You want to bind to the default container that new computers objects are created in.
126.96.36.199 Using a graphical user interface
188.8.131.52 Using a command-line interface
With tools like netdom, if there is an option to only specify the name of the computer, and not its DN or parent container, the default computers container is typically used.
184.108.40.206 Using VBScript
' This code illustrates how to bind to the default computers container. ' ------ SCRIPT CONFIGURATION ------ strDomain = "<DomainDNSName>" ' e.g. apac.rallencorp.com ' ------ END CONFIGURATION --------- ' Computer GUID as defined in ntdsapi.h Const ADS_GUID_COMPUTRS_CONTAINER = "aa312825768811d1aded00c04fd8d5cd" set objRootDSE = GetObject("LDAP://" & strDomain & "/RootDSE") set objCompContainer = GetObject("LDAP://<WKGU," & _ objRootDSE.Get("defaultNamingContext") & ">" ) WScript.Echo objCompContainer.Get("distinguishedName")
There are several important objects within each Active Directory domain that need to be "rename safe." By that I mean you should be able to rename the object and not impact other applications that may depend on it. It is for this reason that Microsoft created WKGUID binding. WKGUID allows you to use a well-known GUID to bind with instead of a distinguished name.
For example, the default computers container has the following WKGUID:
You can use the GUID to bind to the default computers container in the domain using the following ADsPath:
The list of well-known objects for a domain is contained in the wellKnownObjects attribute of the domainDNS object for the domain. The wellKnownObjects attribute is multivalued with DNWithBinary syntax. The following is an example of what that attribute looks like for the rallencorp.com domain:
B:32:AA312825768811D1ADED00C04FD8D5CD:CN=Computers,DC=rallencorp,DC=com; B:32: F4BE92A4C777485E878E9421D53087DB:CN=Microsoft,CN=Program Data,DC=rallencorp,DC=com; B:32:09460C08AE1E4A4EA0F64AEE7DAA1E5A:CN=Program Data,DC=rallencorp,DC=com; B:32: 22B70C67D56E4EFB91E9300FCA3DC1AA:CN=ForeignSecurityPrincipals,DC=rallencorp,DC=com; B:32:18E2EA80684F11D2B9AA00C04F79F805:CN=Deleted Objects,DC=rallencorp,DC=com; B:32: 2FBAC1870ADE11D297C400C04FD8D5CD:CN=Infrastructure,DC=rallencorp,DC=com; B:32: AB8153B7768811D1ADED00C04FD8D5CD:CN=LostAndFound,DC=rallencorp,DC=com; B:32: AB1D30F3768811D1ADED00C04FD8D5CD:CN=System,DC=rallencorp,DC=com; B:32: A361B2FFFFD211D1AA4B00C04FD7D83A:OU=Domain Controllers,DC=rallencorp,DC=com; B:32: A9D1CA15768811D1ADED00C04FD8D5CD:CN=Users,DC=rallencorp,DC=com;
Each value has the format of:
As you can see, the GUID for the first value is the same as the one we used in the ADsPath above to bind to the default computers container.
8.11.4 See Also
Recipe 8.12 for changing the default computers container and MSDN: Binding to Well-Known Objects Using WKGUID