I'm having a problem with my patch management colletion queries. We want to make sure that we do not include manually patched servers in our SCCM patch management, and want to control this through a Exclusion group in AD. I'm having a hard time getting the correct results though. I want to include servers in Group A, and I want to remove servers that is included in Group B. The point is to remove servers that is in both groups. As a kind of fail safe.
I've gotten this far:
select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where SMS_R_System.SystemGroupName like "Domain\\G_Patch_server_Pilot" and SMS_R_System.ResourceId not in (select ResourceID from SMS_R_System where SMS_R_System.SystemGroupName = "Domain\\G_Patch_server_Exclusions")
This gives me the servers in G_Patch_server_Pilot group from the correct domain, but it does not honor the Exclusion groups that is not supposed to be added to the query. If I do the same query with OU's, I get the desired result:
select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where SMS_R_System.SystemOUName like "Domain.com/Machines/Servers" and SMS_R_System.ResourceId not in (select ResourceID from SMS_R_System where SMS_R_System.SystemOUName = "Domain.com/Machines/Servers/Database")
This query will exclude the sub OU called Databases. We can not however, base this on OU's as there is different types of servers that need to be excluded. What am I doing wrong here?
We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.
Hello
I'm having a problem with my patch management colletion queries. We want to make sure that we do not include manually patched servers in our SCCM patch management, and want to control this through a Exclusion group in AD. I'm having a hard time getting the correct results though. I want to include servers in Group A, and I want to remove servers that is included in Group B. The point is to remove servers that is in both groups. As a kind of fail safe.
I've gotten this far:
This gives me the servers in G_Patch_server_Pilot group from the correct domain, but it does not honor the Exclusion groups that is not supposed to be added to the query. If I do the same query with OU's, I get the desired result:
This query will exclude the sub OU called Databases. We can not however, base this on OU's as there is different types of servers that need to be excluded. What am I doing wrong here?
Share this post
Link to post
Share on other sites