Powershell

Manage Microsoft Intune users via PowerShell

by

This week my blog post will contain some PowerShell again! After almost a month finally some PowerShell on my blog again. Even though Microsoft Intune has no PowerShell support, yet, there are parts that can be managed via PowerShell already. In my blog series about how to integrate Microsoft Intune and ConfigMgr with single sign-on I already showed some related PowerShell cmdlets for adding and verifying a domain name and for enabling Active Directory synchronization. In this post I will show how to manage the Microsoft Intune users. As in the most scenario’s the users and groups will be synchronized from the on-premises Active Directory, I won’t show how to create users and groups. Instead I will show how to get information about the users, …

Read more

Get the folder location of an object in ConfigMgr 2012 via PowerShell

by

This blog post will be about a question that I recently got with a big enterprise customer. They use many folders throughout the console to store their different objects and are able to find these objects by using the search option in the console. One thing the console doesn’t show, with the search results, is the folder location of the specific object. That folder location would make life a lot easier when adding packages to a task sequence. Luckily, I already created once a small PowerShell function that does exactly that. It outputs the folder location of an object. This blog post will explain that PowerShell function and shows the required input per object type. >> The complete function is available via download here on …

Read more

Divide a collection into multiple smaller collections in ConfigMgr 2012 via PowerShell

by

This blog post will be about a question that I recently read on a forum and also already got a couple of times with different customers. That question is if it’s possible to simply create multiple smaller collections of one specific collection. This can be useful when a specific deployment has to be deployed in smaller groups then normally. Also, there are already a couple solution available in the community, like the SCCM Collection Splitter by Mickael Ponsot and the Planning an upgrade of an application  by Jörgen Nilsson, but as always, not every solution fits every customer. In my case(s) these solution didn’t fit, as it shouldn’t have to much options and it shouldn’t rely on static properties. That’s why I created a simple …

Read more

Create a WQL query setting for a Configuration Item in ConfigMgr 2012 via PowerShell

by

Before I start with this blog post I have to give some (read: a lot) of credits to Dexter. He helped me a lot with understanding the SDMPackageXML of a Configuration Item (CI) and also blogged about that experience. Also, this blog post won’t go into the details he already mentioned about modifying the XML and writing it to a CI. Now let’s really start with this blog post. This blog post will be about creating a WQL query setting for a CI and more specifically the road to creating a WQL query setting for a CI. Step 1: Locate the method to create the WqlQuerySetting The first step is to locate the method that can be used to create the WqlQuerySetting. During the installation …

Read more

New tool: Show memberships of software updates to deployment packages and software update groups

by

Actually since the first release of ConfigMgr 2012, I’ve seen and got question about software updates. Besides, of course, questions about setting it up, these questions are mainly focused about the memberships of software updates. Simple questions like “In which software update group is this software update?” or “In which deployment packages are the updates of this software update group?” are not that simple to answer. This is all going to change, starting today! I created this simple tool that can perform searches based on a specific software update, a software update group, or a deployment package. Simply specify the Name (in case the of a software update the article id), select the Type (software update, software update group, or deployment package) and click Execute. …

Read more

Install computer-targeted application during OS deployment via PowerShell and ConfigMgr 2012

by

A few months ago I did a blog post about installing user-targeted applications during operating system deployments via PowerShell and ConfigMgr. This time I will do a similar post, on request, about installing computer-targeted applications during operating system deployments. Yes, I know it might be worth a discussing about why someone is still using computer-targeted deployments, but that will not be a part of this blog post. Script A big part of this script, and by that also this post, might look familiar, as it’s based on the previous script for user-targeted applications. Just like with that previous script I will go through all the key steps of the script. The following five steps make sure that I only get the applications that are required …

Read more

Quickly get an overview of the client agent times in ConfigMgr 2012

by

This time it will be a really short blog post, about showing the client agents and their times. Normally, to see the times of the different client agents it’s necessary to look at the properties of a device, but that’s really time consuming for multiple devices. Also, these agents and their times are shown in two different rows as two different arrays. The only one that can be shown in the console is the Heartbeat Discovery. This should be possible in an easier way and also providing a better overview. Script Actually, this is pretty easy to do in PowerShell. The following PowerShell function gets a list of all devices within ConfigMgr, After that it will loop through all the devices and per device loop …

Read more

Change device ownership – The journey through log files, WMI and PowerShell of ConfigMgr 2012

by

Last week I’ve got the question about how to quickly change the device owner of all mobile devices. This question was based on the fact that by default the device owner is set to Personal and that default value cannot be changed. The Configuration Manager console answer is easy, select the devices, right-click and select Change Ownership.  But now the real question(s), how does this work and is this scriptable? This blog post will contain my small journey through the SMSProv.log, WMI, PowerShell and TechNet for an answer. PowerShell part I – Change Ownership After a quick browse through the cmdlet referent on TechNet, I noticed that this should be very easy to achieve via PowerShell. There is a cmdlet available Set-CMDeviceOwnership that does exactly …

Read more

Add Update Content to a Deployment Package via PowerShell in ConfigMgr 2012

by

Last week I read a forum question about downloading updates in a software update group. I thought that I could create an easy example, but it wasn’t all as easy as I thought it would. As there is no cmdlet available that performs this specific action, I went back to WMI. In WMI there is a method AddUpdateContent in the SMS_SoftwareUpdatesPackage that should do the trick. After playing around with it for a while I noticed that this method is not as straight-forward as it looks. The method The main problem I had with this method, was the documentation, or better, the lack of documentation. The SDK only contains a very old example that also doesn’t seem to use the right order for the parameters. …

Read more

Verify local administrators via PowerShell and Compliance Settings in ConfigMgr 2012

by

Everybody probably knows the inventory posts for local administrators by Sherry Kissinger, but what if you want to know the compliance of your devices. What if you “just” want to know if a device is compliant to company defaults for the local administrators. This blog post will provide an answer to that question. It will provide a script, including explanation, that can be used for compliance checks. This blog post won’t go into details about creating the Configuration Item and the additional Configuration Baseline. Script The script that will be the core of this Configuration Item consists of three key parts. Basically, it first finds the members of the local administrators group on the device, then verifies these members and in the end it returns …

Read more