDomainOU
Set domFile = fs.CreateTextFile( strTempDir + "\dominfo.xml" )
domFile.WriteLine "<?xml version=""1.0"" encoding=""UTF-8""?>"
domFile.WriteLine "<configuration>"
domFile.WriteLine " <DOMAIN>" + strDomain + "</DOMAIN>"
domFile.WriteLine " <USERID>" + strDomainUser + "</USERID>"
domFile.WriteLine " <PASSWORD>" + strDomainPW + "</PASSWORD>"
domFile.WriteLine " <OUTOJOIN>" + strDomainOU + "</OUTOJOIN>"
domFile.WriteLine "</configuration>"
domFile.WriteLine()
domFile.Close()
'Join the Workstation to the Domain
intReturn = WShell.Run(strTempDir + "\jdom /F " + strTempDir + "\dominfo.xml",0, true)
strKeyPath = "SOFTWARE\Novell\Login\TAB SETTINGS\NT Credentials"
oReg.SetDWORDValue HKEY_LOCAL_MACHINE, strKeyPath, "Sync NDS Username", "1"
'Delay the remainder of the script for 30000 milliseconds (30 seconds).
WScript.Sleep(30000)
'Add the Back Office Admins group to the local administrators group
WShell.Run strTempDir + "\jdom /A ""Back Office - Local Admins"" ""Group"" ",0, true
'Add the Back Office Power Users group to the local Power Users group
WShell.Run strTempDir + "\jdom /P ""Back Office - Power Users"" ""Group"" ",0, true
'*********************
'* Main Join Script *
'* (END) *
'* ----------------- *
Function GetPath(ByVal gpFileName)
on error resume next
Dim gpSlash, gpLast
If IsEmpty(gpFileName) Then
GetPath = ""
Else
gpSlash = InStr(gpFileName, "\")
gpLast = gpSlash
Do While gpSlash <> 0
gpSlash = InStr(gpSlash + 1, gpFileName, "\")
If gpSlash > 0 Then
gpLast = gpSlash
End If
Loop
if gpLast = InStr(gpFileName, "\") then gpLast = gpLast + 1
GetPath = Left(gpFileName, gpLast - 1)
End If
on error goto 0
End Function
答案1
可能是那行写着 wscript.sleep(30000)。我敢打赌,它失败的次数是因为脚本在计算机添加到域之前恢复执行。一个明显的补丁/测试是将等待时间增加到一分钟左右,但这不是最佳方案。也许像 zeda 在评论中提出的建议是一个更好的解决方案。不过,增加等待时间应该可以作为补丁
答案2
我们取消了组添加功能,转而使用组策略。我们发现通过脚本添加组的问题在于域控制器的延迟。在解决这个问题之前,除了组策略之外没有其他解决方案,而组策略本来就应该如此。