PoSh

Create Collections in ConfigMgr 2012 with Powershell

andrewdcraig1 Comment

Not got time to write the usual three-page idiosyncratic blurb, here’s a script which will create four different collections for a pre-existing Application and move the collections to specific Folders (As usual the word wrap has probably screwed it up a little so i have attached the script as ps1 as well here):

Function CreateCollection($collName,$limitingColl,$container,$ud_Scope){

$collInstance = ([wmiclass]”\\server\root\sms\site_001:sms_collection”).CreateInstance()

$collInstance.Name = $collName

$collInstance.LimitToCollectionID = $limitingColl

if($ud_Scope -eq “device”){

$collInstance.CollectionType = 2

}elseif($ud_Scope -eq “user”){

$collInstance.CollectionType = 1

}

if(gwmi -ComputerName server -Namespace root\sms\site_001 -Class sms_collection | ?{$_.Name -eq $collName}){

“Collection $collName already exists”

}else{

$collInstance.Put()

$collInstance.Get()

$containerItemInstance = ([wmiclass]”\\server\root\sms\site_001:sms_objectcontaineritem”).CreateInstance()

$containerItemInstance.ContainerNodeID = $container

$containerItemInstance.InstanceKey = $collInstance.CollectionID

if($ud_Scope -eq “device”){

$containerItemInstance.ObjectType = 5000

$containerItemInstance.ObjectTypeName = ‘SMS_Collection_Device’

}elseif($ud_Scope -eq “user”){

$containerItemInstance.ObjectType = 5001

$containerItemInstance.ObjectTypeName = ‘SMS_Collection_User’

}

$containerItemInstance.SourceSite = ‘001’

$containerItemInstance.Put()

}

}

$scope = Read-Host -Prompt “Enter Scope ID (DEV,INT,PRD)”

gwmi -ComputerName server -Namespace root\sms\site_001 -Class sms_objectcontainernode | ?{$_.Name -eq ‘Software Distribution’} | %{

$parentContainerID = $_.parentContainerNodeID

if(gwmi -ComputerName server -Namespace root\sms\site_001 -Class sms_objectcontainernode | ?{$_.ContainerNodeID -eq $parentContainerID -and $_.Name -eq $scope}){

gwmi -ComputerName server -Namespace root\sms\site_001 -Class sms_objectcontainernode | ?{$_.Name -eq ‘Software Distribution’ -and $_.parentContainerNodeID -eq $parentContainerID -and $_.ObjectTypeName -eq “SMS_Collection_Device”} | %{

$parentContainerID = $_.ContainerNodeID

gwmi -ComputerName server -Namespace root\sms\site_001 -Class sms_objectcontainernode | ?{$_.Name -eq ‘Software Requests’ -and $_.parentContainerNodeID -eq $parentContainerID -and $_.ObjectTypeName -eq “SMS_Collection_Device”} | %{

$devContainerID = $_.ContainerNodeID

}

}

gwmi -ComputerName server -Namespace root\sms\site_001 -Class sms_objectcontainernode | ?{$_.Name -eq ‘Software Distribution’ -and $_.parentContainerNodeID -eq $parentContainerID -and $_.ObjectTypeName -eq “SMS_Collection_User”} | %{

$parentContainerID = $_.ContainerNodeID

gwmi -ComputerName server -Namespace root\sms\site_001 -Class sms_objectcontainernode | ?{$_.Name -eq ‘Software Requests’ -and $_.parentContainerNodeID -eq $parentContainerID -and $_.ObjectTypeName -eq “SMS_Collection_User”} | %{

$usrContainerID = $_.ContainerNodeID

}

}

}

}

$devLimitingCollID = (gwmi -ComputerName server -Namespace root\sms\site_001 -Class sms_collection | ?{$_.Name -eq “Root-$scope”} | Select CollectionID).CollectionID

$usrLimitingCollID = “SMS00002”

 

gwmi -ComputerName server -Namespace root\sms\site_001 -Class sms_applicationlatest | ?{$_.SecuredScopeNames -contains $scope -and $_.LocalizedDisplayName -eq ‘OracleClient’} | select LocalizedDisplayName | %{

$appName = $_.LocalizedDisplayName

$collectionName = “$appName – Install Device”

CreateCollection $collectionName $devLimitingCollID $devContainerID “device”

$collectionName = “$appName – Uninstall Device”

CreateCollection $collectionName $devLimitingCollID $devContainerID “device”

$collectionName = “$appName – Install User”

CreateCollection $collectionName $usrLimitingCollID $usrContainerID “user”

$collectionName = “$appName – Uninstall User”

CreateCollection $collectionName $usrLimitingCollID $usrContainerID “user”

}

Advertisement

Adding Roles and Features in SCCM Task Sequence

andrewdcraig7 Comments

Should be simple. And I have done it before and it was, dead simple. This post kinda overlaps with running powershell scripts, batch files, and command lines from Task Sequence, and the example here is Roles and Features.

Sticking with deploying Server 2008 R2 for simplicity, I want to add Roles and Features after the OS is installed: .NET Framework, and RDS, for XenApp Servers.

Previously, you could use ServerManagerCmd.exe for this, so when deploying 2008 or earlier then you need to modify accordingly. ServerManagerCmd is deprecated in R2 so you need to use Powershell, and the servermanager module.

First thing is to set the exec policy: i use a command-line step in the Task Sequence:

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -noprofile -command “&{Set-ExecutionPolicy Unrestricted -Force}”

But you can also use a command line with Reg:

reg add HKLM\Software\Microsoft\Powershell\1\ShellIds\Microsoft.Powershell /v ExecutionPolicy /t REG_SZ /d Unrestricted /f

Of course you need to run from command line for the posh variant because you can’t use a powershell script to set the execution policy when the policy already restricts scripts from running – a chicken and egg analogy. Incidentally, the egg came first. A reptile egg presumably, but it hatched into a genetic mutation which in turn laid a mutant egg and this process eventually led to to the chicken being hatched from a non-chicken egg. So perhaps the chicken did come first then if you mean which came first, chicken or chicken’s egg? Otherwise it’s egg. Maybe better to think how you might get your car keys out of your locked car. That’s a simpler conundrum.

Anyway, onward. Another command-line:

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -noprofile -command “&{Import-Module -Name C:\Windows\System32\WindowsPowerShell\v1.0\Modules\ServerManager\servermanager.psd1;Add-WindowsFeature AS-NET-Framework -includeAllSubFeature}”

The option with this last command-line is that you can put it in a script with a whole host of other post install tasks or changes, package it and call from the task sequence. Obviously your script only needs the part in the “{}”. Interestingly I was getting errors last time with paths, hence the full paths to the exe and psd1, but it does work without these so long as working dir etc is correct.

So that’s a pretty easy way to install a role or feature. But you could also use the MDT integration with SCCM to create a MDT Task Sequence.

For MDT you need to configure the MDT integration, and create an MDT Tools Package: when you create a new MDT TS you can create the Tools package in the wizard.

Be careful though, for some reason if you use a standard SCCM TS and add MDT steps they don’t always work. It’s easier to create a whole MDT TS and modify it accordingly, particularly for Roles and Features. For installing Language Packs, you can use a standard SCCM TS and add the Use MDT Toolkit step, then Language Pack Offline step and it works fine. Not so with Roles/Features. Funny.

Err on the side of caution I say, create the MDT TS and remove the extraneous steps and groups. It’ll save you time. Time enough to figure out how to get your keys…

Configure ConfigMgr Pre-Reqs with Powershell – Update 2012

andrewdcraig4 Comments

No WebDav…. The following script will set up all the neccessary roles and features for a SCCM 2012 Site Server:

# add Windows Features Required for SCCM Site Server
# add Server Manager CMDLETS
Import-Module servermanager

# add Windows Features Required for SCCM Site Server
Add-WindowsFeature WAS-Process-Model
Add-WindowsFeature WAS-Config-APIs
Add-WindowsFeature WAS-Net-Environment
Add-WindowsFeature Web-Server
Add-WindowsFeature Web-ISAPI-Ext
Add-WindowsFeature Web-ISAPI-Filter
Add-WindowsFeature Web-Net-Ext
Add-WindowsFeature Web-ASP-Net
Add-WindowsFeature Web-ASP
Add-WindowsFeature Web-Windows-Auth
Add-WindowsFeature Web-Basic-Auth
Add-WindowsFeature Web-URL-Auth
Add-WindowsFeature Web-IP-Security
Add-WindowsFeature Web-Scripting-Tools
Add-WindowsFeature Web-Mgmt-Service
Add-WindowsFeature Web-Lgcy-Scripting
Add-WindowsFeature Web-Lgcy-Mgmt-Console
Add-WindowsFeature Web-Stat-Compression
Add-WindowsFeature Web-Metabase
Add-WindowsFeature Web-WMI
Add-WindowsFeature Web-HTTP-Redirect
Add-WindowsFeature Web-Log-Libraries
Add-WindowsFeature Web-HTTP-Tracing
Add-WindowsFeature BITS-IIS-Ext
Add-WindowsFeature Net-Framework-Core
Add-WindowsFeature RDC

SCCM Add Computer Associations with Powershell – Download Executable

andrewdcraigLeave a comment

Ok, here is an exe version of this tool. The code inside is also a bit tidier.
Download the zip file from here:
https://sites.google.com/site/andrewcraigsccm/ACATSV409.zip

Extract and copy the files to a location of choice but make a note of where.
Run the exe from a powershell or command window, or create a shortcut. You must use the following command line syntax:

powershell.exe [pathToExecutable] -Arguments -ConfigFile [pathToXML]
For Example:
powershell.exe F:\scripts\sccm\ACATSV409.exe -Arguments -ConfigFile “F:\scripts\SCCM”

When run from a powershell window of course you don’t need powershell.exe at the front.
At first run you will get a message to insert site provider (fqdn of sccm site server) and then site code (xxx).

That’s it, have fun. The IP Address and Firmware functions on the front page just set Machine Variables – in order to use these you need to create Task Sequences with Conditions.