Skip to main content

SCCM 2007 + PowerShell Automation - The Problem with Query Based Deployments


Few months back, I made a resolution of automating the deployment process used in our Project,
Scenario
So if a User needs applications in their machine , they raise a request for the same. After the approval process it comes to our team and we handle the deployment of these apps to the User machines using SCCM 2007 (or ConfigMgr).

So this is how we do it ....we have the QueryRules for the Application collection in place we just go there and add the machine name there manually in the Query Rule for the Application Collection. 

To go with the post I have a test collection in place by the name "Deepak Test 1"...So first I will be showing how we do this manually and then later on how I did it using PowerShell. There something called "Click Count" which is a rough count of how many mouse clicks am using to do these actions in ConfigMgr MMC Console (rough estimate)
Click Count = 1

Manual Way
Step 1. Right  Click and open the properties for the collection. On the "Membership Rules" tab, we have a QueryRule named "test query" for this demo.
Click Count = 2
Step 2. Double-Click the  QueryRule and then "Edit Query Statement"
Click Count = 3
Step 3. Now on the "Query Rule Properties" , you can add a machine in 2 ways either by clicking on the "Show Query Language" and then adding the machine name to QueryExpression (this one is not preferred) or click on the "Criteria" tab (which am gonna do )
Click Count = 4
Step 4: On the next prompt double-click the Query or click on the icon highlighted button to edit the query.
Click Count = 5
Step 5 : Now on the next window put the new machine names under Value to Add and click "Add" or click on any machine names under "Value to Match" to remove (in case application needs to be removed from the machine)
Click Count = 6
And then add other 4-clicks to click on "Ok" buttons 
So total Click Count = 10 (rough count) ...after adding the machine name we have to update the collection (1 more click) and then hit F5 to refresh the view.
See to do a normal task of adding/removing a machine name we had to perform 10-clicks or more..Now on a regular day basis we get like hundreds of these tickets (coz they started migrating VDIs to Win 7...Yep now they are doing it finally).

P.S. - WMI is the answer to managing/automating the ConfigMgr 07 deployments.

Labels:

Popular posts from this blog

Test connectivity via a specific network interface

Recently while working on a Private cloud implementation, I came across a scenario where I needed to test connectivity of a node to the AD/DNS via multiple network adapters.  Many of us would know that having multiple network routes is usually done to take care of redundancy. So that if a network adapter goes down, one can use the other network interface to reach out to the node. In order to make it easy for everyone to follow along, below is an analogy for the above scenario: My laptop has multiple network adapters (say Wi-Fi and Ethernet) connected to the same network. Now how do I test connectivity to a Server on the network only over say Wi-Fi network adapter?
Get-FullPost »

PowerShell + SCCM : Run CM cmdlets remotely

Today I saw a tweet about using implicit remoting to load the Configuration Manager on my machine by Justin Mathews . It caught my eye as I have never really tried it, but theoretically it can be done. Note - The second tweet says "Cannot find a provider with the name CMSite", resolution to which is in the Troubleshooting section at the end.
Get-FullPost »

PowerShell : Trust network share to load modules & ps1

Problem Do you have a central network share, where you store all the scripts or PowerShell modules ? What happens if you try to run the script from a network share ? or if you have scripts (local) which invoke scripts or import PowerShell modules stored on this network share ? Well you would see a security warning like below (Note - I have set execution policy as 'Unrestricted' not 'bypass' here): Run a .ps1 from the network share Well this is a similar warning, which you get when you download scripts from Internet. As the message says run Unblock-File cmdlet to unblock the script and then run it, let's try it.
Get-FullPost »