Syntax for Defining AD sub-OUs in Powershell (original) (raw)

Hello all. I am very new to PowerShell and I am trying to create a script that:

prompts a user for a PC name
Searches for this PC’s OU
If the PC is in a certain OU, moves it to another specific OU

So far I have created two variables called SourceOUandSourceOU and SourceOUandTargetOU.
$SourceOU contains the OU where PCs are placed by default. TargetOUcontainstheOUwhereIwouldliketomovethePCto,ifthepcislocatedinTargetOU contains the OU where I would like to move the PC to, if the pc is located in TargetOUcontainstheOUwhereIwouldliketomovethePCto,ifthepcislocatedinSourceOU.

I wondering how I would format the syntax for an OU with several sub-OUs
For example, a default OU contain a PC would have this path
ntds://test.com/Deployments/Texas/Austin

Would I format the variable definition like this:

$SourceOU = "OU=Deployments, OU=Texas, OU=Austin, DC=albmolecular, DC=com"

Thank you.

If you do a Get-ADComputer computername and take a look at the distinguished name that will give you the format. Just remove the CN=Compuername, off the front of it. You work from the bottom up, so the left most OU in the string is the deepest level. Another way to think of it is work backwards from the top of the tree/right side of string, and each level is one lower as you move left.

Based on your SourceOU, your tree would have to be this (which seems backwards in the middle)

albmolecular com
—Austin
------Texas
---------Deployments

fallen-it (FallenIT) May 26, 2025, 6:30pm 3

This should help.
You can remove the hardcoded stuff and use $TargetOURead-Host "Target OU"

Otherwise this should do it for you

# Set your source and target OUs
$SourceOU = "OU=Austin,OU=Texas,OU=Deployments,DC=albmolecular,DC=com"
$TargetOU = "OU=Workstations,OU=Texas,OU=Deployments,DC=albmolecular,DC=com"

# Prompt for the PC name
$PCName = Read-Host "Enter the computer name"

# Get the computer object <span class="katex"><span class="katex-mathml"><math xmlns="http://www.w3.org/1998/Math/MathML"><semantics><mrow><mi>C</mi><mi>o</mi><mi>m</mi><mi>p</mi><mi>u</mi><mi>t</mi><mi>e</mi><mi>r</mi><mo>=</mo><mi>G</mi><mi>e</mi><mi>t</mi><mo>−</mo><mi>A</mi><mi>D</mi><mi>C</mi><mi>o</mi><mi>m</mi><mi>p</mi><mi>u</mi><mi>t</mi><mi>e</mi><mi>r</mi><mo>−</mo><mi>I</mi><mi>d</mi><mi>e</mi><mi>n</mi><mi>t</mi><mi>i</mi><mi>t</mi><mi>y</mi></mrow><annotation encoding="application/x-tex">Computer = Get-ADComputer -Identity </annotation></semantics></math></span><span class="katex-html" aria-hidden="true"><span class="base"><span class="strut" style="height:0.8778em;vertical-align:-0.1944em;"></span><span class="mord mathnormal" style="margin-right:0.07153em;">C</span><span class="mord mathnormal">o</span><span class="mord mathnormal">m</span><span class="mord mathnormal">p</span><span class="mord mathnormal">u</span><span class="mord mathnormal">t</span><span class="mord mathnormal" style="margin-right:0.02778em;">er</span><span class="mspace" style="margin-right:0.2778em;"></span><span class="mrel">=</span><span class="mspace" style="margin-right:0.2778em;"></span></span><span class="base"><span class="strut" style="height:0.7667em;vertical-align:-0.0833em;"></span><span class="mord mathnormal">G</span><span class="mord mathnormal">e</span><span class="mord mathnormal">t</span><span class="mspace" style="margin-right:0.2222em;"></span><span class="mbin">−</span><span class="mspace" style="margin-right:0.2222em;"></span></span><span class="base"><span class="strut" style="height:0.8778em;vertical-align:-0.1944em;"></span><span class="mord mathnormal">A</span><span class="mord mathnormal" style="margin-right:0.02778em;">D</span><span class="mord mathnormal" style="margin-right:0.07153em;">C</span><span class="mord mathnormal">o</span><span class="mord mathnormal">m</span><span class="mord mathnormal">p</span><span class="mord mathnormal">u</span><span class="mord mathnormal">t</span><span class="mord mathnormal" style="margin-right:0.02778em;">er</span><span class="mspace" style="margin-right:0.2222em;"></span><span class="mbin">−</span><span class="mspace" style="margin-right:0.2222em;"></span></span><span class="base"><span class="strut" style="height:0.8889em;vertical-align:-0.1944em;"></span><span class="mord mathnormal" style="margin-right:0.07847em;">I</span><span class="mord mathnormal">d</span><span class="mord mathnormal">e</span><span class="mord mathnormal">n</span><span class="mord mathnormal">t</span><span class="mord mathnormal">i</span><span class="mord mathnormal">t</span><span class="mord mathnormal" style="margin-right:0.03588em;">y</span></span></span></span>PCName

if ($null -eq $Computer) {
    Write-Host "Computer '$PCName' not found in Active Directory." -ForegroundColor Red
    exit
}

# Get the computer's OU (DistinguishedName minus the CN) <span class="katex"><span class="katex-mathml"><math xmlns="http://www.w3.org/1998/Math/MathML"><semantics><mrow><mi>C</mi><mi>u</mi><mi>r</mi><mi>r</mi><mi>e</mi><mi>n</mi><mi>t</mi><mi>O</mi><mi>U</mi><mo>=</mo><mo stretchy="false">(</mo></mrow><annotation encoding="application/x-tex">CurrentOU = (</annotation></semantics></math></span><span class="katex-html" aria-hidden="true"><span class="base"><span class="strut" style="height:0.6833em;"></span><span class="mord mathnormal" style="margin-right:0.07153em;">C</span><span class="mord mathnormal">u</span><span class="mord mathnormal">rre</span><span class="mord mathnormal">n</span><span class="mord mathnormal" style="margin-right:0.02778em;">tO</span><span class="mord mathnormal" style="margin-right:0.10903em;">U</span><span class="mspace" style="margin-right:0.2778em;"></span><span class="mrel">=</span><span class="mspace" style="margin-right:0.2778em;"></span></span><span class="base"><span class="strut" style="height:1em;vertical-align:-0.25em;"></span><span class="mopen">(</span></span></span></span>Computer.DistinguishedName -replace '^CN=[^,]+,', '')

Write-Host "Current OU: $CurrentOU"

if ($CurrentOU -ieq $SourceOU) {
    # Move the computer to the target OU
    Move-ADObject -Identity <span class="katex"><span class="katex-mathml"><math xmlns="http://www.w3.org/1998/Math/MathML"><semantics><mrow><mi>C</mi><mi>o</mi><mi>m</mi><mi>p</mi><mi>u</mi><mi>t</mi><mi>e</mi><mi>r</mi><mi mathvariant="normal">.</mi><mi>D</mi><mi>i</mi><mi>s</mi><mi>t</mi><mi>i</mi><mi>n</mi><mi>g</mi><mi>u</mi><mi>i</mi><mi>s</mi><mi>h</mi><mi>e</mi><mi>d</mi><mi>N</mi><mi>a</mi><mi>m</mi><mi>e</mi><mo>−</mo><mi>T</mi><mi>a</mi><mi>r</mi><mi>g</mi><mi>e</mi><mi>t</mi><mi>P</mi><mi>a</mi><mi>t</mi><mi>h</mi></mrow><annotation encoding="application/x-tex">Computer.DistinguishedName -TargetPath </annotation></semantics></math></span><span class="katex-html" aria-hidden="true"><span class="base"><span class="strut" style="height:0.8889em;vertical-align:-0.1944em;"></span><span class="mord mathnormal" style="margin-right:0.07153em;">C</span><span class="mord mathnormal">o</span><span class="mord mathnormal">m</span><span class="mord mathnormal">p</span><span class="mord mathnormal">u</span><span class="mord mathnormal">t</span><span class="mord mathnormal" style="margin-right:0.02778em;">er</span><span class="mord">.</span><span class="mord mathnormal" style="margin-right:0.02778em;">D</span><span class="mord mathnormal">i</span><span class="mord mathnormal">s</span><span class="mord mathnormal">t</span><span class="mord mathnormal">in</span><span class="mord mathnormal">gu</span><span class="mord mathnormal">i</span><span class="mord mathnormal">s</span><span class="mord mathnormal">h</span><span class="mord mathnormal">e</span><span class="mord mathnormal">d</span><span class="mord mathnormal" style="margin-right:0.10903em;">N</span><span class="mord mathnormal">am</span><span class="mord mathnormal">e</span><span class="mspace" style="margin-right:0.2222em;"></span><span class="mbin">−</span><span class="mspace" style="margin-right:0.2222em;"></span></span><span class="base"><span class="strut" style="height:0.8889em;vertical-align:-0.1944em;"></span><span class="mord mathnormal" style="margin-right:0.13889em;">T</span><span class="mord mathnormal">a</span><span class="mord mathnormal" style="margin-right:0.02778em;">r</span><span class="mord mathnormal" style="margin-right:0.03588em;">g</span><span class="mord mathnormal">e</span><span class="mord mathnormal" style="margin-right:0.13889em;">tP</span><span class="mord mathnormal">a</span><span class="mord mathnormal">t</span><span class="mord mathnormal">h</span></span></span></span>TargetOU
    Write-Host "Computer '$PCName' moved to $TargetOU." -ForegroundColor Green
} else {
    Write-Host "Computer '$PCName' is not in the source OU ($SourceOU). No action taken." -ForegroundColor Yellow
}

Note that Move-AdObject may fail if deletion protection is enabled

fallen-it (FallenIT) May 27, 2025, 1:12pm 5

Good catch.
I usually add a -Force to the end of everything I do.
Kind of a #YOLO mode lol.

Even -Force doesn’t handle it. You have to code in disabling it.

fallen-it (FallenIT) May 27, 2025, 1:36pm 7

I meant, in anything I do. I generally add -Force.