- 
				Posts17
- 
				Joined
- 
				Last visited
Everything posted by Maestro
- 
	Hello, comrades! I've created the report "Products from .exe files"- and it's working in a strange way. I.e. I'm looking for SW product '222'. OK, I find it on computers "aaa", "bbb", 'ccc'. Particulary, i find this file at '\\bbb\d$\install\222'. But on computer 'bbb' drive D have been changed a month ago and there the directory 'd:\Install' not exists at all. Is there a chance that "Software Inventory" are put to some kind of cache? Any ways do drop the cache? Thank you in advance! ---------------------------------------------- Script looks like this: ------------------------------------------------- SELECT DISTINCT SYS.Netbios_Name0, RIGHT(v_GS_SYSTEM_CONSOLE_USAGE.TopConsoleUser0, LEN(v_GS_SYSTEM_CONSOLE_USAGE.TopConsoleUser0) - 9) AS PrimaryUser, SP.CompanyName, SP.ProductName, MAX(SP.ProductVersion) AS ProductVersion, v_GS_NETWORK_ADAPTER_CONFIGURATION.IPAddress0 AS IPAddress, v_GS_SoftwareFile.FileName, v_GS_SoftwareFile.FileDescription, v_GS_SoftwareFile.FilePath, v_GS_LastSoftwareScan.LastScanDate FROM v_GS_SoftwareProduct AS SP INNER JOIN v_R_System AS SYS ON SP.ResourceID = SYS.ResourceID LEFT OUTER JOIN v_GS_SYSTEM_CONSOLE_USAGE ON SYS.ResourceID = v_GS_SYSTEM_CONSOLE_USAGE.ResourceID INNER JOIN v_GS_COMPUTER_SYSTEM ON v_GS_COMPUTER_SYSTEM.ResourceID = SYS.ResourceID INNER JOIN v_FullCollectionMembership AS fcm ON fcm.ResourceID = SYS.ResourceID INNER JOIN v_Collection AS Coll ON Coll.CollectionID = fcm.CollectionID AND Coll.Name = 'All Workstations' INNER JOIN v_GS_NETWORK_ADAPTER_CONFIGURATION ON SYS.ResourceID = v_GS_NETWORK_ADAPTER_CONFIGURATION.ResourceID INNER JOIN v_GS_SoftwareFile ON SP.ProductID = v_GS_SoftwareFile.ProductId INNER JOIN v_GS_LastSoftwareScan ON SYS.ResourceID = v_GS_LastSoftwareScan.ResourceID WHERE (SP.CompanyName LIKE '%222%') AND (v_GS_NETWORK_ADAPTER_CONFIGURATION.IPAddress0 IS NOT NULL) GROUP BY SYS.Netbios_Name0, RIGHT(v_GS_SYSTEM_CONSOLE_USAGE.TopConsoleUser0, LEN(v_GS_SYSTEM_CONSOLE_USAGE.TopConsoleUser0) - 9), SP.CompanyName, SP.ProductName, v_GS_NETWORK_ADAPTER_CONFIGURATION.IPAddress0, v_GS_SoftwareFile.FileName, v_GS_SoftwareFile.FileDescription, v_GS_SoftwareFile.FilePath, v_GS_LastSoftwareScan.LastScanDate
- 
	Hello, Garth, thank you for your answer! First of all I want to thank you for many of your articles! They were very useful for me when I was only entering SCCM space! Yes, I know your opinion that SI is mostly useless in SCCM. But I've very carefully examined the whole chain of logs. On the client side it took near 8K seconds to generate the log and file has been transferred to Server (1 server, 1 MP). On server side file has been received, processed and sent to DB with no errors. And as I said before, this bug is detected only on several devices. And the bug disappeared (at least on one device) after OS reinstall.
- 
	Hello! Win 10 on devices, SCCM version is 1810, SCCM clients on devices are actual version. I've used the SCCM SI to find devices with the certain .EXE files in order to delete these files. Something like "c:\Somestuff\111.exe", "c:\Install\Somestuff\111.exe" OK, ~40 devices were found, files (and folders containing them) were deleted and I run the report again. Surprisingly, ~10 devices still showed that these folders and files are exist (let's call them "bad"). For quick check I've wrote the SQL query (it's working fine for "bad" and "good" devices) and started experiments. 1. First of all I've checked that the whole Software Inventory "chain" works OK on both Client and Server sides. It does!. No errors in logs, no bad files in sccm_Inbox. 2. Tried to run Full SI instead of Delta (you know, deleting this 00000000-0000-0000-0000-000000000002 class and rerun). 3. Tried to re-install SCCM client with complete uninstall and deleting all Windows\CCM folders (and reboot after every action). 4. Tried uninstall SCCM Client, remove device from console (SQL query showed zero results), add device back to SCCM, install the client (and reboot after every action). 5. Step 4 with checking WMI classes (and reboot after every action)... -------- Well, after all the efforts the SQL query still shows me these damned, non-existing "c:\Somestuff\111.exe", "c:\Install\Somestuff\111.exe"!! The only one way I've succeeded was the reinstall of Windows on one of "bad" device. After that these obsolete files disappeared from DB and all other .exe were listed correct. I'm sure for 101% that the problem is hidden somewhere in Windows. Does anyone have an idea where the information "is stuck" in OS and what can I try to get rid of it without reinstall of Windows? Thank you for your time and ideas. Sincerely, Maestro PS. And moreover! I don't see neither these folders nor files in Resource Explorer! I'm completely stuck here...
- 
	Hello everyone! I have a few ready-to-deploy OS Task Sequences. They were tested and successfully deployed via SCCM (v.1606) already. And now I have the task to prepare these "OSD-TS"s for installation from USB drive. So the question is: do I have to create new TS, pointing the output to stand-alone media (the very beginning of "New TS Media" Wizard) or there is more quick way like just copy existing TS and "redirect" it's output to stand-alone media? Maybe some kind of PS script can help me? Thank you in advance.
- 
	
		- task sequence
- osd
- 
					(and 1 more) 
					Tagged with: 
 
 
- 
	I've found this old post when I run in the same trouble. "Damn, why they don't work? What I did in wrong way?!" Found the answer here: https://technet.microsoft.com/en-us/library/hh219289.aspx : " If the configuration baseline is deployed to a computer, it is evaluated for compliance within two hours of the start time that you schedule. If it is deployed to a user, it is evaluated for compliance when the user logs on." Maybe this will help to somebody.
- 
	Hello everyone! Some years ago I was looking for a script to create collections in SCCM based on AD OUs. I've found some of them, but they seemed a bit complex and incomprehensible to me. So I've wrote my own rather simple script, added a few options that I think would be in hand for SCCM admin and added a lot of comments to make the script easy to understand and modify. So I present it to your judge. Any comments and suggestions are appreciated. <# Crafted by Maestro, 17/03/2017 The purposes of this script: 1. Create device collections in SCCM based on AD. Assign Canonical name of OU to collection and OU GUID to collection description. I use OU GUID for my further needs, so you can omit this. In addition, I think that Canonical name is the best variant to use in SCCM but you can pick simple Name or Distinguished Name - it is up to you 2. Define the Refresh Schedule of collection. 3. Create Query Rule for collection membership 4. Move created collection to custom folder (very handy, never saw this option in other scripts). 5. Updates collection membership at once. #> # Importing necessary PS modules Import-Module ActiveDirectory Import-Module 'D:\Program Files\Microsoft Configuration Manager\AdminConsole\bin\ConfigurationManager.psd1' # Defining main variables # SCCM Site $Site = (Get-PSDRive -PSProvider CMSite).name <# Folder to move collections into. I've selected the ready one. You can create new folder right in script with simple "mkdir" in "${Site}:\DeviceCollection\" #> $TargetFolder = "${Site}:\DeviceCollection\FromAD_by_OU" # Relocating to SCCM PSDrive cd ${Site}: # Defining refresh interval for collection. I've selected 15 minutes period. $Refr = New-CMSchedule -RecurCount 15 -RecurInterval Minutes -Start "01/01/2017 0:00" <# Getting Canonical name and GUID from AD OUs. -SearchScope is Subtree by default, you can use it or use "Base" or "OneLevel". OUs are listed from the root of AD. To change this i.e. to OU SomeFolder use -SearchBase "OU=SomeFolder,DC=maestro,DC=local" #> $ADOUs = Get-ADOrganizationalUnit -Filter * -Properties Canonicalname |Select-Object CanonicalName, ObjectGUID # And at last, let's create some collections! foreach ($OU in $ADOUs) { $O_Name = $OU.CanonicalName $O_GUID = $OU.ObjectGUID # Adding collection New-CMDeviceCollection -LimitingCollectionName 'All Systems' -Name $O_Name -RefreshSchedule $Refr -Comment $O_GUID # Creating Query Membership rule for collection Add-CMDeviceCollectionQueryMembershipRule -CollectionName $O_Name -QueryExpression "select * from SMS_R_System where SMS_R_System.SystemOUName = '$O_Name'" -RuleName "OU Membership" # Getting collection ID $ColID = (Get-CMDeviceCollection -Name $O_Name).collectionid # Moving collection to folder Move-CMObject -FolderPath $TargetFolder -ObjectId "$ColID" # Updating collection membership at once Invoke-CMDeviceCollectionUpdate -Name $O_Name } Write-Host "----------------------------" Write-Host "All done, have some beer! ;)" Write-Host "----------------------------"
- 1 reply
- 
	
		- collections
- powershell
- 
					(and 2 more) 
					Tagged with: 
 
 
- 
	  PXE Boot Stopped WorkingMaestro replied to mkeehn's topic in System Center Configuration Manager (Current Branch) Hello everyone. Got the same error after migrating to 1606 from 2012 SP2. Digging the logs, found that SCCM is getting problems with WDS. WDS needs to be restarted before activating, SCCM isn't ready for this and tries to do everything, not paying attention that service is missing. What did I do. 1. Unchecked PXE in SCCM console. 2. Uninstalled WDS. Rebooted. 3. Deleted (just in case) %windir%\Temp and RemoteInstall folders. 4. Manually installed WDS. Rebooted. 5. Checked PXE option, waited for procedure to complete (no errors in logs). 6. Redistributed boot images. 7. Redistributed OS images. 8. Deleted and re-created TS. Worked like a charm. Maybe this will help to somebody.
- 
	Hello everyone! I cannot find an answer to technical question. When I add or move device to some collection, does it makes the SCCM client to run Policy Retrieval and Evaluation Cycle? Or the time interval is strictly configured in Client settings? In other words, if I want to immediately apply collection's deployments to a new computer do I have to run for it "Download computer Policy" from SCCM console?
- 
	Thank you very much! The key phrase is "the maintenance window will applied to any application or package that you deploy". Because in some manuals it was written that the maintenance windows support only "software updates, OS install, something else..." but not a word about package deployments. So I've wondered - could the shutdown will be done with package or should I create a Task Sequence for it. Thanks again!
- 
	Hello everyone! I've wrote very simple script to shutdown Workstations. Then I've created the collection for certain OUs in domain and simply scheduled to deploy this script to collection as package at 22:00 . I've realized my mistake when some of these workstations rebooted at morning (they were powered down already). So, what is the best way to do it right with SCCM? Should I schedule, i.e. the distribution of this package daily at 21:50 with deadline at 21:55 and create maintenance window for collection from 22:00 to 22:05? Will this work or there is more easier way? I've found some articles about maintenance windows, but can not realize the clear algorithm for myself. Thank you for your attention.
- 
	Thanks a lot! Will try my best.
- 
	It's OK, all computers are x86 Windows. But is there any way to complete my task in query, or I have to create a new report?
- 
	Hello everyone! I've got a task to create a query to show the computers which has more then one installation of Java on it (sometimes Java doesn't updates correctly). So I quickly created a query: select distinct SMS_R_System.Name, SMS_G_System_ADD_REMOVE_PROGRAMS.DisplayName, SMS_G_System_ADD_REMOVE_PROGRAMS.Version from SMS_R_System inner join SMS_G_System_ADD_REMOVE_PROGRAMS on SMS_G_System_ADD_REMOVE_PROGRAMS.ResourceID = SMS_R_System.ResourceId where SMS_G_System_ADD_REMOVE_PROGRAMS.DisplayName like "Java % Update %" order by SMS_R_System.Name And this query shows me all the computers where Java installed and I can see among them computers that I need. But how to select only computers where SMS_G_System_ADD_REMOVE_PROGRAMS.DisplayName like "Java % Update %" >1? I think COUNT will be the best for this task but I've didn't find how to correctly use it here. I've tried different constructions but always got an error sign. Can anyone help me? Thank you
- 
	Hello, Garth! Thank you for fast and detailed answer. To say "No" to customer, I need to have some reasons that are hard as reinforced concrete. That's why I'm particularly interested in two of your statements. If you can, explain them in details, please. Is this a well-known bug described somewhere? If yes - only this fact is enough to stop the work. As the previous statement, this is also very serious fact to consider. Can you explain it or give me a link where it is described in details? Thank you very much in advance. Sincerely, Alexey
- 
	Hello everyone! I've got a task to find all unauthorized executables on all workstations in domain. The good point is that workstations are identical to each other (both hard and soft), bad point is that I have to find the existence of these files on HDDs, not their launches. And I have to use SCCM 2012 SP1 for reporting as well. (That's why I cannot use the AppLocker). Well, what I've decided to do is to take one of workstations as the sample (SW - sample workstation). All updates, patches, etc. are provided at SW first, then are spread on whole domain. All .exe (and another file masks) on SW are presumed as "white", all others on workstations are presumed as "black" ones.What I need now is to compare white-list from SW with file list from every computer in collection. There already exists almost ready-to-use report that I need, but it has to be modified. Unfortunately, my knowledge of MS SQL is somewhere below zero (maybe below absolute zero, -274C ). That's why I'm asking for help. I've tried to find some articles about creating or modifying reports, but most of them are the same: "Open Report Builder, now copy and paste there the sample query from below. Wonder what a pretty report you've got!" The report is "Compare software inventory on two computers". What modifications do I need: - Compare not "Computer name - Computer name" but "Computer name - Select a collection" - Exclude files from white-list (from SW) from report. - Exclude size, version and time check - only existence and (maybe) the difference in path.. - Group by machine name. Maybe instead of ready query you can advice me some good article like "Composing reports in Report Builder for absolute newbies", I'll appreciate it very much as well. Thank you for your time. Sincerely, Alexey

 
 
			