1
00:00:00,440 --> 00:00:07,200
In previous sections we've talked about operational tasks that can be performed on the other accounts

2
00:00:07,200 --> 00:00:10,580
and have active directory use and powers show.

3
00:00:10,650 --> 00:00:19,500
This lessons focus on performance similar operations on computer objects manage and computer objects

4
00:00:19,500 --> 00:00:23,010
is not much different from managing user objects.

5
00:00:23,010 --> 00:00:25,380
All you need to do is to use the correct.

6
00:00:25,380 --> 00:00:29,940
Come on lads and the rest of the process remains the same.

7
00:00:29,940 --> 00:00:32,670
We'll be talking about the following topics.

8
00:00:32,760 --> 00:00:41,630
Create and computer accounts modifying Computer Properties enabling or disabling computer accounts deleting

9
00:00:41,640 --> 00:00:43,050
computer accounts.

10
00:00:43,050 --> 00:00:46,160
Let's start with creating computer accounts.

11
00:00:46,170 --> 00:00:53,460
Most system administrators do not create computer accounts manually inactive directory.

12
00:00:53,460 --> 00:01:00,840
Instead they join computers to the domain and the account gets created automatically after work.

13
00:01:00,930 --> 00:01:07,890
Automatic object creation the administrator removes the computer accounts from the default container

14
00:01:07,890 --> 00:01:10,030
to the desired or you.

15
00:01:10,050 --> 00:01:11,330
It looks quite simple.

16
00:01:11,340 --> 00:01:19,470
But why is there a need to create a manual computer account previously mentioned approach will work

17
00:01:19,470 --> 00:01:27,720
for small organizations where one set of system administrators will manage everything and they will

18
00:01:27,720 --> 00:01:29,490
have all privileges.

19
00:01:29,610 --> 00:01:38,700
But in large organizations that desktop or server builds happen in an automated way using deployment

20
00:01:38,700 --> 00:01:47,520
solutions such as Windows deployment services where the build process looks for a computer account in

21
00:01:47,790 --> 00:01:52,860
Active Directory to join the server desktop to the domain.

22
00:01:52,860 --> 00:02:00,750
This process is called pre stage and of computer records and it has a good set of advantages such as

23
00:02:00,840 --> 00:02:01,460
to them.

24
00:02:01,460 --> 00:02:08,310
They owe you where you want to place the computer group membership and so on.

25
00:02:08,310 --> 00:02:16,810
So let's now look at a few examples of great and a computer account Active Directory provides a common

26
00:02:16,820 --> 00:02:23,590
lad called new ADA computer to facilitate the computer account creation.

27
00:02:23,700 --> 00:02:30,870
The following commands will create a computer account with the name Lapis or with three or some other

28
00:02:30,870 --> 00:02:34,090
name in the default computer container.

29
00:02:34,140 --> 00:02:38,250
So let's run it new there's a computer Dash.

30
00:02:38,340 --> 00:02:46,500
Name Lapis or we one or leopard service 3 whatever server you need to add and pass through parameter

31
00:02:46,800 --> 00:02:53,710
to create computer account in a particular organizational unit inactive directory.

32
00:02:53,760 --> 00:02:56,100
We could use the following command.

33
00:02:56,100 --> 00:02:58,350
New dash 80 computer Dash.

34
00:02:58,350 --> 00:03:06,860
Name Lapis RI and pass to this o u in which we want to create the computer account.

35
00:03:06,990 --> 00:03:17,580
For example computers which is sub O U of production O U and in control also dot com domain.

36
00:03:17,910 --> 00:03:24,840
And of course pass through parameter to see the results ensure that oh you mentioned in the end this

37
00:03:24,840 --> 00:03:33,240
example command exists prior to the computer account creation if not the command execution fails.

38
00:03:33,300 --> 00:03:39,570
Another example when you want to create the computer account but keep it in a disabled state.

39
00:03:39,570 --> 00:03:42,930
You could use the following command as an example.

40
00:03:42,930 --> 00:03:43,680
New this.

41
00:03:43,920 --> 00:03:45,660
A computer Dash.

42
00:03:45,690 --> 00:03:54,060
Name this path you should type the path to this or you in which the computer will be located thus enabled

43
00:03:54,390 --> 00:03:58,920
dollar character false and pass through parameter.

44
00:03:58,920 --> 00:04:07,950
So in this example that enable parameter which is set to false is responsible for disabling the computer

45
00:04:07,950 --> 00:04:08,750
account.

46
00:04:08,910 --> 00:04:15,480
Of course to see the list of all the options for this command later and some examples you could read

47
00:04:15,770 --> 00:04:18,100
its complete help content.

48
00:04:18,150 --> 00:04:21,420
This can be done to you then the following command get help.

49
00:04:21,420 --> 00:04:27,730
New dash a computer Dash full or dash examples orders online.

50
00:04:27,780 --> 00:04:32,990
If you want to read on line updated help on this command land.

51
00:04:33,030 --> 00:04:37,410
Now let's move 1 and talk about modifying computer accounts.

52
00:04:37,410 --> 00:04:44,790
Computer account attributes often need to be modified for example because many computer accounts are

53
00:04:44,790 --> 00:04:50,330
created before the computers are actually assigned to users.

54
00:04:50,400 --> 00:04:59,930
Attributes such as description department and location can not be configured at the same time of an

55
00:04:59,980 --> 00:05:01,660
account creation.

56
00:05:01,660 --> 00:05:09,880
In addition the ownership of a computer can be transferred to a new user or new department or a computer

57
00:05:09,880 --> 00:05:13,440
might be physical and moved to a new location.

58
00:05:13,510 --> 00:05:20,880
In such circumstances the computer account attributes need to be modified so let's see how to do it

59
00:05:20,890 --> 00:05:26,530
in power shell using whereas command lets available for computer objects.

60
00:05:26,590 --> 00:05:34,170
As for setting the description of a computer account active directory power shall module has the set

61
00:05:34,210 --> 00:05:39,180
there's a computer command led form modifying computer account.

62
00:05:39,180 --> 00:05:42,010
Properties in active directory.

63
00:05:42,010 --> 00:05:43,450
Remember the set.

64
00:05:43,450 --> 00:05:45,860
Thus a the user command land.

65
00:05:46,000 --> 00:05:49,390
We use that to modify user object properties.

66
00:05:49,390 --> 00:05:56,230
It is similar to that but for computer accounts to update the description of a single computer you can

67
00:05:56,230 --> 00:05:58,210
use the following command.

68
00:05:58,210 --> 00:06:03,310
This example updates the description of the Lapis are we too.

69
00:06:03,310 --> 00:06:05,980
For example computer object.

70
00:06:06,070 --> 00:06:14,970
So it looks like that said does a computer dash identity Lapis Serbia one or two.

71
00:06:15,010 --> 00:06:23,140
I've got three of them in my lap and description property and we have to type the description and quotes

72
00:06:23,410 --> 00:06:32,740
for example member of server or web server or whatever description you need to update the set dash 80

73
00:06:32,770 --> 00:06:40,330
computer command LAT has the ability to set values for the majority of object attributes to see the

74
00:06:40,330 --> 00:06:48,130
list of attributes it can set check IDs help content you then the following command get this help or

75
00:06:48,130 --> 00:06:56,710
just help set there's a computer that's full or examples you can use the Guard does a computer command

76
00:06:57,010 --> 00:07:02,320
to check if the description is set for whatever server you need.

77
00:07:02,350 --> 00:07:11,140
So for this you should type get there's a computer lab a service one the property description.

78
00:07:11,170 --> 00:07:17,950
Now let's talk about moving computer accounts to a different oh you sometimes you might need to move

79
00:07:17,950 --> 00:07:26,170
computer accounts to different or use as the user might change the location or server accounts in order

80
00:07:26,170 --> 00:07:34,250
to segregate them according to their roles or you might want to move computer accounts from the default

81
00:07:34,250 --> 00:07:39,120
so you two respective office location or use.

82
00:07:39,160 --> 00:07:47,230
Let's see a few of the examples are related to the computer account movements across organizational

83
00:07:47,230 --> 00:07:56,740
units as we've done for user accounts here too we can make use of the move this a the object come and

84
00:07:56,740 --> 00:08:06,640
let to move computer accounts from Barno you to another level or command moves the lab a survey one

85
00:08:06,910 --> 00:08:15,960
computer account from the default computer container to computers or you inside production or you.

86
00:08:16,060 --> 00:08:25,150
So the command looks like that move does Ada object this identity will be moving up a survey which is

87
00:08:25,150 --> 00:08:34,240
located in computers in control so dot com the men and women will be moving it to the target path.

88
00:08:34,240 --> 00:08:40,360
So here we have to specify the path where we are moving the computer to.

89
00:08:40,630 --> 00:08:47,840
In this case it's computers which is SOP or wheel of production or you aren't at all.

90
00:08:47,920 --> 00:08:51,040
It's also in control so dot com domain.

91
00:08:51,190 --> 00:08:57,850
And of course pass through parameter to see the results since it's not possible to provide the full

92
00:08:57,850 --> 00:09:06,850
distinguish name of the object we want to move every time we can either use that get there's a computer

93
00:09:07,180 --> 00:09:17,050
or storage Dash 80 account command led to storage by its name or some other property and then pass to

94
00:09:17,290 --> 00:09:28,060
pass the output to the moved us 80 object command led and the example for that is here get a computer

95
00:09:28,150 --> 00:09:38,620
does filter the name should be equal to Lapis are we 1 and pipe it to move this 80 object with the target

96
00:09:38,620 --> 00:09:43,090
pass parameter and the target pass will look like that.

97
00:09:43,150 --> 00:09:49,180
Computers production controls so dot com and pass through parameter.

98
00:09:49,360 --> 00:09:56,530
Similarly these search for a string in the description of the computer objects and move them to the

99
00:09:56,890 --> 00:10:03,830
designated Oh you using the following command get a computer filter.

100
00:10:03,920 --> 00:10:08,840
The description should look like server or as a movie.

101
00:10:08,930 --> 00:10:14,480
Pipe it to move idea object and target pass for that.

102
00:10:14,480 --> 00:10:21,500
This command will look for computer accounts that have the string server in their description and will

103
00:10:21,500 --> 00:10:24,860
move them to the designated o you.

104
00:10:24,860 --> 00:10:32,480
Similarly you can search based on any other criteria and move them to different or use.