Forum Discussion
Script for SCCM Help please
This link will help you to add a device to a collection during your OS deployment via Task Sequence.
Add a Device to a Collection during a Task Sequence (smsagent.blog)
After you add that step your task sequence, You can add a WMI query for define HP EliteBooks on options tab.
I think that will solve your problem.
I understand you want to Enable Bitlocker for only HP EliteBook models. Is it right?
If your answer is yes please try that method which is below.
Task Sequence -> Add -> Disk -> Enable Bitlocker
Properties Tab -> Configure your settings
Options Tab -> Add Condition -> Query WMI -> SELECT * FROM Win32_ComputerSystem WHERE Model LIKE “%HP Elitebook%” -> OK.
Best Regards
hasanemresatilmis Thank you for your info. The way we have this at the moment is we have device collection group and the device collection setup as we have multiple models. So this is what we have at the moment and we have the device collection group called below and the device collections itself which is the HP elitebook 830 G8 which has a query rule against it.
What I need is when we deploy our standard build and after the OS is deployed we have a task sequence that runs the command wmic csproduct get name and then if it gets the HP elitebook 830 G8 as a name I need this to populate the device variable.
Is this possible?
Thanks
You can use this script for devices which devices in HP EliteBook collection.
#SCCM Installation Path CD 'D:\Program Files\Microsoft Configuration Manager\AdminConsole\bin' #Import Module Import-Module .\ConfigurationManager.psd1 #Enter Site (EHS is my site code) Set-Location EHS: #Getting Devices by Collection Name $Devices = Get-CMCollectionMember -CollectionName "HP Elitebooks" #Add EnableBitlocker Variable and value foreach ($Device in $Devices) { New-CMDeviceVariable -DeviceName $Device.Name -VariableName "EnableBitLocker" -VariableValue "True" -IsMask 0 }hasanemresatilmis Thank you for this script. The only thing I am a little confused is about the bitlocker. What I want to do is build the machines as normal no matter what machine we use without any bitlocker and then all the machines will go into a device collection group called All desktop clients. (Screen shot) But then at the end of the build process i need to run a script that says if this machine is a HP Elitebook machine move this to the HP Elitebook 830 G8 device collection group. Because we already have a collection configured that will encrypt the machines if they are in this device group.
this is the screen shots.
So device collections are as followsSo if i can get a script that will run at the end of a build that will either run the wmic csproduct get name then if this is HP elitebook move to the device collection group called HP elitebook 830 G8. Hope this is possible and appreciate your help on this.
@hasanemresatilmis We also want to manage the recovery keys through SCCM which is now available and not use AD. So I want to keep the standard build as it is but in the task sequence I want it to run a query against the device once the OS has been installed and if it shows the model as a HP elitebook I want to add a variable value to the device variable info tab and then we can create a group that is based on that query to add them and deploy it.