Forum Widgets
Latest Discussions
SCCM Deployments Powershell script
Hi All, I am trying to create a PowerShell script to automate the following manual process: Connect to the SCCM server and open the SCCM tool. Navigate to Monitoring > Overview > Deployments. Select a deployment to see the total asset count below the "View Status" line. Click on View Status, where you can see deployment status categories (e.g., compliant, in progress, error) and asset-level details. Copy this data and paste it into an Excel file. What I Have Done: I used the Get-CMDeployment cmdlet to fetch deployments, which returns the DeploymentID in GUID format (e.g., {7D923F7A-FC04-41F1-ABBA-AF7FEB7C527F}). However, the Get-CMDeploymentStatus cmdlet requires the DeploymentID in a different format (e.g., ABC000035) and does not accept GUIDs. The Get-CMDeploymentStatus cmdlet only maps to certain deployments and is not returning data for all deployments retrieved by Get-CMDeployment. Current Challenge: I need to fetch deployment details using Get-CMDeployment and pass these to Get-CMDeploymentStatus to get deployment status summaries. To fetch asset details, I need to use Get-CMDeploymentStatusDetails, which requires the InputObject parameter. This input object must come from the output of the Get-CMDeploymentStatus cmdlet. Assistance Needed: I need help resolving the issue where Get-CMDeploymentStatus does not accept the GUID format DeploymentID and returns no data for some deployments. Additionally, I want to ensure the workflow properly chains Get-CMDeployment, Get-CMDeploymentStatus, and Get-CMDeploymentStatusDetails to fetch deployment, status, and asset details effectively.Lakshmi21Jan 20, 2025Copper Contributor38Views0likes2CommentsUpdate from 2211 to 2403
Hi, we are facing an update from ConfigMgr 2211 to 2403. This Server was not updated for multiple years. For device mgmt we use Intune, working pretty good. But now we want to update the Configmgr server to the latest version. All workloads are set to Intune. Is there anything what i have to take care when i do the update to 2403? i want to avoid any problems with intune.BEWAJan 20, 2025Copper Contributor24Views0likes1Comment- Lakshmi21Jan 16, 2025Copper Contributor18Views0likes1Comment
Client HTTPS access failure with MP
Hi, I have an environment of about 3,000 machines. It seems that random machines stop communicating with the MP and no longer show a PKI cert in the Control Panel > Config. Mgr. I have checked certificates, boundary groups, and network access. Other clients in the same subnet seem to have no issue. Additionally, if I reimage the machine, it re-registers/communicates without issue. I find machines that worked just a couple of months ago are now unable to communicate and show up as client-less in the console. I have searched the Internet for a resolution to this. Nothing I have found has worked. I have seen solutions involving BITS, WMI repository/permissions, uninstall/reinstall client, probably a few others. Most clients in my environment have no issue communicating. Nothing has been changed on the site server. To start, I have checked the logs on the clients and I see error messages at C:\windows\ccm\logs\CcmMessaging.log. All of the clients that cannot communicate have the following errors: Access check failed against user "computer$" ... file ="ComObjectSecurity.cpp" Failed in WinHttpSendRequest API, ErrorCode = 0x5 [CCMHTTP] ERROR: URL=https://server.org/ccm_system_windowsauth/request, Port=443, Options=1472, Code=5 [CCMHTTP] ERROR INFO: StatusCode=<unknown> StatusText=]LOG] [LOG[Successfully queued event on HTTP/HTTPS failure for server Post to https://server.org/ccm_system_windowsauth/request failed with 0x87d00231 I am hoping someone here can help me investigate this further and resolve this. I am happy to clarify or provide further information. Thank you.vxtxtJan 13, 2025Copper Contributor20Views0likes1CommentFailed to create object ID in Intune for new onboarded device.
We are deploying Defender for Cloud with XDR onboarding. We are implementing Defender policy with Intune enforcement setting, everything is working for 98% of devices as well. But, for some devices like Arc enabled machines, after going through each step and Microsoft troubleshooting documentation. Some devices are not able to create the synthetic object in Intune to receive Defender XDR policies. No solution is provided in the documentation or in MDEclient parser. In the onboarding workflow, the synthetic object is normally created to apply the policy via Intune. But, when a device fails this process, we have no solution even after re-onboarding.SolvedEtienneFisetDec 18, 2024Brass Contributor44Views0likes4CommentsAll DDR Properties should be available to view on Column select
Every property you see in the DDR, should be available to view as a column...IMO. For example, the Creation Date (UTC) property in the DDR is not available to be shown as a column. There are others but let's start with this on. There are so many other column choices that are far less important then date stamps. Agree? Disagree?HawkManDec 02, 2024Copper Contributor36Views0likes3Comments- qarssifiDec 02, 2024Copper Contributor78Views0likes3Comments
SCCM : Windows 11 inplace upgrade failing
Some of my Devices are with the UI language of en-GB, and some are with en-US. All are windows 10 enterprise. When I try to do an in-place upgrade (for win 11 enterprise - en-US). the devices with en-GB devices are failing. I would like to replace all the devices with en-US? can we do it via SCCM and with the same task sequence? and with the Windows 11 upgrade or do we need to do a fresh installation for those en-gb devices ?GayanKularatneDec 02, 2024Copper Contributor50Views0likes1CommentNeed to know if CM site server account supports UTF-8, longer byte limits, and more
We are using MECM/SCCM with two domains - my primary domain I run, and a customer domain that has a management point VM set up in it. That Management Point is connecting back to my main domain via a service account. The admins of the customer domain are moving to a new HR product, Workday, and wish to know the following as part of their migration. Can your service, CM, consume display name as UTF8? Can CM consume display name with a 1,024 byte limit? Could CM consume a custom attribute for name data (instead of display name)? Can CM use SAML, OIDC (OpenID Connect), or Azure for authentication or provisioning? I have examined the SCCM prerequisites and cannot find specific details on this. Is there any way I can find out the answers to this? I am assuming the answer is no for all of this - but in the interest of being thorough for the other domain's admins, I want to at least ask and confirm.SolvedOnPremBeatsCloudNov 25, 2024Copper Contributor225Views0likes1CommentWindows Imaging and Configuration Designer and Assigned Access xml Bug
Hello everybody. So, my goal is to get this bug in front of the eyes that need to see it in order for the issue to get resolved, so if this is not the place to do that (it was the only place that I could find that seemed even remotely possible) then let me know where to move this post to so that the issue can be resolved. Now that that is out of the way, the issue that I want to report involves Assigned Access configuration file. As you may know, the "&" character cannot be present in an xml element attribute value, as it is a special character, and must be replaced with the escape string "&" instead. If there are any "&" characters in your assigned access configuration file, Windows Imaging and Configuration Designer will not allow you to compile the package. So, consider the Assigned Access Configuration file that I created with all of the "&" characters replaced with the appropriate "&" escape: <?xml version="1.0" encoding="utf-8" ?> <AssignedAccessConfiguration xmlns="http://schemas.microsoft.com/AssignedAccess/2017/config" xmlns:rs5="http://schemas.microsoft.com/AssignedAccess/201810/config" > <Profiles> <Profile Id="{aed4127d-7fe0-435f-bdda-e384815099ec}"> <AllAppsList> <AllowedApps> <App DesktopAppPath="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" /> <App DesktopAppPath="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" /> <App DesktopAppPath="C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe" /> <App DesktopAppPath="C:\Program Files (x86)\Google\Update\GoogleUpdate\GoogleUpdate.exe" /> <App DesktopAppPath="C:\Tableau\Store Okta Login.exe" /> <App DesktopAppPath="C:\Tableau\Manager Okta Login.exe" /> <App DesktopAppPath="C:\Windows\explorer.exe" /> <App DesktopAppPath="C:\Windows\Splwow64.exe" /> <App DesktopAppPath="C:\Program Files (x86)\Brother\ScannerUtility\BrScUtil.exe" /> <App DesktopAppPath="C:\Program Files (x86)\Brother\HttpToUsbBridge\HttpToUsbBridge.exe" /> <App DesktopAppPath="C:\Program Files (x86)\Brother\iPrint&Scan\BrotheriPrint&Scan.exe" /> <App DesktopAppPath="C:\Program Files (x86)\Brother\iPrint&Scan\BrScanKeyEventMgr.exe" /> <App DesktopAppPath="C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe" /> <App DesktopAppPath="C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe" /> <App DesktopAppPath="C:\Windows\twain_32\Brimm22a\Common\TwDsUi.exe" /> <App DesktopAppPath="C:\Windows\twain_32\Brimm22a\Common\TwDsUiLauncher.exe" /> </AllowedApps> </AllAppsList> <rs5:FileExplorerNamespaceRestrictions> <rs5:AllowedNamespace Name="Downloads"/> </rs5:FileExplorerNamespaceRestrictions> <StartLayout> <![CDATA[<LayoutModificationTemplate xmlns:defaultlayout="http://schemas.microsoft.com/Start/2014/FullDefaultLayout" xmlns:start="http://schemas.microsoft.com/Start/2014/StartLayout" Version="1" xmlns="http://schemas.microsoft.com/Start/2014/LayoutModification"> <LayoutOptions StartTileGroupCellWidth="6" /> <DefaultLayoutOverride> <StartLayoutCollection> <defaultlayout:StartLayout GroupCellWidth="6"> <start:Group Name="Apps"> <start:DesktopApplicationTile Size="2x2" Column="0" Row="0" DesktopApplicationLinkPath="%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Manager Okta Login.lnk" /> <start:DesktopApplicationTile Size="2x2" Column="0" Row="2" DesktopApplicationLinkPath="%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Learning Hub.lnk" /> <start:DesktopApplicationTile Size="2x2" Column="2" Row="0" DesktopApplicationLinkPath="%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\My Documents.lnk" /> <start:DesktopApplicationTile Size="2x2" Column="2" Row="2" DesktopApplicationLinkPath="%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Altametrics Schedules.lnk" /> <start:DesktopApplicationTile Size="2x2" Column="4" Row="0" DesktopApplicationLinkPath="%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Brother iPrintScan.lnk" /> </start:Group> </defaultlayout:StartLayout> </StartLayoutCollection> </DefaultLayoutOverride> </LayoutModificationTemplate> ]]> </StartLayout> <Taskbar ShowTaskbar="true" /> </Profile> </Profiles> <Configs> <Config> <AutoLogonAccount rs5:DisplayName="Manager Workstation"/> <DefaultProfile Id="{aed4127d-7fe0-435f-bdda-e384815099ec}"/> </Config> </Configs> </AssignedAccessConfiguration> I apologize for formatting the contents of the file as a code block, but when I tried placing the text in a code sample, it would automatically substitute the "&" for an "&" character. In any event, importing the above assigned access configuration file in Windows Imaging and Configuration Designer does not produce an error, and allows for the application to compile the ppkg file, but when this ppkg is applied to a system during deployment, it results in an endless boot loop after the system restarts. It would seem that the provisioning package that Windows Image and Configuration Designer creates results (at least in my case) a boot loop on the target system if the assigned access xml that is imported contains any element attributes that contain an "&" character. And I am not the only person who has run into this problem either. While investigating this issue, I found the below thread detailing the exact same issue: https://www.reddit.com/r/Intune/comments/1enlwwe/assigned_access_xml_with_ampersand_usage_fails_to/whiggsNov 25, 2024Copper Contributor45Views0likes0Comments
Resources
Tags
- cm current branch244 Topics
- software update management104 Topics
- General92 Topics
- Operating System Deployment85 Topics
- App Management62 Topics
- Site Setup and client deployment61 Topics
- SCCM38 Topics
- cloud-attached management37 Topics
- CM 201237 Topics
- Security and Compliance25 Topics