In the second part of a three-part series, Chris Wolf looks at how to use a script to query computer object description attributes to locate virtual machines.
In Using Active Directory to Identify and Track Virtual Machines – Part I, I covered a technique for leveraging the computer object Description attribute to differentiate between physical and virtual servers. I also explained how to use a vbscript to modify the Description attribute for a large number of computers.
In this article, I'm going to cover a method for querying Active Directory to find computer objects that match a pre-determined Description attribute prefix. For example, if you wanted to locate all virtual computers, you would need to find all computers whose Description attribute started with "V." To find all Xen-based virtual machines, the query would have to look for computers whose Description attribute started with "Vxen."
While in my last article I explained how to use Active Directory Users and Computers to perform computer object searches, sometimes you may find that you want the output stored in a text file for integration with other management tools or for long term record keeping. With that in mind, the script QueryDescription.vbs, available from my site as a text download, can be used to return a list of computers whose Description attribute starts with a pre-determined string.
To use the script in your environment, there are three variables that you will need to edit:
- strPrefix
- strDomainTarget
- strLogFile
strPrefix identifies the Description attribute prefix to include in the search. For example, setting strPrefix to "V" will return a list of all VMs. If strPrefix was set to "Ps," a list of all physical servers would be returned.
strDomainTarget is used to specify the distinguished name of the domain that you wish to query, and should be set to match your domain name. So if you managed the searchservervirtualization.com domain, strDomainTarget would need to be set to "dc=searchservervirtualization,dc=com." Note that you could also limit the scope of the connection to a single OU by adding to the distinguished name. For example, to connect to the "Web" OU in the TechTarget.net domain, strDomainTarget would need to be set to "ou=web,dc=techtarget,dc=net."
The last variable that may require modification is strLogFile. strLogFile identifies the location of where the script's output log file will be stored. By default, it is set to save to the root directory of the C drive. Here is a sample of what the resultant log file will display:
The following computers have the vesx Description Prefix:
Computer Name
=============
FS1
FS2
Hernandez
Maine
web1
web2
web3
As you can see, tracking virtual machine objects in Active Directory isn't as hard as it looks. Using scripts to modify the Description attribute to identify computers as specific VM types or as physical systems can allow you to quickly put a system in place to more easily track VMs across your enterprise. Once all existing physical and virtual computer objects are set with the appropriate prefix in their description attribute, you will need to ensure that all new computers added to the domain have the correct Description attribute prefix as well (Vesx, Vvi, Vms, etc.). You organization's deployment and change control processes will likely need to be updated to ensure that this occurs.
In the last part of this article series, I explore methods for customizing Active Directory in order to make use of custom virtual machine attributes. If making use of the existing Description attribute is not for you, then hopefully the solution documented in the next article will provide just what you need.
About the author: Chris Wolf is a Microsoft MVP for Windows Server – File System/Storage and is a MCSE, MCT, and CCNA. He's a Senior Analyst for Burton Group who specializes in the areas of virtualization solutions, high availability, enterprise storage, and network infrastructure management.
