top of page

PowerShell Set-ADComputer

Best Practices for Indicating Server Ownership in Active Directory

In today's complex IT environments, keeping track of server ownership is critical for efficient management and accountability. One effective way to achieve this is by setting the owner name in the description of computer objects within Active Directory (AD). This practice enhances visibility and helps administrators quickly identify the responsible parties for each server.

Why Set Owner Names in Descriptions?

  1. Accountability: Clearly defined ownership ensures that each server has an assigned administrator or team responsible for its maintenance and security.

  2. Efficiency: Simplifies the process of identifying who to contact for specific issues or updates related to a server.

  3. Documentation: Enhances organizational documentation by embedding ownership details directly within AD.

User workong Set-ADcomputer

Best Practices

  1. Consistent Naming Convention: Develop a standardized format for descriptions to ensure uniformity.

    1. For example, use "Owner: John Doe" or "Admin: IT Team".

  2. Automation: Utilize scripts to automate the process of setting descriptions, reducing manual effort and minimizing errors.

  3. Regular Audits: Periodically review and update the descriptions to ensure they reflect the current ownership accurately.

  4. Security: Limit the ability to modify descriptions to authorized personnel only, maintaining the integrity of the information.

​

PowerShell Script for Automating Description Updates

Using PowerShell, administrators can easily automate the process of setting or updating the description of computer objects. Here’s a sample script to help you get started:

# Import CSV file with server names and owner details
$servers = Import-Csv -Path "C:\path\to\servers.csv"

# Loop through each entry in the CSV file
foreach ($server in $servers) {
    try {
        # Construct the description with owner details
        $description = "Owner: $($server.OwnerName)"

        # Update the computer object's description in AD
        Set-ADComputer -Identity $server.ComputerName -Description $description
        Write-Host "Successfully updated description for: $($server.ComputerName)"
    } catch {
        Write-Error "Failed to update description for: $($server.ComputerName). Error: $_"
    }
}
 

More Extensive Script with Backup

#=================================================================
# I Suggest doing a full backup of all the changes you plan to update or change.
# Use the Snippet Below to pull AD and Export to CSV
# Review output then proceed to next script.
# Note: This does not append this will overwrite the current description if any. 
#==================================================================

​

#=========================================================

# Part 1 - Query AD current desciption and export to CSV (Server, Owner)

#=========================================================

#Get Computer Input From CSV File, Columns Server,Owner
$Computer_input = Import-csv 'C:\temp\Computer Descript Update\Comp_Update-Test.csv'

#Da Loop
Foreach($Comp in $Computer_input){

    Try{
          #Always Backup Current Data In AD Before Replacing or Updating Field/s 
          Get-ADComputer $Comp.Server -Properties * -ErrorAction Continue | Select Name, Description   | Export-csv C:\temp\Old_Descrption-Files.csv -Append -NoTypeInformation
        }Catch{            
          #If Computer Name Not Found in AD Export to File 
          $Comp | Select -ExpandProperty Server | Out-File C:\temp\Not-Found-in-AD.txt -Append}

}

​

​

#=========================================================
# Part 2 - Note: I suggest doing a test group first and review results. 

# CSV Headers: Server, Owner
#=========================================================

#Get Computer Input From CSV File, Columns Server,Owner

$Computer_input = Import-csv 'C:\temp\Computer Descript Update\Comp_Update-Test.csv'

#Da Loop
Foreach($Comp1 in $Computer_input){

    Try{
            #Update Computer Description Field with System Owner
            Set-ADComputer -Identity $Comp1.Server -ErrorAction Continue -Description $Comp1.Owner
                  
        }Catch{            
            #If Fails Export to File 
            $Comp | Select -ExpandProperty Server | Out-File C:\temp\Update-Error.txt -Append
        }
}

#Da Loop
Foreach($Comp2 in $Computer_input){
    #Loop Back Through to Check on Update.  
    Get-ADComputer $Comp2.Server -Properties * -ErrorAction Continue | Select Name, Description
}

bottom of page