Here is the back end script that does all of the work. I’ve made some comments on the script in efforts to keep this post less wordy and more scripty. Again if you have any specific questions please let me know.

Set env = Createobject("Microsoft.SMS.TSEnvironment") 'Calling the TS Environment

strDescription = env("OSDComputerDescription")   'From the Front End Script
strOU = env("OSDDomainOUName")   'From the Front End Script
strManaged = env("OSDManaged")   'From the Front End Script
strComputer = env("OSDComputerName")   'From the Front End Script
strAdminUserName = env("OSDAdminUserName")   'From the Small UserName/Password Script
strAdminPassword = env("OSDAdminPassword")   'From the Small UserName/Password Script
strUser = env("OSDUserName") 'From the Front End Script


'''''''''''''''''''Set Computer Description on AD object.

strDNComputer = "CN=" & strComputer & "," & strOU

Const ADS_SECURE_AUTHENTICATION = &H0001
Const ADS_SERVER_BIND = &H0200
Set OpenAD = GetObject("LDAP:")
Set objComputer = OpenAD.OpenDSObject("LDAP://DomainController.domain.com/" & strDNComputer, strAdminUserName, strAdminPassword, ADS_SECURE_AUTHENTICATION + ADS_SERVER_BIND)

objComputer.Put "Description" , strDescription
objComputer.SetInfo

 

'''''''''''''''''''Set computer description on local computer

Const HKEY_LOCAL_MACHINE = &H80000002

strComputer = "."

Set objRegistry = GetObject ("winmgmts:\\" & strComputer & "\root\default:StdRegProv")

strKeyPath = "System\CurrentControlSet\Services\lanmanserver\parameters"
strValueName = "srvcomment"

objRegistry.SetStringValue HKEY_LOCAL_MACHINE, strKeyPath, strValueName, strDescription

 

'''''''''''''''''''Add Computer to security groups based on the managed scenario.

Const ADS_PROPERTY_APPEND = 3
If strManaged = "(LM)" Then

strGroup = "CN=isManaged,OU=Policy,DC=Domain,DC=com"

Set objGroup = OpenAD.OpenDSObject("LDAP://DomainController.domain.com/" & strGroup, strAdminUserName, strAdminPassword, ADS_USE_ENCRYPTION +  ADS_SECURE_AUTHENTICATION)

Else

strGroup = "CN=isnotManaged,OU=Policy,DC=net,DC=smith,DC=com"

Set objGroup = OpenAD.OpenDSObject("LDAP://DomainController.domain.com/" & strGroup, strAdminUserName, strAdminPassword, ADS_USE_ENCRYPTION +  ADS_SECURE_AUTHENTICATION)

End If

objGroup.PutEx ADS_PROPERTY_APPEND, "member", Array(strDNComputer)
objGroup.SetInfo

 

'''''''''''''''''''Add user and other security groups to local security groups

If strManaged = "(LM)" Then

Set oGrp = GetObject("WinNT://" & strComputer & "/Power Users")
Set oUsr = GetObject("WinNT://domain/Domain Users")
oGrp.Add(oUsr.ADsPath)

Else

Set oGrp = GetObject("WinNT://" & strComputer & "/Administrators")
Set oUsr = GetObject("WinNT://" & strUser)
Set oUsr2 = GetObject("WinNT://ADSecurityGroup")

oGrp.Add(oUsr.ADsPath)
oGrp.Add(oUsr2.ADsPath)

End IF