≡ Menu

Powershell: Move Computer accounts from default container to specific OU

Whenever a computer is added to a windows domain, by default account will get created under Computers container. It is located right below the domain name in dsa.msc. The pull of it is, <domainName>\Computers.

Today one of my friend has asked to know if there any quick script using which he can move all computers from default computers container to OU of his choice in same domain. Since I don’t have a script already authored for this purpose, I quickly made the below.

This is a very basic version of computer accounts movement script. There might be some conditions processing like if name contains XYZ move to one OU or if name contains ABC move to different OU. You can accommodate such conditions in this script if you have little powershell knowledge(or let me know I can help you given some time).

Here is the code.

[cmdletbinding()]            

param (
[parameter(mandatory=$true)]
$TargetOU
)            

Import-Module ActiveDirectory
$Domain = [ADSI]""
$DN=$domain.distinguishedName
$SourcePath = "CN=Computers," + $DN
$Computers = Get-ADComputer -Filter * -SearchBase $SourcePath
if(!$Computers) {
 write-host "No Computers are found in default container"
 return
}
foreach ($Computer in $Computers) {
 if(!(Move-ADObject $Computer -TargetPath $TargetOU)) {
  $Status = "SUCCESS"
 } else {
  $Status = "FAILED"
 }
 $OutputObj = New-Object -TypeName PSobject
 $OutputObj | Add-Member -MemberType NoteProperty -Name ComputerName -Value $Computer.Name.tostring()
 $OutputObj | Add-Member -MemberType NoteProperty -Name SourcePath -Value $SourcePath
 $OutputObj | Add-Member -MemberType NoteProperty -Name DestinationPath -Value $TargetOU
 $OutputObj | Add-Member -MemberType NoteProperty -Name Status -Value $Status
 $OutputObj
}

 

When I executed this script in my test domain for testing purpose it went fine and generated below output. This script is not depending on any external modules/cmdlets like quest tools. I uses ActiveDirectory module which comes with RSAT(or windows 2008 domain controllers). Needless to say that you need ADWS(active directory web services) installed if all your domain controllers are Windows 2003. This is not required if atleast one DC is having windows 2008 R2 OS where ADWS is default.

Output:

{ 17 comments… add one }
  • ken tookes February 18, 2012, 1:56 am

    I can use something like this. However, what if I want to move computers beginning with ABC to OU=ABC,OU=Schools,OU=Workstation Computers,DC=Contoso,DC=COM ? How would the script be written? I’m running Windows 2008 R2

    • Sitaram Pamarthi February 18, 2012, 2:04 pm

      Hi Ken, Since it difficult to produce single script that meets all custom moves, I modified my code to address your requirement. Take a look at the below code.

      [cmdletbinding()]

      param (
      [parameter(mandatory=$true)]
      $TargetOU
      )

      Import-Module ActiveDirectory
      $Domain = [ADSI]""
      $DN=$domain.distinguishedName
      $SourcePath = "CN=Computers," + $DN
      $Computers = Get-ADComputer -Filter * -SearchBase $SourcePath
      if(!$Computers) {
      write-host "No Computers are found in default container"
      return
      }
      foreach ($Computer in $Computers) {
      if($Computer.Name -like "ABC*") {
      if(!(Move-ADObject $Computer -TargetPath $TargetOU)) {
      $Status = "SUCCESS"
      } else {
      $Status = "FAILED"
      }
      $OutputObj = New-Object -TypeName PSobject
      $OutputObj | Add-Member -MemberType NoteProperty -Name ComputerName -Value $Computer.Name.tostring()
      $OutputObj | Add-Member -MemberType NoteProperty -Name SourcePath -Value $SourcePath
      $OutputObj | Add-Member -MemberType NoteProperty -Name DestinationPath -Value $TargetOU
      $OutputObj | Add-Member -MemberType NoteProperty -Name Status -Value $Status
      $OutputObj
      }
      }

  • bradley wyatt February 21, 2012, 12:14 am

    hello. how can i make ap owershell script to move users from one ou to another ou. my domain is ad1

    • Sitaram Pamarthi February 21, 2012, 11:01 am

      Please update the $SourcePath in my script with the OU path from where you want to move computer and pass the destination OU path to the script using -TargetOU parameter.

      For example…
      Change source path:
      $sourcepath = “OU=Team1 Computers,OU=Office Computers,DC=Techibee,DC=COM” # where “Team1 Computers” is the name of OU where your computers are residing and techibee.com is your domain name.

      Pass the target OU value:
      .\Move-ComputerAccounts.ps1 -TargetOU “OU=Team2 Computers,OU=Office Computers,DC=Techibee,DC=COM” #where “Team2 Computers” is the target OU name to where you want to move the computer accounts. Hope this helps…

    • defria manda July 14, 2012, 6:05 pm

      How would you include TargetOU as part of the script

      • Sitaram Pamarthi July 15, 2012, 11:45 pm

        Look at the output screen in the post. That should answer your question, Detria.

  • bradley wyatt February 22, 2012, 12:29 am

    it’s throwing me a it is throwing me a bad syntax at the filter *
    when i delete this from the script it asks me in the powershell what to filter and i cant seem to get by it. how can i make it select all

    • Sitaram Pamarthi February 22, 2012, 11:20 pm

      Bradley, please post the complete code that you modified. That helps me to comment better and accurate.

  • ken tookes February 24, 2012, 6:15 pm

    How would you add an OR statement such as $Computer.Name -like “ABC* OR -like DEF* OR GHI*”)

    • Sitaram Pamarthi February 24, 2012, 11:21 pm

      @Ken: You can do like this….

      if($Computer.Name -like “ABC*” -or $Computer.Name -like “XYZ*”) {


      }

  • ken tookes February 25, 2012, 6:53 am

    thanks much!

  • Thom McKiernan (@thommck) November 12, 2012, 10:33 pm

    This is great, just what I was looking for.
    It didn’t work for me at first but I took of the top few lines (which I didn’t understand!) and it worked.
    I’ve tweaked it so it only moves “inactive” computers.
    How could I get the table that displays on the screen to export to a CSV instead?


    # Specifies the time (in days) of the inactive computer objects
    $lastSetDate = [DateTime]::Now - [TimeSpan]::Parse("45")
    # Specifies the source OU to look in
    $SourcePath = "OU=sales,OU=Windows,DC=contoso,DC=biz"
    # Specifies the target OU to move objects to
    $TargetOU = "OU=sales,OU=WindowsXP,DC=contoso,DC=biz"

    # Finds all the inactive computers
    $Computers = Get-ADComputer -SearchBase $SourcePath -Filter {PasswordLastSet -le $lastSetdate} -ResultSetSize $null

    if(!$Computers) {
    write-host "No Computers are found in default container"
    return
    }
    foreach ($Computer in $Computers) {
    # Computer gets moved to the target OU
    if(!(Move-ADObject $Computer -TargetPath $TargetOU)) {
    $Status = "SUCCESS"
    } else {
    $Status = "FAILED"
    }
    $OutputObj = New-Object -TypeName PSobject
    $OutputObj | Add-Member -MemberType NoteProperty -Name ComputerName -Value $Computer.Name.tostring()
    $OutputObj | Add-Member -MemberType NoteProperty -Name SourcePath -Value $SourcePath
    $OutputObj | Add-Member -MemberType NoteProperty -Name DestinationPath -Value $TargetOU
    $OutputObj | Add-Member -MemberType NoteProperty -Name Status -Value $Status
    $OutputObj
    }

  • sid January 24, 2013, 2:33 am

    Hello
    How can I make the script ask me which computer I want to move each time I run the script?
    Thanks

    • Shri February 3, 2013, 7:15 pm

      Hi
      I would like to have a script to move this type

      dsmove “CN=uatXXX,OU=Computers,DC=dev,DC=Com”
      -newparent OU=Datamanagment,OU=Computers,OU=POS Devices,DC=dev,DC=Com

      Can you please help me.

  • Shri February 3, 2013, 7:15 pm

    Hi
    I would like to have a script to move this type

    dsmove “CN=uatXXX,OU=Computers,DC=dev,DC=Com”
    -newparent OU=Datamanagment,OU=Computers,OU=POS Devices,DC=dev,DC=Com

    Can you please help me.

  • johni May 6, 2017, 4:48 am

    how would i automatically join to domain and move to ou computer to right ou via sccm 2012?

    • Wintel Rocks June 27, 2017, 2:21 pm

      Johni,

      I recommend you pre-stage the computer account in the required OU and then join to the domain. That is what most people are using now a days.

Cancel reply

Leave a Comment