Search the Community
Showing results for tags 'Powershell'.
-
Introduction Occasionally you want to inform users about something, such as the need to update or install software, and the easiest way to do that is with some sort of a popup notification. The ability to do that in Microsoft Intune is not currently available in the product although it is a Uservoice item in progress. In the meantime however, if you need to send a notification to users of Windows devices in Microsoft Intune, it's possible using PowerShell and here's how to do it. The idea here is that you can customize the PowerShell script to deliver the message you want (and if necessary take possible actions, however you need to add your custom code to the script and it must not exceed 200KB). the screenshots below are taken on a Windows 10 version 1709 device enrolled into Intune, the device is logged on as a user with normal permissions (not an Administrator) and this was configured with Windows AutoPilot. Note: The Intune management extension which is used to run the PowerShell script has the following prerequisites: Devices must be joined to Azure AD Devices must run Windows 10, version 1607 or later Step 1. Download the script Download the DisplayMessageInIntune.ps1 script. DisplayMessageInIntune.zip Step 2. Edit the script in ISE Launch PowerShell ISE and open the extracted downloaded script. Scroll down to the following values. The values are currently set as PowerShell Parameters with the hope that the current functionality in Microsoft Intune will support Params with PowerShell scripts in the future (I've requested this ability as a DCR to Microsoft directly). If this ability does come to Intune then I will blog an update to this post explaining how to make it dynamic. When you've changed the message title and message body, you might also want to change the Type and Option available to the user, below are the values you can configure. $Option can be any of the following values "OK" "OKCancel" "AbortRetryIgnore" "YesNoCancel" "YesNo" "RetryCancel" $Type can be any of the following values "Asterisk" "Error" "Exclamation" "Hand" "Information" "None" "Question" "Stop" "Warning " Finally after line 69 you can add any additional code you want, for example to check what key was pressed etc. Step 3. Upload the script to Microsoft Intune In the Intune service in Azure select Device Configuration and click on PowerShell Scripts. In PowerShell scripts, click on Add. Enter the following values: Name: "Display a message in Intune" Description: "Using PowerShell to messages in Intune" Script location: DisplayMessageInIntune.ps1 Next click on Settings, Configure to see the options available, Change the first option so that the script runs with the same permissions as the logged on user. Click OK when done and then click on Create to create the PowerShell script in Intune. Next click on Assignments to assign the PowerShell script to a Group of Users. To do that, click on Select Groups and then select a Group of Users that you'd like to assign this to. Next click on Save to save this group. Step 4. Review what happens on a Windows device On a Windows device, logon using the credentials of a user that is in the selected group that you assigned the PowerShell script to. Tip: You can restart the Microsoft Intune Management Extension service (as a user account with Administrator permissions) rather than wait one hour for that extension service to run the PowerShell script. Note: Your users don't need to do the service restart, this is just so you get instant gratification and can review the end-result. After the policy is received the message popup is displayed on top of all windows. result ! Troubleshooting You can review 2 logs files, one is the log file for Microsoft Intune Management Extension: C:\ProgramData\Microsoft\IntuneManagementExtension\Logs\IntuneManagementExtension.log and the other is generated by the PowerShell script itself: C:\Windows\Temp\DisplayMessageInIntune.log Note: If you want to display the message to a user in SYSTEM context then download serviceUI.exe from the MDT toolkit and launch powershell with that exe, like so... and create a Win32 App instead of using a PowerShell script option. ServiceUI.exe -process:explorer.exe %SYSTEMROOT%\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -WindowStyle Hidden -ExecutionPolicy Bypass -File DisplayMessageInIntune.ps1 Recommended reading https://docs.microsoft.com/en-us/intune/intune-management-extension https://oliverkieselbach.com/2017/11/29/deep-dive-microsoft-intune-management-extension-powershell-scripts/ https://www.petervanderwoude.nl/post/combining-the-powers-of-the-intune-management-extension-and-chocolatey/
-
task sequence [Help] - Powershell script SMSTSPostAction
Deilson Oliveira posted a question in scripting
I need to install Symantec Endpoint Protection, what would the command line be like in powershell where I can call a .ps1 script in a completely hidden and silent way? I did a previous TS that copies the setup64.exe from SEP to "C:\TEMP\" I don't have much knowledge on powerhsell as would the script that would install it silently? the argument for installing it via Batch File is / s. However, the CMD window appears during Windows logon, and Powershell can do all of this without any windows appearing, and I wanted powershell to wait for the installation to finish (I researched this and think the parameter is -WaitProcess but I don't know where how to put it) and after the installation is finished, delete the TEMP folder and restart the computer. Any help with that please?- 5 replies
-
- powershell
- scripting
-
(and 1 more)
Tagged with:
-
OSD Run Command Line: WMI to TS Variable
jHetzer posted a question in Troubleshooting, Tools, Hints and Tips
OSD Run Command Line: WMI to TS Variable (Tested with WinPE 1703 and Windows 10 1703 / SCCM 2012 Version 1706 / MDT ) A short guide how to store WMI information into a Task Sequence Variable without the need of a script. (And therefore without a "Update Distribution Point") Create a new "Run Command Line" Step Set the step name for example: "Set Task Sequence Variable OSD_VariableName" Command Line: powershell -Command "& {(New-Object -COMObject Microsoft.SMS.TSEnvironment).Value('OSD_VariableName') = (Get-WmiObject Win32_ComputerSystemProduct).Version}" Done The example shows how to store the property "Version" of the WMI Class "Win32_ComputerSystemProduct" into the Variable "OSD_VariableName". This is for example usefully for Lenovo devices because the property holds the real model name (Lenovo Model Names) and not the cryptic ID which may change. Other examples would be: Device Disk Count: powershell -Command "& {(New-Object -COMObject Microsoft.SMS.TSEnvironment).Value('OSD_DiskCount') = @(Get-WmiObject -query 'Select * from Win32_DiskDrive WHERE MediaType = \"Fixed hard disk media\"').Count}" Device TPM Chip Available: powershell -Command "& {(New-Object -COMObject Microsoft.SMS.TSEnvironment).Value('OSD_TPMChipAvailable') = [boolean](Get-WmiObject -Namespace 'ROOT\cimv2\Security\MicrosoftTpm' -query 'SELECT * FROM Win32_Tpm')}" Event more complicated commands are possible but at some point a script provides more flexibility. Important Note: "Run Command Line" step in conjunction with "powershell -Command "& {Crazy-PowershellFunction}" has problems with double quotes ("). If they are required they need to be escaped with "\". See for example: Device Disk Count: Other special characters my produce similar issues. If you like this quick and simple solution and found some other useful commands please share them in a reply to this Topic- 1 reply
-
- variable
- tasksequence
-
(and 4 more)
Tagged with:
-
Introduction Update: This script was updated 2017/11/10 with several new abilities to customize most of what you can define in the Virtual Machine settings. This is an extremely quick post to help you create Hyper-V virtual machines using PowerShell. The script assumes you've already installed the Hyper-V feature in Windows. You can define a bunch of variables *highlighted in red below* such as type of Checkpoint, or Memory or CPU settings, to define how your Virtual Machines are created, The script prompts you for three inputs: Virtual Machine name Virtual Switch Name Generation type (Gen1=legacy, Gen 2=UEFI) Here's a screenshot of the script in action: And after running you can see the Virtual Machine properties match what you specified (Gen 2, switch name, cpu settings and so on...) and the New Virtual Switch is created (if it didn't already exist) that's it, have fun. Downloads You can download a copy of the script here. Create HyperV VM2.ps1
-
Introduction This multi-part guide will show you how to install the latest baseline version of Configuration Manager from Microsoft. The latest available baseline version at the time of writing is System Center Configuration Manager (Current Branch) version 1902. SCCM 1902 is the latest baseline version and contains many bugfixes (and quality fixes) as detailed here. I blogged how to upgrade to 1902 here. Baseline media is used to install new ConfigMgr sites or to upgrade from supported versions. For more information about what baseline versions are and why you need them, I'd recommend you read my blog post here. This guide is aimed a new installations of SCCM. This lab is one of many hosted on my new hyper-v host, which is a very nice Lenovo P1 running Windows Server 2019 with data deduplication to make storage amazing. Note: The SCCM 1902 Current Branch media is available on MSDN or VLSC. If you don't have access to either of those you can download the baseline media ISO from the Microsoft evaluation site here. This is the same media that is on MSDN and VLSC. Once downloaded, extract the media to C:\Source\SCCM1902. This series is broken down into the following parts:- Part 1 - Get the lab ready, configure ADDS (this part) Part 2 - Join CM01 to Domain, add users, create the Systems Management container, delegate permission Part 3 - Role and Feature installation, installation of WDS and ADK Part 4 - Configure and install SQL Server 2017 Part 5 - Configure and install SCCM 1902 Current Branch Part 6 - Create device collections Part 7 - Configuring discovery Part 8 - Configuring boundaries You can use this multi-part guide to get a hierarchy up and running on Windows Server 2019 using SQL Server 2017. The concept behind this is to guide you through all the steps necessary to get a working Configuration Manager Primary site installed (for lab use) using manual methods or automated using PowerShell. This gives you the power to automate the bits that you want to automate, while allowing you to manually do other tasks when needed. You decide which path to take. PowerShell knowledge is desired and dare I say required if you are in any way serious about Configuration Manager. I will show you how to do most steps via two methods shown below, it's up to you to choose which method suits you best but I highly recommend automating everything that you can, using PowerShell. Method #1 - Do it manually Method #2 - Automate it with PowerShell Downloads The scripts used in this part of the guide are available for download here. Unzip to C:\Scripts. The scripts are placed in the corresponding folder (Part 1, Part 2 etc) and sorted into which server you should run the script on (DC01 or CM01). Scripts.zip Step 1. Get your lab ready In this guide I assume you have already installed two WorkGroup joined servers with Windows Server 2019 Standard (Desktop Experience) installed. You can install the operating system on those servers in whatever way you want. If you want a PowerShell script to help you create hyper-v virtual machines you can use this one. Please configure the servers used in this guide as listed below, the SmoothWall (Linux firewall) is optional. Server function: Domain Controller Server name: DC01 Server info: Workgroup joined IPv4 Address: 192.168.9.1 Subnet Mask: 255.255.255.0 Default Gateway: 192.168.9.199 DNS: 192.168.9.1 Server function: Configuration Manager Primary site Server Name: CM01 Server info: Workgroup joined IPv4 Address: 192.168.9.2 Subnet Mask: 255.255.255.0 Default Gateway: 192.168.9.199 DNS: 192.168.9.1 Server function: (optional) Linux firewall Server name: smoothwall Server info: Uses 2 legacy nics eth0: 192.168.9.199 eth1: x.x.x.x (internet facing ip) You will also need the following media. Windows Server 2019 Standard SQL Server 2017 System Center Configuration Manager 1902 Current Branch Step 2. Configure Active Directory Domain Services (ADDS) To setup Active Directory Domain Services you could manually click your way through the appropriate wizard in Server Manager or automate it using PowerShell. For your benefit I'll show you both methods below, all you have to do is choose which one suits you. Method #1 - Do it manually On the DC01, open Server Manager. Click on Add roles and features On the Before You Begin screen click Next. For Installation Type select Role-based or Feature-based installation For Server Selection select Select a server from the server pool and choose DC01 For Server Roles select Active Directory Domain Services, when prompted to add features that are required for Active Directory Domain Services select Add Features select DHCP Server,when prompted to add features that are required for DHCP Server, accept the changes by clicking on Add Features Select DNS Server, when prompted to add features that are required for DNS Server, accept the changes by clicking on Add Features Continue the the wizard by clicking Next On the Features screen click Next On the AD DS screen click Next On the DHCP server screen, click Next On the DNS Server screen click Next On the Confirmation screen click Install and then click on Close Configure Post Deployment Configuration After it's finished, perform the Post Deployment Configuration by clicking on Promote this server to a domain controller select the Add a new forest option, give it a root domain name such as windowsnoob.lab.local Next, depending on your requirements set the Forest functional level and Domain functional level, I've selected the default options below however you may want to configure it differently for your hierarchy, For the password field use P@ssw0rd, Click Next when ready, for DNS options, click Next, Next verify the NetBIOS name and click Next To specify the location of the AD DS database, log files and so forth, either accept the defaults, or change them to something that suits your hierarchy and click Next. Next you can review the options (clicking view script will save your actions to a PowerShell script for use later if you wish). Click Next when done. Next, click Install to begin Once it is complete making the changes it will automatically reboot the server After the reboot, open Server Manager again to do the Post-deployment Configuration for DHCP Server. Click on Complete DHCP Configuration use the defaults for DHCP Server Authorization Click on Commit, Click Close when done. That's how to configure ADDS and DHCP manually. Method #2 - Automate it with PowerShell To configure ADDS, DNS and DHCP automatically, use the ConfigureADDS.ps1 PowerShell script. Note: I'd recommend that you reboot the server before running the script in case any pending operations like Windows Update are in progress as it may effect the results of the script below - I have not (yet) added in any detection for pending operations. 1. Copy the script to C:\scripts on DC01 2. Edit the variables in lines 17-32 as desired before running. 3. Start Windows PowerShell ISE as Administrator and run the script by clicking on the green triangle. Once the script is run, it will automatically reboot the server, and after you logon, it will complete the DHCP server installation. Summary Using PowerShell to automate things is the proper way to do things as a server admin. Please join me in Part 2 of this multi-part guide where you will continue setting up your new Windows Server 2019 lab with SCCM 1902 Current Branch.
- 24 replies
-
Is there a way to create multiple Deployment Types under one application. I am using Add-CMScriptDeploymentType and get an error on the second one. Add-CMScriptDeploymentType : ConfigMgr Error Object: instance of SMS_ExtendedStatus { Description = "The digest is not valid"; ErrorCode = 1078462235; File = "..\\sspconfigurationitem.cpp"; Line = 1980; Operation = "PutInstance"; ParameterInfo = ""; ProviderName = "ExtnProv"; SQLMessage = "[42000][3998][Microsoft] [SQL Server]Uncommittable transaction is detected at the end of the batch. The transaction is rolled back."; SQLSeverity = 16; SQLStatus = 3998; StatusCode = 2147749889; }; At C:\Install\CreateTKA.ps1:252 char:11 + Add-CMScriptDeploymentType -ApplicationName $ApplicationNam ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (Microsoft.Confi...mentTypeCommand:AddScriptDeploymentTypeCommand) [Add-CM ScriptDeploymentType], WqlQueryException + FullyQualifiedErrorId : UnhandledException,Microsoft.ConfigurationManagement.Cmdlets.AppMan.Commands.AddScriptDe ploymentTypeCommand
-
This multi-part guide will show you how to install the latest baseline version of Configuration Manager from Microsoft. The latest available baseline version is System Center Configuration Manager (Current Branch) version 1802 as of March 29th 2018. How can I install System Center Configuration Manager (Current Branch) version 1802 on Windows Server 2016 with SQL Server 2017 – Part 1 How can I install System Center Configuration Manager (Current Branch) version 1802 on Windows Server 2016 with SQL Server 2017 – Part 2 How can I install System Center Configuration Manager (Current Branch) version 1802 on Windows Server 2016 with SQL Server 2017 – Part 3 How can I install System Center Configuration Manager (Current Branch) version 1802 on Windows Server 2016 with SQL Server 2017 – Part 4 You can use this multi-part guide to get a hierarchy up and running on Windows Server 2016 using SQL Server 2017. The concept behind this is to guide you through all the steps necessary to get a working Configuration Manager Primary site installed using manual methods or automating it by using PowerShell. This gives you the power to automate the bits that you want to automate, while allowing you to manually do other tasks when needed. You decide which path to take. PowerShell knowledge is desired and dare I say required if you are in any way serious about Configuration Manager. I will show you how to do most steps via two methods shown below, it’s up to you to choose which method suits you best but I highly recommend automating everything that you can (if possible), using PowerShell. Method #1 – Do it manually Method #2 – Automate it with PowerShell In Part 1, you configured Active Directory Domain Services (ADDS) on AD01, then joined the Configuration Manager primary server (CM01) to the newly created domain. You then created users, usergroups and OU's in Active Directory and created the System Management Container. Finally you delegated permission to the Configuration Manager server to the System Management container. In Part 2, you configured Windows Server 2016 roles and features on the Configuration Manager primary server (CM01) and then you downloaded and installed Windows ADK 1709. Next you installed SQL Server 2017 CU5 with SQL Server Management Studio (SSMS) and Reporting Services before installing the WSUS role which uses SQL to store the SUSDB instead of the Windows Internal Database (WID). In this Part, you will download and extract the ConfigMgr content, you'll download the ConfigMgr prerequisites and then you'll extend the Active Directory schema before installing System Center Configuration Manager (Current Branch) version 1802. Step 1. Download and extract the ConfigMgr content Before installing System Center Configuration Manager version 1802 you'll need to download the content as it is a baseline version. You can download baseline versions of the ConfigMgr media from Microsoft's Volume licensing Service Center (VLSC) site for use in production or from MSDN (or the Microsoft Evaluation site) for use in a lab. The VLSC download can be found be searching for Config and then selecting System Center Config Mgr (current branch and LTSB) as shown below. Once you've downloaded the ISO, mount it using Windows File Explorer and copy the contents to somewhere useful like C:\Source\SCCM1802 on the Configuration Manager server. Step 2. Download the ConfigMgr Prerequisites Note: Perform the following on the Configuration Manager server (CM01) as a Local Administrator You can download the prerequisites during ConfigMgr setup or in advance. As you'll probably want to install more than one copy of ConfigMgr (one lab, one production) it's nice to have the prerequisites downloaded in advance. Method #1 – Do it manually To do that, open an administrative PowerShell command prompt and navigate to the following folder: C:\Source\SCCM1802\smssetup\bin\X64 Run the following line .\SetupDL.exe C:\Source\SCCM_Prerequisites Once the process is complete you can open C:\ConfigMgrSetup.log with CMTrace (or notepad) to verify the status of the download. Note: You can find the CMTrace executable in the SMSSetup Tools folder in the location that you extracted the ConfigMgr media, eg: C:\Source\SCCM1802\SMSSETUP\TOOLS. Method #2 – Automate it with PowerShell To automate the download of the prerequisites simply follow the instructions and run the Install SCCM Current Branch version 1802.ps1 Powershell script in Step 4 or use the Download SCCM prerequisite files.ps1. Step 3. Extend the Schema Note: Perform the following on the Domain controller server (AD01) as Administrator. You do not have to extend the Active Directory schema if it was already extended for Configuration Manager previously. Method #1 – Do it manually To do that, on the Active Directory domain controller (AD01), open Windows File Explorer and browse to the network path of the ConfigMgr server where you've copied the SCCM source, eg: \\cm01\c$\Source\SCCM1802\SMSSETUP\BIN\X64 In that folder, locate extadsch.exe and right click, choose Run as Administrator. After the schema has been extended for SCCM, you can open C:\ExtAdsch.log on the root of C:\ on the server you are performing this on, and review the success or failure of that action. Method #2 – Automate it with PowerShell To automate extending the schema, use the Extend the Schema in AD.ps1 PowerShell script. Run the script on the CM01 server using credentials that have the ability to extend the schema. Step 4. Install SCCM Current Branch (version 1802) Note: Perform the following on the ConfigMgr server (CM01) as Administrator. Method #1 – Do it manually To do that, on the Configuration Manager server (CM01), open Windows File Explorer and browse to the network path of the ConfigMgr server where you've copied the SCCM source, eg: C:\Source\SCCM1802\ In that folder, double click on splash.hta. The Installer appears, click on Install. At the Before You Begin screen click Next. In the Available Setup Options screen, place a checkbox in "Use typical Installation options for a stand alone primary site" When prompted if you want to continue click Yes. On the Product Key screen enter your Key (or choose the eval option), and set the Software Assurance Date (optional) On the Product License Terms screen, select the 3 available options and click Next. On the Prerequisite Downloads screen, select the first option and specify C:\Source\SCCM_Prerequisites as the folder to download the prerequisite files. Click Next to start the download. On the Site and Installation Settings screen, enter your chosen site code (eg: P01), your site name and the path where you want to install ConfigMgr. On the Diagnostics and Usage data screen, click Next. On the Service Connection Point Setup screen, enter your choices and click Next. On the Settings Summary, review your choices and when happy with them click Next. On the Prerequisite Check screen click Begin Install when ready. During the installation, click on View Log (opens C:\ConfigmgrSetup.log) to review the installation progress using CMTrace and when the installation is done, click Close. Method #2 – Automate it with PowerShell To automate the installation of ConfigMgr 1802 (including all the previous steps above), simply run the Install SCCM Current Branch version 1802.ps1 PowerShell script. Run the script on the CM01 server and when prompted to extend the schema, enter your choice (yes or no) and if you choose to extend the schema, provide suitable credentials when prompted. Once done with the schema extension, the installation will continue (as shown below). and once installed you can launch the console. Success ! Summary In this 3 part guide you used quite a bit of PowerShell to automate pretty much most of Installing System Center Configuration Manager Current Branch (version 1802), including installing and configuring SQL Server 2017 on Windows Server 2016. Doing it with PowerShell means you can safely say that you've got a handle on Automation using PowerShell. I hope you learned a lot from doing it this way, and until next time, adios ! Downloads The scripts used in this guide are available for download here. Unzip to C:\Scripts on both servers. The scripts are placed in the corresponding folder (Part 1, Part 2 etc) and sorted into which server you should run the script on (AD01 or CM01). Scripts.zip
- 19 replies
-
- powershell
- current branch
-
(and 2 more)
Tagged with:
-
This multi-part guide will show you how to install the latest baseline version of Configuration Manager from Microsoft. The latest available baseline version is System Center Configuration Manager (Current Branch) version 1802 as of March 29th 2018. How can I install System Center Configuration Manager (Current Branch) version 1802 on Windows Server 2016 with SQL Server 2017 – Part 1 How can I install System Center Configuration Manager (Current Branch) version 1802 on Windows Server 2016 with SQL Server 2017 – Part 2 How can I install System Center Configuration Manager (Current Branch) version 1802 on Windows Server 2016 with SQL Server 2017 – Part 3 How can I install System Center Configuration Manager (Current Branch) version 1802 on Windows Server 2016 with SQL Server 2017 – Part 4 You can use this multi-part guide to get a hierarchy up and running on Windows Server 2016 using SQL Server 2017. The concept behind this is to guide you through all the steps necessary to get a working Configuration Manager Primary site installed (for lab use) using manual methods or automated using PowerShell. This gives you the power to automate the bits that you want to automate, while allowing you to manually do other tasks when needed. You decide which path to take. PowerShell knowledge is desired and dare I say required if you are in any way serious about Configuration Manager. I will show you how to do most steps via two methods shown below, it’s up to you to choose which method suits you best but I highly recommend automating everything that you can, using PowerShell. Method #1 – Do it manually Method #2 – Automate it with PowerShell In Part 1, you configured Active Directory Domain Services (ADDS) on AD01, then joined the Configuration Manager server (CM01) to the newly created domain. You then created users, usergroups and OU's in Active Directory and created the System Management Container. Finally you delegated permission to the Configuration Manager server to the System Management container. Step 1. Install Roles and Features on CM01 Note: Perform the following on the Configuration Manager server (CM01) as a Local Administrator To support various features in System Center Configuration Manager, the setup wizard requires some server roles and features preinstalled. On CM01, login as the username you added to the Local Administrators group and start Server Manager. Method #1 - Do it manually The role and feature requirements for ConfigMgr are listed here https://docs.microsoft.com/en-us/sccm/core/plan-design/configs/site-and-site-system-prerequisites. On CM01, login as a user with administrative permissions on the server. Start Server Manager. Click on Add roles and features, on the Before you begin page click Next Choose Role-based or feature-based installation In the Server Selection screen verify CM01.windowsnoob.lab.local is selected and click Next On the Server Roles screen select Web Service (IIS) and when prompted to add features for Web Server (IIS) click on Add Features Click Next and on the Features screen select the .NET Framework 3.5 (includes .NET 2.0 and 3.0) feature Expand the .NET Framework 4.6 Features and select HTTP Activation under WCF Services, answer Add Features when prompted. Select Message Queuing (MSMQ) Activation and when prompted select Add Features Select Named Pipe Activation and TCP Activation and under Background Intelligent Transfer Service (BITS) select IIS Server Extension when prompted to add features click on Add Features Scroll down and select Remote Differential Compression Click Next and on the Web Server Role (IIS) screen click Next on the Select Role Services verify that the following are selected Click Next and point to the Installation Source by clicking on Specify an alternate source path Enter the path to the media eg: E:\Sources\SxS Click Install when ready, at this point you could export configuration settings for later automation Click on Close when the feature installation has succeeded. Method #2 - Automate it with PowerShell Note: Make sure your Server 2016 media is in the drive specified in the script or edit the script to point to the new location of the media. To install the roles and features needed, start Windows Powershell ISE as a user with administrative permissions on the server, edit the variables as appropriate and run the install roles and features.ps1 script. The script will automatically stop and prompt you to correct things, if it cannot find the XML file or the Windows Server 2016 installation media. 1. Extract the scripts to C:\Scripts on CM01 and load the install roles and features.ps1script located in C:\Scripts\Part 2\CM01 2. Edit the variables (lines 18-19) as desired before running. 3. Start Windows PowerShell ISE as Administrator and run the script by clicking on the green triangle. Step 2. Download and install Windows ADK and install WDS Note: Perform the following on the Configuration Manager server (CM01) as a Local Administrator When you deploy operating systems with Configuration Manager, the Windows ADK is an external dependency that is required. The ConfigMgr prerequisite checker will check for various things, including ADK components such as USMT and Windows Preinstallation Environment (among others), therefore you need to install Windows ADK on your server. System Center Configuration Manager version 1802 supports Windows ADK 1709 as I've explained here. Method #1 - Do it manually Go to this link and download ADK 1709. You'll be prompted to save or run ADKSETUP.EXE, select Run. When prompted for the path, accept the defaults...(or change it to something else if you wish) Select your privacy settings Accept the ADK EULA Make sure to have selected at least the following ADK features Deployment Tools Windows Preinstallation Environment (Windows PE) Imaging and Configuration Designer (ICD) Configuration Designer User State Migration tool (USMT) and click Install to start the download and Installation of the Windows ADK, version 1709. Once the ADK installation is complete, click Close. To install WDS, open Server Manager, select Add roles and features and select the Windows Deployment Services role. When prompted click on Add Features to include management tools. and click through the wizard until completion, close the wizard when done. Method #2 - Automate it with PowerShell To download and then install Windows ADK 10 version 1709 with the components needed for ConfigMgr, start Windows Powershell ISE as Administrator and run the setup ADK and WDS.ps1 script. This script not only downloads and installs ADK 1709, but it installs the Windows Deployment Services role. Tip: If you've already downloaded ADK 1709 and want to save yourself some time, copy the Windows Kits folder and all files/folders within to the source folder (eg: C:\Source\Windows Kits) and the script will skip the download. 1. Extract the scripts to C:\Scripts on CM01 and load the setup ADK and WDS.ps1 script located in C:\Scripts\Part 2\CM01 2. Edit the variable (line 17) as desired before running. 3. Start Windows PowerShell ISE as Administrator and run the script by clicking on the green triangle. Step 3. Install SQL Server 2017 Note: Perform the following on the Configuration Manager server (CM01) as a Local Administrator Method #1 - Do it manually Configure the firewall as described in https://go.microsoft.com/fwlink/?linkid=94001. After configuring the firewall, browse to the drive where the SQL Server 2017 media is, and run setup.exe. The SQL Server Installation Center wizard will appear. Click on Installation and then choose New SQL Server standalone installation or add features to an existing installation. Enter the Product Key or use the evaluation version if that's what you want to use. The product key will be automatically filled in for licensed media downloaded from Microsoft Volume Licensing Service Center. Accept the EULA Make your Microsoft Update choices and review your Install rules, select the SQL server instance features you need and if necessary change the drive letter where you intend to install it And configure the Instance Configuration or just leave it as default Verify the Service Accounts settings and for Collation, make sure the collation is set to SQL_Latin1_General_CP1_CI_AS For Server Configuration, click on Add Current User After configuring Data Directories, TempDB and Filestream settings you are Ready to Install Click on Install to start the installation of SQL Server 2017, and once it's completed, click Close. After installing SQL Server 2017, download SQL Server 2017 SSMS from here and install it. Method #2 - Automate it with PowerShell Note: Make sure your SQL Server 2017 media is in the drive specified in the script or edit the script to point to the new location of the media. The script and accompanying INI file have the path pointing at D:\Program Files, please change the variables as appropriate. To install SQL Server 2017 use the Install SQL Server 2017.ps1 script. The script will create a ConfigurationFile.ini used to automate the installation of SQL Server 2017, and after it's installed the script will download the SSMS executable (Management Studio) and install it. Then it will download Reporting Services and install it. If either of the EXE's are in the download folder, it will skip the download and just install. SQL Server no longer comes with the Management Studio or Reporting Services built in, and they are offered as separate downloads, don't worry though, my PowerShell script takes care of that for you. 1. Extract the scripts to C:\Scripts on CM01 and load the Install SQL Server 2017.ps1 script located in C:\Scripts\Part 2\CM01 2. Edit the variables [lines 17-76] as desired before running. 3. Start Windows PowerShell ISE as Administrator and run the script by clicking on the green triangle. Step 4. Restart the Configuration Manager Primary Server Note: Perform the following on the Configuration Manager server (CM01) as a Local Administrator Open an administrative command prompt and issue the following command: shutdown /r Step 5. Install the WSUS role Note: Perform the following on the Configuration Manager server (CM01) as a Local Administrator Now that SQL server is installed, we can utilize SQL Server for the WSUS database. To install WSUS and configure it to use the SQL server database instead of the Windows Internal Database, do as follows: Method #1 - Do it manually Using Roles and Features in Server Manager, add the Windows Server Update Services role. When prompted to add features for the WSUS role, click on Add features. When prompted for the Role Services, uncheck WID Connectivity and add SQL Server Connectivity instead. When prompted for Content location, enter a valid path When prompted for Database Instance Selection, enter the server name and click on Check Connection On the Confirm Installation Selections screen, click on Install. and finally click close. After installing the WSUS role, in Server Manager, click on the yellow exclamation mark and choose Launch Post Installation Tasks. When the tasks are completed Optional: The WSUS database (SUSDB) can be observed using SQL Server SSMS. Method #2 - Automate it with PowerShell Browse to the location where you extracted the scripts, C:\scripts. Start Windows PowerShell ISE as administrator, open the Install roles and features_WSUS.ps1 script, edit the $servername variable and replace CM01 with the ServerName your are installing ConfigMgr on (SQL server). Note: Make sure to have your Windows Server 2016 media in the path referred to by $Sourcefiles. 1. Extract the scripts to C:\Scripts on CM01 and load the Install roles and features_WSUS.ps1 script located in C:\Scripts\Part 2\CM01 2. Edit the variables [lines 22-25] as desired before running. 3. Start Windows PowerShell ISE as Administrator and run the script by clicking on the green triangle. Downloads The scripts used in this guide are available for download here. Unzip to C:\Scripts on both servers. The scripts are placed in the corresponding folder (Part 1, Part 2 etc) and sorted into which server you should run the script on (AD01 or CM01). Scripts.zip Summary Using PowerShell to automate things leaves more time for yourself and it's fun. Please join me in Part 3 of this multi-part guide when you will install System Center Configuration Manager version 1802 (Current Branch).
- 20 replies
-
- sql server 2017
- powershell
-
(and 3 more)
Tagged with:
-
Hey Guys, I have just set up a filter rule to email me the status of software deployments by running a powershell script. I am currently passing the name into the powershell script by using this command script.ps1 %msgsys then within the first line of powershell i use param([string]$strComputer) This is working fine. I also wanted to pass the variable for message description so the script was script.ps1 %msgsys %msgdesc Powershell param([string]$strComputer, [string]$message) When i run this all that i get is the first word in the message. example The message was The task sequence has completed successfully My script will only return "The" How can i output the entire message not just the first word??
- 5 replies
-
- powershell
- filter rules
-
(and 1 more)
Tagged with:
-
Hi Everyone,
I'm a new Level 2 Technician as i was previously Level 1 technician and my main role was helping users troubleshoot issues on their Computer and recently had a few colleagues from Level 3 started helping me get into SCCM environment were i flourishing from their Wisdom, so found your site and started to visit this site to learn a few things and decided to register.
Thank you for visiting my page
-
I'm in the process of automating reader so that it downloads and creates the application in SCCM We use a global condition to get the version of reader out of the registry. I have two deployment types, One installs the full reader and the second just installs the patch. On the second deployment type we use the requirement Between operand with the values of "17.011.130000" "17.011.130080" that way it will only install the patch it fails on the between operand. If I use greaterthan or others it works fine. Any help???? Here is the error message. Add-CMScriptDeploymentType : ConfigMgr Error Object: instance of SMS_ExtendedStatus { Description = "There is a failure while generating lantern documents for this configuration item"; ErrorCode = 1078462256; File = "..\\sspconfigurationitem.cpp"; Line = 2164; Operation = "PutInstance"; ParameterInfo = ""; ProviderName = "ExtnProv"; StatusCode = 2147749889; }; At C:\Reader\Add-Depend.ps1:155 char:1 + Add-CMScriptDeploymentType -SourceUpdateProductCode "$ReaderGUID" -A ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (Microsoft.Confi...mentTypeCommand:AddScriptDeploymentTypeCommand) [Add-CMScriptDeploymentType], WqlQueryException + FullyQualifiedErrorId : UnhandledException,Microsoft.ConfigurationManagement.Cmdlets.AppMan.Commands.AddScriptDeploymentTypeCommand
- 4 replies
-
- global condistion
- deploymenttype
-
(and 3 more)
Tagged with:
-
Hi, I thought I would advertise my book here as I need all the shout-outs I can get! The book is entitled: ConfigMgr - An Administrator's Guide to Deploying Applications using PowerShell I think it's pretty good, but then again, I'm probably biased. You can get it here: https://leanpub.com/configmgr-DeployUsingPS Sorry about this advert - I hate adverts too. Sometimes, you just...gotta.
-
Hey Guys / Niall - I'm trying to script something which I've done parts of in the past, but not together at once and need some assistance, please... Overall, I'm trying to add hostnames as direct members to a different collection referenced on the same row of a CSV source. Below is an example of the CSV source which states the hostname in the first column and its domain in a 2nd column. A collection already exists per domain which is "Prod Servers: domainfqdn". For example, below is a similar CSV with headers: svr_name,svc_domainfqdn SYSTEM1,DOMAIN.5.com SYSTEM2,DOMAIN.6.com SYSTEM3,DOMAIN.4.org SYSTEM8,DOMAIN.6.local The desired result is that once the script executes, the following occurs: The hostname "SYSTEM1" is added via direct rule to the collection "Prod Servers: DOMAIN.5.com" The hostname "SYSTEM2" is added via direct rule to the collection "Prod Servers: DOMAIN.6.com" The hostname "SYSTEM3" is added via direct rule to the collection "Prod Servers: DOMAIN.4.org" The hostname "SYSTEM8" is added via direct rule to the collection "Prod Servers: DOMAIN.6.local" I've added systems to a single collection many times before using powerShell using something similar to the below, but am at a loss for how to add to multiple collections all within the same source. I've already created the collections for each domain, so no need to have the script check for them or do so. Any suggestions? Thanks!
- 6 replies
-
- collection
- powershell
-
(and 2 more)
Tagged with:
-
Introduction UPDATE: please use the newer version of this guide here. This multi-part guide will show you how to install the latest baseline version of Configuration Manager from Microsoft. The latest available baseline version is System Center Configuration Manager (Current Branch) version 1802 as of March 29th 2018. How can I install System Center Configuration Manager (Current Branch) version 1802 on Windows Server 2016 with SQL Server 2017 – Part 1 How can I install System Center Configuration Manager (Current Branch) version 1802 on Windows Server 2016 with SQL Server 2017 – Part 2 How can I install System Center Configuration Manager (Current Branch) version 1802 on Windows Server 2016 with SQL Server 2017 – Part 3 How can I install System Center Configuration Manager (Current Branch) version 1802 on Windows Server 2016 with SQL Server 2017 – Part 4 You can use this multi-part guide to get a hierarchy up and running on Windows Server 2016 using SQL Server 2017. The concept behind this is to guide you through all the steps necessary to get a working Configuration Manager Primary site installed (for lab use) using manual methods or automated using PowerShell. This gives you the power to automate the bits that you want to automate, while allowing you to manually do other tasks when needed. You decide which path to take. PowerShell knowledge is desired and dare I say required if you are in any way serious about Configuration Manager. I will show you how to do most steps via two methods shown below, it's up to you to choose which method suits you best but I highly recommend automating everything that you can, using PowerShell. Method #1 - Do it manually Method #2 - Automate it with PowerShell Get your lab ready In this guide I assume you have already installed two WorkGroup joined servers with Windows Server 2016 installed, how you install the operating system is up to you. When installing the servers please choose Windows Server 2016 Standard (Desktop Experience). The servers used in this guide are configured as listed below, the SmoothWall (NAT) is optional. Server name: AD01 Server function: Domain Controller Server status: Workgroup joined IPv4 Address: 192.168.9.1 Subnet Mask: 255.255.255.0 Default Gateway: 192.168.9.199 DNS: 192.168.9.1 Server name: CM01 Server function: Configuration Manager Primary site Server status: Workgroup joined IPv4 Address: 192.168.9.2 Subnet Mask: 255.255.255.0 Default Gateway: 192.168.9.199 DNS: 192.168.9.1 Server name: Smoothwall Server function:Linux firewall Server status: 2 legacy nics eth0: 192.168.9.199 eth1: x.x.x.x (internet facing ip) Step 1. Configure Active Directory Domain Services (ADDS) Note: Perform the following steps on the AD01 server as a Local Administrator. To setup Active Directory Domain Services you could manually click your way through the appropriate wizard in Server Manager or automate it using PowerShell. For your benefit I'll show you both methods below, all you have to do is choose which one suits you. Method #1 - Do it manually Open Server Manager. Click on Add roles and features On the Before You Begin screen click Next For Installation Type select Role-based or Feature-based installation For Server Selection select Select a server from the server pool and choose AD01 For Server Roles select Active Directory Domain Services, when prompted to add features that are required for Active Directory Domain Services select Add Features Select DNS Server, when prompted to add features that are required for DNS Server, accept the changes by clicking on Add Features Continue the the wizard by clicking Next On the Features screen click Next On the AD DS screen click Next On the DNS Server screen click Next On the Confirmation screen click Install and then click on Close After it's finished, perform the Post Deployment Configuration by clicking on Promote this server to a domain controller select the Add a new forest option, give it a root domain name such as windowsnoob.lab.local Next, depending on your requirements set the Forest functional level and Domain functional level, I've selected the default options below however you may want to configure it differently for your hierarchy, For the password field use P@ssw0rd, Click Next when ready, for DNS options, click Next, Next verify the NetBIOS name and click Next To specify the location of the AD DS database, log files and so forth, either accept the defaults, or change them to something that suits your hierarchy and click Next. Next you can review the options (clicking view script will save your actions to a PowerShell script for use later if you wish). Click Next when done. Next, click Install to begin Once it is complete making the changes it will automatically reboot the server Method #2 - Automate it with PowerShell To configure ADDS and DNS automatically, use the ConfigureADDS.ps1 PowerShell script. 1. Copy the script to C:\scripts on AD01 2. Edit the variables in lines 17-24 as desired before running. 3. Start Windows PowerShell ISE as Administrator and run the script by clicking on the green triangle. Once the script is run, it will automatically reboot. Step 2. Join CM01 to the domain Note: Perform the following on the ConfigMgr server (CM01) as Local Administrator Method #1 - Do it manually To join the domain manually, login to CM01. Start Windows File Explorer. Right-click on This-PC and choose Properties. The System screen will appear. Click on Change settings to the right of Computer name. For the option To rename this computer or change its domain or workgroup, click Change, click Change and for Member of select Domain, enter the Domain details used in Step 1 and click OK when prompted for credentials, enter them and click OK You'll be welcomed to the Domain. Click OK. And prompted to reboot the computer, Click OK. In the Computer Name/Domain changes screen, click Close then click Restart now when prompted. Method #2 - Automate it with PowerShell To join the domain automatically, use the joindomain.ps1 PowerShell script. 1. Copy the script to C:\Scripts on CM01 2. Edit the variables (lines 16-18) as desired before running. 3. Start Windows PowerShell ISE as Administrator and run the script by clicking on the green triangle. Note: If DNS is not set correctly on the CM01 Network Properties, then the Domain Join process will fail. The script checks for success and reports an error if one occurs. If successful it will automatically restart the computer after the Domain Join process is complete. Step 3. Create users (optional) Note: Perform the following on the Active Directory Domain Controller server (AD01) as Administrator Method #1 - Do it manually To create users manually, click on Start and choose Windows Administrative Tools and then select Active Directory Users and Computers. In Active Directory Users and Computers, add new users by expanding <domain name>, select Users and right click, choose New then select User. In the wizard that appears fill in the New Object user details enter the Password details using password P@ssw0rd and click Finish when done Repeat the above process to add remaining users as appropriate for your environment Testuser, used for testing stuff CM_BA, used for building ConfigMgr created images CM_JD, used for joining computers to the domain CM_RS, used for reporting services. CM_CP, used when installing the Configuration Manager Client for Client Push. CM_NAA, (Network Access Account) used during OSD Note: The PowerShell script creates users and makes a user a local admin on the CM01 server. To facilitate the local administrator creation, you'll need to (optionally) manually create a GPO on AD01 called Allow Inbound File and Printer sharing exception which sets Windows Firewall: Allow inbound file and printer sharing exception to Enabled. To Create the GPO on AD01, click the Start menu and choose Windows Administrative Tools, then select Group Policy Management. Expand Group Policy Objects and Right click, choose New and give it a Name: Allow Inbound File and Printer Sharing Exception. In the GPO settings, expand Computer Configuration, Policies, Administrative Templates, then select Network, Network Connections, Windows Firewall and select the Domain Profile. Locate the Windows Firewall: Allow inbound file and printer sharing exception and set it to Enabled. Apply the changes. Here you can see the path to the GPO setting. After creating the GPO, you'll want to limit it to only apply to your ConfigMgr server (or servers). To do that select the Delegation tab of the GPO, and click on Advanced button. Select the Authenticated Users security group and then scroll down to the Apply Group Policy permission and un-tick the Allow security setting. This denies authenticated users from applying this GPO setting Next, click on the Add button, for Select this object type make sure to select Computers from the Object Types and select the group or Computer object that you want to have this policy apply to. Then select the group (e.g. ConfigMgr Servers) and scroll the permission list until you see the Apply group policy option and then tick the Allow permission as shown here. Finally, you need to Link the GPO, to do that, right click on your Domain (in this example it's windowsnoob.lab.local) and select Link an existing GPO and then select the newly created GPO Note: Once the above is completed, please update Group Policy on CM01 using Gpupdate /force prior to running the PowerShell script below. Method #2 - Automate it with PowerShell To create users automatically, use the Create Users Usergroups and OUs in AD.ps1 PowerShell script. Tip: You should edit the script and adjust the variables to your liking, for example if you want to change the default password. You may also want to rem out the MDT and MBAM user/groups that are created and change some of the user names within the script. To rem out a line place a # in front of it. 1. Copy the script to C:\scripts on AD01 2. Edit the variables [lines 79-100] as desired before running. 3. Start Windows PowerShell ISE as Administrator and run the script by clicking on the green triangle. Once the script is complete you can browse Active Directory Users and Groups to see the Users and Groups it created. Step 4. Create the System Management Container Note: Perform the following on the Active Directory Domain Controller server (AD01) as Local Administrator For details of why you are doing this see https://docs.microsoft.com/en-us/sccm/core/plan-design/network/extend-the-active-directory-schema Method #1 - Do it manually Open ADSI Edit, click on Action, then Connect To and click Ok, Double Click on Default Naming Context and the DC= that appears below it. Click on the > and scroll down to CN=System. Right Click on CN=System and choose New, Object choose Container from the options, click Next enter System Management as the value. Click Next and then click Finish. Method #2 - Automate it with PowerShell Note: Perform the following on the Active Directory Domain Controller server (AD01) as Local Administrator To create the System Management container automatically, use the Create System Management container.ps1 PowerShell script. Step 5. Delegate Permission Note: Perform the following on the Active Directory Domain Controller server (AD01) as Local Administrator Method #1 - Do it manually Open Active Directory Users and Computers. Click on view, select Advanced Features. Select the System Management Container under System Right click the System Management container, choose All Tasks and Delegate Control. When the Welcome to Delegation of Control Wizard appears click next, then click Add. click on Object Types, select Computers. Type in your Configuration Manager server name (CM01) and click on Check Names, it should resolve. Click Ok Click Next then select Create a Custom Task to Delegate, click Next, make sure This folder, existing objects in this folder and creation of new objects in this folder is selected. Click next, select the 3 permissions General, Property-Specific and Creation-deletion of specific child objects are selected then place a check mark in Full Control. Tip: Repeat the above process for each site server that you install in a Hierarchy. Method #2 - Automate it with PowerShell To delegate permissions to the System Management container automatically, use the Delegate Permissions.ps1 PowerShell script on AD01. Edit line 24 to point to the ConfigMgr server if you are using a different computer name than CM01. Note: You need to start Windows PowerShell ISE as a user that has Administrative Permissions in AD on the AD01 server. Downloads The scripts used in this guide are available for download here. Unzip to C:\Scripts on both servers. The scripts are placed in the corresponding folder (Part 1, Part 2 etc) and sorted into which server you should run the script on (AD01 or CM01). Scripts.zip Summary Using PowerShell to automate things leaves more time for yourself and it's fun. Please join me in Part 2 of this multi-part guide where you will configure Windows Server 2016 roles and features and then install SQL Server 2017. Continue to Part 2 of this guide > https://www.windows-noob.com/forums/topic/16116-how-can-i-install-system-center-configuration-manager-current-branch-version-1802-on-windows-server-2016-with-sql-server-2017-part-2/
- 5 replies
-
- sccm
- windows server 2016
-
(and 2 more)
Tagged with:
-
Hi WN I created a function to connect to the CMSite and load the cmdlet for ConfigurationManager. Could the function be improved in any way or is it as good it can be? is the logic best practice or? You can download it at : https://gallery.technet.microsoft.com/Connect-ConfigMgr64-db5e9d0a function Connect-ConfigMgr64 { $initParams = @{ } if ((Get-Module ConfigurationManager) -eq $null) { try { Import-Module "$($ENV:SMS_ADMIN_UI_PATH)\..\ConfigurationManager.psd1" @initParams -Scope Global } catch { $ModulePath = (Get-ItemProperty HKLM:\SOFTWARE\Wow6432Node\Microsoft\ConfigMgr10\Setup -Name "UI Installation Directory").'UI Installation Directory' Import-Module $ModulePath\bin\ConfigurationManager.psd1 -Scope Global } } if ((Get-Module ConfigurationManager) -ne $null) { $SiteCode = Get-PSDrive -PSProvider CMSITE if ((Get-PSDrive -Name $SiteCode -PSProvider CMSite -ErrorAction SilentlyContinue) -eq $null) { $ProviderMachineName = (Get-ItemProperty HKLM:\SOFTWARE\Wow6432Node\Microsoft\ConfigMgr10\AdminUI\Connection -Name Server).Server New-PSDrive -Name $SiteCode -PSProvider CMSite -Root $ProviderMachineName @initParams } if ((Get-PSProvider -PSProvider CMSite) -ne $null) { Set-Location $SiteCode":\" Write-Host 'Type "Get-Command -Module ConfigurationManager" for a list of SCCM CMDlets.' -ForegroundColor Green } else { $CustomError = [String]"Error: Can't find CMSite provider" Throw $CustomError } } else { $CustomError = [String]"Unable to locate System Center Configuration Manager installation folder!" Throw $CustomError } } Connect-ConfigMgr64
-
- sccm
- powershell
-
(and 1 more)
Tagged with:
-
Here is script...... Copy-Item "\\fileserver\SCCM\Resources\Laserfiche\Laserfiche.url" -Destination "C:\Users\Public\Desktop" Shortcut never appears.
-
Introduction Microsoft released the new Surface Pro and recently a new operating system, Windows 10 version 1709 (Fall Creators Update). Now you can automate the installation of it using PowerShell. This script has been written to allow you to automate the deployment Windows 10 version 1709 (Fall Creators Update) using the latest available software including: Windows 10 x64 (version 1709) Microsoft Deployment Toolkit (MDT) build 8443 Latest available 2017 drivers for the Surface Pro Windows 10 ADK (version 1709) Windows Server 2016 Note: This is fully automated, and as this does install a Windows Deployment Services server role hosting a boot image, you should modify the script accordingly and test it thoroughly in a lab first. This script is tailored for one thing only, deploying Windows 10 x64 version 1709 to the Microsoft Surface Pro with all drivers loaded and MDT 2013 preconfigured. Download it and customize it to suit your needs for other hardware if you wish because what it does is pretty cool. This script performs the following actions:- Downloads and then Installs Windows ADK 10 (version 1709) if you have not done so already Downloads and then Installs MDT, if you have not done so already Downloads all required drivers for Microsoft Surface Pro if you have not done so already Imports the Windows 10 x64 (version 1709) operating system into MDT Imports the Microsoft Surface Pro drivers into MDT Creates Selection Profiles for Surface Pro and WinPE x64 Creates a Deploy Windows 10 X64 version 1709 task sequence Edits the Deploy Windows 10 X64 version 1709 task sequence and adds an inject drivers step for Microsoft Surface Pro Sets a WMI query for hardware detection for the Surface Pro on the corresponding driver step Injects the Microsoft Surface Pro network drivers into the LiteTouchPE_x64.wim Creates custom CustomSettings.ini and BootStrap.ini files Disables the X86 boot wim (as it is not needed for Surface Pro) Changes the Selection Profile for the X64 boot wim to use the WinPE x64 selection profile Installs the Windows Deployment Service role Configures the WDS role and adds the previously created LiteTouchPE_x64.wim Starts the WDS service so that you can PXE boot (UEFI network boot). All you have to do is download the script below, modify some variables, then place certain files in the right place such as the Windows 10 x64 Enterprise (version 1709) media. Please ensure you have a working DHCP scope on your Active Directory domain controller, then PXE boot a Microsoft Surface Pro and sit back and enjoy the show. Step 1. Download the script The PowerShell script will do all the hard work for you, it is in the Downloads section at the end of this guide, download it, unzip it and place it on the server that is designated to be the MDT server. Step 2. Configure the variables in the script Once you have downloaded and extracted the script, you need to configure certain variables interspersed throughout the script. I'll highlight the ones you need to edit. The most important of them is the $SourcePath variable (line 53) as this decides where to get the content from and where to store it. This variable should point to a valid drive letter, the folder name will be created if it does not exist. The $FolderPath variable (line 237) specifies the MDT Deployment share root folder for example C:\MDTDeploy. There are other variables to configure, for joining the Domain (lines 315-317) and then you need to configure how you actually connect to the MDT server from WinPE (lines 392-396) Step 3. Copy the Windows 10 x64 (version 1709) operating system files Mount a Microsoft Windows 10 x64 Enterprise (version 1709) ISO and copy the contents to $SourcePath\Operating Systems\Windows 10 x64\1709 as shown below Step 4. Optionally copy MDT, ADK 10, Surface Pro drivers This is an optional step. If you've already downloaded the above files then place them in the source folder, otherwise the script will automatically download them for you. Note: You do not have to do this as the script will download the content for you if it's not found. Step 5. Optionally copy your Applications to the respective folders This is an optional step. If you have apps like Office 365, copy them to their respective folders under Applications. If you do add any applications, you'll need to edit the corresponding section within the script for the CustomSettings.ini and replace the GUID for the App, these applications are remmed out with a #, as shown here (line 358) and here in line 294... Step 6. Run the script On the server that will become your MDT server, start PowerShell ISE as Administrator. Click on the green triangle to run the script. Below you can see the script has completed. After the script is complete, you are ready to test deploying Windows 10 version 1709 (Fall Creators Update) to a Microsoft Surface Pro. You can see that Windows Deployment Services is installed and that the ADK 1709 version of the MDT LiteTouch_X64 boot wim is already imported. This boot image also has the Surface Pro network drivers added. After opening the Deployment Workbench, you can see the Deploy Windows 10 x64 version 1709 task sequence is created The Surface Pro Inject drivers step is pre-configured for you and the WMI query for the hardware is also added on the options tab drivers specific to the Surface Pro for are imported into MDT Step 7. Sit back and watch the deployment Take a properly shutdown Surface Pro , and power it on using the following sequence. Hold the down volume key and then press the power button while continuing to hold down the volume key, it should PXE boot. Press enter when prompted before loading the boot image before prompting you for a computer name, note that it's currently set to SurfacePro in CustomSettings.ini contained within the script, you can change that behavior in the UI itself (CustomSettings.ini on the Properties/Rules of the DeploymentShare) or automate it via the many methods available such as those that Mikael describes here click Next and off it goes, with your customized Company name and after a while it's all done Troubleshooting If the script has issues starting WDS (and you see the error below) then restart the server, as you were asked to do at the end of the script ;-). If you cannot PXE boot, because WDS is not accepting connections (revealed by the PXE Response tab in WDS properties), then look for the following error in the scripts output: An error occurred while trying to execute the command. Error Code: 0x5 Error Description: Access is denied. If you see that error, then the user you are logged in as does not have sufficient permissions to configure WDS. To grant permissions to the Windows Deployment Server (MDT01) do as follows Open Active Directory Users and Computers. Right-click the OU where you are creating prestaged computer accounts, and then select Delegate Control. On the first screen of the wizard, click Next. Change the object type to include computers. Add the computer object of the Windows Deployment Services server, and then click Next. Select Create a Custom task to delegate. Select Only the following objects in the folder. Then select the Computer Objects check box, select Create selected objects in this folder, and click Next. In the Permissions box, select the Write all Properties check box, and click Finish. Repeat the above process to grant appropriate permissions for the User who will run the PowerShell script Summary Automating the deployment of Windows 10 version 1709 (Fall Creators Update) to the Microsoft Surface Pro using PowerShell and MDT is easy when you know how. Downloads Download the PowerShell script contained in the ZIP file. Deploy Windows 10 Fall Creators Update to Microsoft Surface Pro with MDT - November 2017.zip
- 1 reply
-
- 1
-
- mdt
- powershell
-
(and 2 more)
Tagged with:
-
Hello Folks, I'm new to this forum. I believe that this is right place to post my query here. Here is problem with SCCM. I wrote a script that copy file from desktop to shared location. the script works perfectly fine when I run as administrator. Created package \ application for this script and deployed to my test machine. but It doesn't do anything while installing from my test machine even though I checked run with admin's right in SCCM. FYI: Method 2: Created bat file that calls my power shell script. No luck yet all! Method 3: Run the Powershell script by using coomand line i.e Powershell -ExecutionPolicy -Bypass -file "file.ps1" in SCCM Package\ Application. But No luck yet all. Please share your thoughts.
- 1 reply
-
- powershell
- sccm
-
(and 1 more)
Tagged with:
-
Hey Guys / Niall - I'm in a bind and need some suggestions, please... I'm currently in the middle of rebuilding our OSD task sequence from scratch to resolve a few issues. It's TS is fairly lengthy as it's MDT integrated and uses the UDI Wizard for customization of the build. One of the most used UDI features is the ability to select Applications & packages not installed by default for automated installation during the build. This has worked great in the past with Applications and Packages. The issue is that many of our applications are installed via task sequence & some are pretty lengthy. They are built as such due to their complexity and ability to support multiple locations (different steps are executed depending on the system's location), scenarios (Install, Repair, Upgrade), etc. It would be easy enough to copy / paste these steps into a folder in the OSD TS and have them tied to a UDI variable - but - when attempting to do so have found that it makes the task sequence too large and I get memory / handle errors when trying to save it. As a workaround, I did adjust specific settings in WMI on the Primary server as described here to the settings shown below (quadrupled values for first 3) plus the server is only using 27% of 16gb of RAM, but that didn't help. So - what is the most reliable way to install a task sequence during OSD (if any) I know that the latest version of SCCM includes this ability, but we are on 2012 R2 SP1 CU4 for the next 2 months. The only way I can think of is to pre-advertise the TS to collections OSD is advertised to then create and Application which executes a PowerShell script that initiates the desired TS similar to this post. I've used it before for the App Catalog, but it hasn't been that consistent and I haven't tried it with OSD yet. Surely, there's another workaround for this or way to safely be able to add more steps to OSD's TS. I'd appreciate any suggestions - Thank You!
- 1 reply
-
- osd
- task sequence
-
(and 2 more)
Tagged with:
-
Hi, I've been having problems with an install for a looong time. I need to install the latest Salesforce plugin for outlook on my companies computer but many different versions are installed which I need to uninstall prior to installing the newer version.To do so, I have found a Powershell script that if I run from PS ISE works correctly however, if I do it from a task sequence it says it has run but it doesn't do anything.This is how I did it: Created a package with the .ps1 file with no program. Added a Run powershell script step where I invoke the package and specified the script name. After many troubleshooting I think it could have to do with the account the task sequence is executed.The PS script is the following: $uninstall32 = gci "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall" | foreach { gp $_.PSPath } | ? { $_ -match "Salesforce*" } | select UninstallString $uninstall64 = gci "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall" | foreach { gp $_.PSPath } | ? { $_ -match "Salesforce*" } | select UninstallString if ($uninstall64) { $uninstall64 = $uninstall64.UninstallString -Replace "msiexec.exe","" -Replace "/I","" -Replace "/X","" $uninstall64 = $uninstall64.Trim() Write "Uninstalling..." start-process "msiexec.exe" -arg "/X $uninstall64 /q" -Wait} if ($uninstall32) { $uninstall32 = $uninstall32.UninstallString -Replace "msiexec.exe","" -Replace "/I","" -Replace "/X","" $uninstall32 = $uninstall32.Trim() Write "Uninstalling..." start-process "msiexec.exe" -arg "/X $uninstall32 /q" -Wait} it should find the uninstall string for the app and execute it. Also, the app I'm trying to find is installed on the user profile, and if the uninstall string is run from another account it wont find it.... this is why I think it might have to do with the account
- 4 replies
-
- task sequence
- powershell
-
(and 2 more)
Tagged with:
-
Introduction This script has been written to allow you to automate the deployment Windows 10 version 1703 (Creators Update) using the latest available software including: Windows 10 x64 (version 1703, MSDN media) Microsoft Deployment Toolkit (MDT) build 8443 Latest available 2017 drivers for the Surface Pro 4 Windows 10 ADK (version 1703) Windows Server 2016 Note: This is fully automated, and as this does install a Windows Deployment Services server role hosting a boot image, you should modify the script accordingly and test it thoroughly in a lab first. As ADK 1703 has an issue with Secure Boot, you must temporarily disable Secure Boot on your Windows Server 2016 prior to running this script, I will amend this post if ADK 1703 is re-released. This script is tailored for one thing only, deploying Windows 10 x64 to the Microsoft Surface Pro 4 with all drivers loaded and MDT 2013 pre-configured. Download it and customize it to suit your needs for other hardware if you wish because what it does is pretty cool. This script performs the following actions:- Downloads and then Installs Windows ADK 10 (version 1703) if you have not done so already Downloads and then Installs MDT, if you have not done so already Downloads all required drivers for Microsoft Surface Pro 4 if you have not done so already Imports the Windows 10 x64 (version 1703) operating system into MDT Imports the Microsoft Surface Pro 4 drivers into MDT Creates Selection Profiles for Microsoft Surface Pro 4 and WinPE x64 Creates a Deploy Windows 10 x64 - Surface Pro 4 task sequence Edits the Deploy Windows 10 x64 - Surface Pro 4 task sequence and adds an inject drivers step for Microsoft Surface Pro 4 Sets a WMI query for hardware detection for the Surface Pro 4 on the corresponding driver step Injects the Microsoft Surface Pro 4 network drivers into the LiteTouchPE_x64.wim Creates custom CustomSettings.ini and BootStrap.ini files Disables the X86 boot wim (as it is not needed for Surface Pro 4) Changes the Selection Profile for the X64 boot wim to use the WinPE x64 selection profile Installs the Windows Deployment Service role Configures the WDS role and adds the previously created LiteTouchPE_x64.wim Starts the WDS service so that you can PXE boot (UEFI network boot). All you have to do is download the script below, modify some variables, then place certain files in the right place such as the Windows 10 x64 Enterprise (version 1703) media. Please ensure you have a working DHCP scope on your Active Directory domain controller, then PXE boot a Microsoft Surface Pro 4 and sit back and enjoy the show. Step 1. Download the script The PowerShell script will do all the hard work for you, it is in the Downloads section at the end of this guide, download it, unzip it and place it on a server that is designated to be the MDT server. Note: If you use this on Windows Server 2016 then you'll need to temporarily disable secure boot to allow ADK 1703 to install otherwise it will fail due to driver signing. Hopefully this will be fixed in an upcoming release of ADK 10 version 1703. Step 2. Configure the variables in the script Once you have downloaded and extracted the script, you need to configure certain variables interspersed throughout the script. I'll highlight the ones you need to edit. The most important of them is the $SourcePath variable (line 61) as this decides where to get the content from and where to store it. This variable should point to a valid drive letter, the folder name will be created if it does not exist. The $FolderPath variable (line 242) specifies the MDT Deployment share root folder for example E:\MDTDeploy. There are other variables to configure, for joining the Domain (lines 320-322) and then you need to configure how you actually connect to the MDT server from WinPE (lines 393-397) Step 3. Copy the Windows 10 x64 (version 1703) operating system files Mount a Microsoft Windows 10 x64 Enterprise (version 1703) ISO and copy the contents to $SourcePath\Operating Systems\Windows 10 x64\1703 as shown below Step 4. Optionally copy MDT, ADK 10, Surface Pro 4 drivers This is an optional step. If you've already downloaded the above files then place them in the source folder, otherwise the script will download them for you. Note: You do not have to do this as the script will download the content for you if it's not found. Step 5. Optionally copy your Applications to the respective folders This is an optional step. If you have apps like Office 365, copy them to their respective folders under Applications. If you do add any applications, you'll need to edit the corresponding section within the script for the CustomSettings.ini and replace the GUID for the App as shown here (line 362) Step 6. Run the script On the server that will become your MDT server, start PowerShell ISE as Administrator. Click on the green triangle to run the script. Below you can see the script in action: After the script is complete, you are ready to test deploying Windows 10 Creators Update to a Microsoft Surface Pro 4. You can see that Windows Deployment Services is installed and that the ADK 1703 version of the MDT LiteTouch_X64 boot wim is already imported. This boot image also has the Surface Pro 4 network drivers added. After opening the Deployment Workbench, you can see the Deploy Windows 10 x64 version 1703 task sequence is created The Surface Pro 4 Inject drivers step is pre-configured for you and the WMI query for the hardware is also added on the options tab and drivers specific to the Surface Pro 4 for are imported into MDT and custom selection profiles for the Surface Pro 4 are created Step 7. Sit back and watch the deployment Take a properly shutdown Surface Pro 4, and power it on using the following sequence. Hold the down volume key and then press the power button while continuing to hold down the volume key, it should PXE boot. Press enter when prompted and then it will load the MDT LitetouchPE_X64 boot wim. before prompting you for a computer name, note that it's currently set to SurfacePro4 in CustomSettings.ini contained within the script, If you have optional apps they'll be listed here along with the mandatory Office 365 ProPlus you can change that behavior in the UI itself (CustomSettings.ini on the Properties/Rules of the DeploymentShare) or automate it via the many methods available such as those that Mikael describes here click Next and off it goes, and finally it's all complete, Windows 10 Creators Update installed fully automated ! Troubleshooting If the script has issues starting WDS (and you see the error below) then restart the server, as you were asked to do at the end of the script ;-). If you cannot PXE boot, because WDS is not accepting connections (revealed by the PXE Response tab in WDS properties), then look for the following error in the scripts output: An error occurred while trying to execute the command. Error Code: 0x5 Error Description: Access is denied. If you see that error, then the user you are logged in as does not have sufficient permissions to configure WDS. To grant permissions to approve a pending computer Open Active Directory Users and Computers. Right-click the OU where you are creating prestaged computer accounts, and then select Delegate Control. On the first screen of the wizard, click Next. Change the object type to include computers. Add the computer object of the Windows Deployment Services server, and then click Next. Select Create a Custom task to delegate. Select Only the following objects in the folder. Then select the Computer Objects check box, select Create selected objects in this folder, and click Next. In the Permissions box, select the Write all Properties check box, and click Finish. You can test whether the permission change works by issuing the following after the script is complete: WDSUTIL /Set-Server /AnswerClients:All To perform these procedures, you must be a member of the Account Operators group or the Domain Administrators group, or you must have been delegated the appropriate user rights. For deployment issues, you can review the logs found in the following locations depending on what part of the OSD process you are in:- In WinPE X:\MININT\SMSOSD\OSDLOGS X:\Windows\Temp\SMSTSLOG In Windows C:\Windows\Temp\DeploymentLogs C:\MININT\SMSOSD\OSDLOGS C:\Users\Administrator\Appdata\Local\temp\SMSTSLog Summary Automating the deployment of Windows 10 Creators Update to the Microsoft Surface Pro 4 using PowerShell and MDT is easy when you know how. Downloads Download the PowerShell script contained in the ZIP file. Deploy Windows 10 Creators Update to Microsoft Surface Pro 4 with MDT - April 2017.zip
-
- windows 10 version 1703
- adk 1703
- (and 5 more)
-
Hi Apologies if this is the wrong place for this question, I have seen/used the great PowerShell scripts for documenting my SCCM setup. but I was wondering is there anything out there similar for generating a Image build release note. i.e. all the apps installed, O/S etc etc, ideally in a nice presentable format. Thanks Rob
-
Hello everyone! Some years ago I was looking for a script to create collections in SCCM based on AD OUs. I've found some of them, but they seemed a bit complex and incomprehensible to me. So I've wrote my own rather simple script, added a few options that I think would be in hand for SCCM admin and added a lot of comments to make the script easy to understand and modify. So I present it to your judge. Any comments and suggestions are appreciated. <# Crafted by Maestro, 17/03/2017 The purposes of this script: 1. Create device collections in SCCM based on AD. Assign Canonical name of OU to collection and OU GUID to collection description. I use OU GUID for my further needs, so you can omit this. In addition, I think that Canonical name is the best variant to use in SCCM but you can pick simple Name or Distinguished Name - it is up to you 2. Define the Refresh Schedule of collection. 3. Create Query Rule for collection membership 4. Move created collection to custom folder (very handy, never saw this option in other scripts). 5. Updates collection membership at once. #> # Importing necessary PS modules Import-Module ActiveDirectory Import-Module 'D:\Program Files\Microsoft Configuration Manager\AdminConsole\bin\ConfigurationManager.psd1' # Defining main variables # SCCM Site $Site = (Get-PSDRive -PSProvider CMSite).name <# Folder to move collections into. I've selected the ready one. You can create new folder right in script with simple "mkdir" in "${Site}:\DeviceCollection\" #> $TargetFolder = "${Site}:\DeviceCollection\FromAD_by_OU" # Relocating to SCCM PSDrive cd ${Site}: # Defining refresh interval for collection. I've selected 15 minutes period. $Refr = New-CMSchedule -RecurCount 15 -RecurInterval Minutes -Start "01/01/2017 0:00" <# Getting Canonical name and GUID from AD OUs. -SearchScope is Subtree by default, you can use it or use "Base" or "OneLevel". OUs are listed from the root of AD. To change this i.e. to OU SomeFolder use -SearchBase "OU=SomeFolder,DC=maestro,DC=local" #> $ADOUs = Get-ADOrganizationalUnit -Filter * -Properties Canonicalname |Select-Object CanonicalName, ObjectGUID # And at last, let's create some collections! foreach ($OU in $ADOUs) { $O_Name = $OU.CanonicalName $O_GUID = $OU.ObjectGUID # Adding collection New-CMDeviceCollection -LimitingCollectionName 'All Systems' -Name $O_Name -RefreshSchedule $Refr -Comment $O_GUID # Creating Query Membership rule for collection Add-CMDeviceCollectionQueryMembershipRule -CollectionName $O_Name -QueryExpression "select * from SMS_R_System where SMS_R_System.SystemOUName = '$O_Name'" -RuleName "OU Membership" # Getting collection ID $ColID = (Get-CMDeviceCollection -Name $O_Name).collectionid # Moving collection to folder Move-CMObject -FolderPath $TargetFolder -ObjectId "$ColID" # Updating collection membership at once Invoke-CMDeviceCollectionUpdate -Name $O_Name } Write-Host "----------------------------" Write-Host "All done, have some beer! ;)" Write-Host "----------------------------"
- 1 reply
-
- collections
- powershell
-
(and 2 more)
Tagged with:
-
Hello , I try to create a custom task sequence using powershell , but i dont know how can i add steps for variables ans packages . Any help . Thank you
-
Hey Guys / Niall - So I've got a bit of a challenge deploying some legacy apps right now. The installation process for many of these applications requires that files manually be copied to to local paths on the PC or certain registry settings added based on the location of the system. Easy to do with TS conditions, but finding a common variable between each of the locations is difficult. The locations they define are based on systems in specific OUs, but the OU formatting is different at each site (name of OU they give me could be at 3rd, 4th, or 5th level). I want a universal solution that I can use for all and all pretty much define different steps by the name of the OU the system is in. Below is what I came up with and have been trying to put together, but haven't had much luck - especially since my PowerShell isn't that great. The solution I came up with was to add the following in task sequences that needed it: Define TS variable for each name of OUs (which required different TS steps to be run) Per TS variable set above, run PowerShell script to grab system's DN then keyword search it for the TS variable's name If TS variable was found in DN string, set variable's value to TRUE else FALSE Create TS steps that copy the files as needed per site then set condition on it to run only if that site's TS variable had a TRUE value As for the PowerShell portion of this, below is what I have so far with comments per line... #Defines SCCM TS Variable Environment? $tsenv = New-Object -COMObject Microsoft.SMS.TSEnvironment #Reads variable from Task Sequence $v = $tsenv.Value("Site") #Grabs system's DN from Registry $dn = (Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine") | Select-Object -ExpandProperty distinguished-name #Searches DN string for TS Variable no matter case and sets it to $d (TRUE or FALSE) $d = $dn.ToLower().Contains($v.ToLower()) #Sets the original TS Variable "Site" to TRUE or FALSE $tsenv.Value("Site") = $d So far, no luck. So - is what I'm doing even possible? If so, what am I missing - or - any idea for a better way to go about this, perhaps? I tried to thing of something WMI-based, but couldn't Any ideas?