Important Notice: On February 29th, this community was put into read-only mode. All existing posts will remain but customers are unable to add new posts or comment on existing. Please feel to join our Community Discord for any questions and discussions.

Sync AD Computer Object "Description" field with a Domain PC's "Description" field.

In the past I've had a PowerShell script to update the PC desciption if it is forgetten during imaging/PC owner change.

We currently don't use the Description field in the Computer AD Objects but I figured it would be an easy way for the Service Desk to quickly add the description there and have a Deploy Package on a schedule consistently syncing the information. I would start it basic at first (One way sync from AD -> PC) but maybe add more logic later to make it a 2-way sync (Script checks which field was updated last and uses that as the information to match both description fields).




Date Votes
  • If the description is set in AD, it will sync into the green highlighted field below automatically as part of a sync or scan, but cannot be edited manually. The red description field can only be edited if scanning is disabled on the machine. Because of this, the 2-way sync idea wouldn't really work unless you used a custom field to sync the description from.

  • Even if this were possible, you'd have a hell of a time sorting out which field was last updated. AD doesn't store modification dates for attributes (this is why pwdLastSet is its own attribute), and even if PDQ stores property modification dates (doubtful!), you don't have access to the database.  Just have your techs run Set-ADComputer -Identity <computername> -Description <description> locally.

    All that said, this is a perfect use case for PDQ supporting ad-hoc variables for packages in Deploy and Tools in Inventory.