Monday, February 13, 2017

Software Updates that require multiple reboots

Ever have the problem of a software update installing only to find out that you need the next one and the next one.  By the time you are finished it has required several restarts. This can cause a problem for your users if they are restarting every day or left for the day and another patch restart occurred.





Now available in 1610, you can force the client to rescan and update if necessary.  This is not enabled by default when you upgrade.  You will need to revisit your Software Updates / Servicing Updates deployments and enable this.  Also, you will need to update your ADR so that all future updates will also have this feature installed. 


This is especially critical when a machine needs several office or .Net patches that require restarts before the next update can install.

Tuesday, November 15, 2016

Report to help find collections a machine is in

All we really care about is the Collection ID, Name and the Comment section.  We could add more but this is a quick report to help us find the machine. 


select
 C.CollectionID,
 C.Name,
 C.Comment
from
 dbo.v_Collection C
 join dbo.v_FullCollectionMembership FCM on C.CollectionID = FCM.CollectionID
Where
 FCM.Name = @PC


When the report runs you will simply type in the machine name and click Run Report.

Tuesday, October 25, 2016

Auto Approve Cross Forest Machines

Are you working with machines from another forest that you need to approve in SCCM?


As a good security practice you should only Auto Approve machines in your own domain.
If you are merging or pulling in other machines you don't want to manually approve the machines.  Here is a simple process:


Create a powershell  to approve machines in a given collection
Import-Module 'C:\Program Files\Microsoft Configuration Manager\AdminConsole\bin\ConfigurationManager.psd1'


cd PR1:


Get-CMDevice -CollectionID "PR1299F3" |select name |ForEach-Object {Approve-CMDevice -DeviceName $_.name }




Next create a collection for all these machines to come into. Let's assume the machines coming in were in a Workgroup or Domain call ABC:



select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System inner join SMS_CM_RES_COLL_SMS00001 on   SMS_CM_RES_COLL_SMS00001.ResourceId = SMS_R_System.ResourceId   where SMS_CM_RES_COLL_SMS00001.IsApproved= '0' and SMS_R_System.ResourceDomainORWorkgroup = "ABC"




All we are doing here is creating a collection of the machines we want to approve and then running the PowerShell to approve them.


This allows you to approve those special machines as the enter the infrastructure without Admins having to manually approve them.