zakird / pyad

Python Active Directory Tools | *Not actively maintained*
http://zakird.github.io/pyad/
176 stars 72 forks source link

Computer creation issue(s) #100

Closed bapthbrt closed 5 years ago

bapthbrt commented 5 years ago

There is an issue when you try to create a computer object in Active Directory domain. It came to me when I tried to find the object I just create with dsa console. I was not able to find it unless I go in the OU container to find it manually. Then, the join domain operation failed on my server saying that there were no target object in the domain.

So, I looked closely in the object property and it seemed that the object was declared as computer but had the properties of a user (default group "Domain users" or SAMAccountType "805306368").

I finally found a technet article and this blog page explaining the issue and how to solve it. It is basically by design as a computer object is a derivation of a user object. To create correctly a computer object, you need to set the UserAccountControl property of the object with the correct value for a computer (it is by default for a user).

bliu199 commented 5 years ago

Hi Bapthbrt,

Can you share the codes for how to update that property of the object please. Many thanks. I try to do it without a success.

dn="ou=org,ou=Services,dc=mydomain,dc=com" ou = pyad.adcontainer.ADContainer.from_dn(dn) computer=ou.create_computer("test2")

computer.set_user_account_control_setting('WORKSTATION_TRUST_ACCOUNT',True) Traceback (most recent call last): File "", line 1, in File "C:\ProgramData\Anaconda3\lib\site-packages\pyad\adobject.py", line 380, in set_user_account_control_setting self.update_attribute('userAccountControl',nv) File "C:\ProgramData\Anaconda3\lib\site-packages\pyad\adobject.py", line 321, in update_attribute self._flush() File "C:\ProgramData\Anaconda3\lib\site-packages\pyad\adobject.py", line 206, in _flush return self._ldap_adsi_obj.SetInfo() File "<COMObject >", line 2, in SetInfo pywintypes.com_error: (-2147352567, 'Exception occurred.', (0, 'Active Directory ', 'A device attached to the system is not functioning.\r\n', None, 0, -21470248 65), None)

bliu199 commented 5 years ago

It works after "adcontainer.py" is tuned in the function "create_computer".

bapthbrt commented 5 years ago

It works after "adcontainer.py" is tuned in the function "create_computer".

I'm sorry, I didn't get that. Could you please explain?

bapthbrt commented 5 years ago

dn="ou=org,ou=Services,dc=mydomain,dc=com" ou = pyad.adcontainer.ADContainer.from_dn(dn) computer=ou.create_computer("test2")

More like that: dn="ou=org,ou=Services,dc=mydomain,dc=com" ou = pyad.adcontainer.ADContainer.from_dn(dn) computer=ADComputer.create("test2", ou)

ADComputer is inherited from ADContainer