Saturday, September 20, 2014

PowerShell + SCCM - POSH Deploy v1

I wrote an article for the coveted PowerShell Magazine on how to automate query based deployments in ConfigMgr using PowerShell.

If you go through that article you will get a background of this post.

So continuing to that, I present "POSH Deploy v1" which can be used to automate Query Based deployments with Configuration Manager (tested it on CM 2012 only). I had a similar tool built in my previous project for SCCM 2007 but that one had a lot of hard coded values, tried to remove those.

The tool earlier used Winforms and this time I kicked myself to try out WPF with PowerShell. Thanks to StackOverflow and blog posts shared around these topics by awesome community people :)

Personally I feel WPF have made things a bit simpler for me (less code) and extending functionality is a breeze. Not an expert right now on WPF but am getting around it. If you have feedback then it is welcomed ;)

[UPDATE] Shout out to few guys :  James Maggin for testing it out with patience, Harjit Dhaliwal who initially motivated me to do this. Michael Blanik who contacted me through my blog and gave great feedback (updated my Script) and the awesome community which drives this as a whole.

Michael asked me why to go for Query Based Rules instead of Direct Membership ones and I remembered reading this article by Eswar Koneti here.

Below is the Technet Link to the Script:

P.S. - No need to say it but, Please test it thoroughly in Test environment before hitting your PROD ones.

So let's start with the tool UI, it's a very basic UI. The Action button is disabled at start.

Steps to follow :
1. Enter your ConfigMgr Server Name (one with SMS Namespace Provider installed).
2. Then hit "Test SMS Connection"
3. After a successful connection has been established to the ConfigMgr Server, Hit the "Syn Collections List" button. This will dump all your Device Collections list in the User's MyDocuments folder by the name Collection.csv. 

Note - The Collection.csv won't contain the collection names matching the pattern "All*". This was done so that accidentally someone does not play with the Collections like All Systems, All Mobile devices etc.

Once you have completed above steps. You will the collection list being populated. The Action button gets activated after successful test connection.

There are basically two actions which can be performed with this tool:

  • Add Name to Query
  • Remove Name from Query
I tried to explain few things in below video (at the end there was an error thrown for direct membership rule..modified the code and it handles it now):

Time to give a little background on the tool. The tool only works with 

Add Name to Query

If you select "Add Name to Query" checkbox the Action Button text changes to "ADD" and when you input few machine names, select few collections and hit the Action Button.
Behind the scenes a PowerShell function takes the computernames and the selected collections and looks for a QueryMembership Rule by the name "Automated_QueryRule" on the collection (if not found creates one) and then does text manipulation on the Query Expression of the QueryRule. The end result is the Computer Name gets added to the QueryRule.

The important point to note here is that the PowerShell function only touches the QueryMembershipRule with the name "Automated_QueryRule", so all rest of your Rules are safe :)

Remove Name from Query

To perform this action you basically follow the same steps as above.
Select Checkbox "Remove name from Query" (You have to un-select the another checkbox to select this one). Key in computernames , select collections and hit Action button.

The main key difference on how this action works is that it will iterate over each of Query Membership rule for a collection and remove the computer names from it.

A little note on the "Collection Integrity Check" button, sometimes the tool will just crash (fixing that) while a certain operation in progress. So in order to maintain the last good known Query Membership Rule from the PS_Deploy.csv this button can be used.

It will by default select last 3 entries in the CSV and check if the entry in CSV is in sync with the Query on the Collection. If not then it will create/ modify the Query. Use this with caution !! Haven't tested this much.