Hello All, my name is Deepika and I’m a Premier Field Engineer with Microsoft India. I would like to share one of the methods to identify devices which are built via SCCM.
Imagine a scenario where machines are re-imaged\built at different geographical locations by using multiple Task sequences each with different TS steps and with different Operating systems Images referenced in it. To find which machines was built using which OS image will be a tough task unless we have some unique value\setting available to differentiate in these images.
Here is one instance I encountered where an organization had many methods of imaging a machine. A Standard OS Image is used in all these methods which has a hash associated with it and is not allowed to be modified as per their corporate security standards. Now there is a specific ask where the SCCM team wants to keep track or find machines which are built via SCCM going forward.
Plan is to generate Unique GUIDS, apply those while running the task sequences [One Unique GUID for One Task Sequence] and track them using Compliance baselines. Below steps can be followed to do the same.
Use this method to generate GUIDS. : https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/new-guid?view=powers...
[guid]::newguid()
b982f798-20b6-4419-a4fb-779ceab58c66
REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\contosoBuildInfo1 /v UniqueID /t REG_SZ /d "b982f798-20b6-4419-a4fb-779ceab58c66" /f
REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\contosoBuildInfo1 /v date /d "%DATE%" /t REG_EXPAND_SZ /f
REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\contosoBuildInfo1 /v time /d "%TIME%" /t REG_EXPAND_SZ /f
Create a Package and Program: https://docs.microsoft.com/en-us/sccm/osd/deploy-use/manage-task-sequences-to-automate-tasks#process...
Process to edit task sequence: https://docs.microsoft.com/en-us/sccm/osd/deploy-use/manage-task-sequences-to-automate-tasks#process...
Configuration Baseline: ContosoUniquebuild-Baseline
How to Create configuration baselines in System Center Configuration Manager https://docs.microsoft.com/en-us/sccm/compliance/deploy-use/create-configuration-baselines
Monitor compliance settings in System Center Configuration Manager:
https://docs.microsoft.com/en-us/sccm/compliance/deploy-use/monitor-compliance-settings
Please note:
A default report ‘List of Assets by compliance state for a configuration baseline' can be run against the specific baseline to list all the machines which is compliant, meaning these machines were imaged using the image example: ContosoUniquebuild.
Now we have list of machines with a specific image built using SCCM.
Thank you!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.