CM SQL Query extracting SDMPackageDigest info
For some objects in the console, the metadata for that object is within an xml-formatted object, saved as a single field in SQL. As XML, that makes it a bit more difficult to tease out what you might want to see, in a SQL query or SQL Report.
One of those objects you might be interested in would b…
EntraID MSGraph Powershell Set or Query Device extensionAttributes
I was recently tasked with using the EntraID SDK (think get-mgDevice and update-MgDevice) to query, clear, or update any one of the 15 extensionAttributes which are available for Azure / EntraID devices.
Devices. Not users. There were lots of examples out there on setting attributes for users in…
CM SQL Query for is LedBat Enabled on the Site Role Servers
I had the occasion to want to check the DP and SUP configurations for whether or not LEDBat was enabled for those roles, and yes... I absolutely could go look in the console, go to every server with a dp or sup role, right-click, and look. But... being me, I knew that information had to be in SQL…
CM Display OS Marketing version in SQL reports
Have you ever noticed that by default, the devices (Windows 10, 11, Servers) don't report up their 'marketing name' in standard inventory? Like 22H2, or 21H2? Ever find that annoying? Sure, you can extend inventory to pull in the regkey of SOFTWARE\Microsoft\Windows NT\CurrentVersion\DisplayVersi…
CM Icons for Applications, Packages, and Task Sequences
An important, but often neglected, feature of Software Center is to associate icons with the visible deployments in Software Center. You can add a visible icon to your Available things in Software Center: Applications, Packages(Advertisements), and Task Sequences (Advertisements... or OSD deploym…
CM Scheduled Maintenance Tasks Info
Because of this reddit post, Maintenance Task does not finish, I got inspired to look closer at maintenance tasks. There is already a view for seeing what your tasks are set to, and how long they have taken to run the last time they ran.
There is also a very helpful instructions here, How site ma…
CM Inventory per-user browser extensions
At my company, there was recently a need to verify a custom vendor browser extension, specifically for Edge. I found several methods for gathering Chrome extensions (including a clumsy attempt by myself several years ago), but then stumbled across this method, which could be modified to run as a C…
CM Inventory per-user installed applications
There are several examples of 'how to inventory' per-user installed applications and version, like Teams, or OneDrive, etc. This is another one, from Benjamin Reynolds, and I've tested it a few times to make sure it worked like I thought it would.
Overall, the steps are.. 1) deploy the CI inside…
File Inventory via Hardware Inventory
If you are less than pleased with how file inventory functions (badly named 'Software Inventory' in CM), like me, this is possibly something you'd want to test in your lab (you have a lab, right) and see if for those occasional requests we all seem to get for "can't you just inventory a file...", t…
CM Disable Inventory Throttling
Update to this previous blog:
https://tcsmug.org/blogs/sherry-kissinger/287-cm12disableinventorythrottling
That blog entry, from 2013, was written in vbscript. This is updated to be powershell, and to ensure that the local policy override is 'the latest version' so that it does end up…
MECM IIS customHeaders on Management Points post-QID 2011827
If your internal security team require you to harden IIS, specifically in regard to QID 2011827 (a Qualys recommendation), depending upon how your security team requires you to implement QID 2011827 recommendations, you may need to set those "customHeaders" at either the root level of iis (…
MEMCM Inventory Installed Windows Capabilities
It used to be (prior to 1809 Windows 10) that one could inventory the wmi class win32_optionalfeatures and know if RSAT was installed or not. Apparently that is no longer the case; and from what I could discover online, the only supported method is to use the powershell command Get-WindowsCapabilit…
CM All Members of All Local Groups - Powershell
"Back in the Day", --> Here <-- a vbscript was created to allow for ConfigMgr (version 2012 at the time was the version I was using) to be able to custom inventory the members of Local Groups. This was mostly in response to manager-type requests to know "what individuals or groups are inside…
MEMCM IIS Settings you may want for your Management Points and Distribution Points
Over the years we've uncovered various iis settings for our Management Points and Distribution Points, which we've found needed tweaking (for a company our size and complexity). Perhaps none of these settings will be relevant in your environment. If you have some issues with your clients' ability t…
Reporting on Attached Monitor info as available in WMIMonitorID
I thought this information was already blogged by someone else--I certainly know I stole it from someone else years ago. But now I can't find that blog. If this is your work; please accept my apologies for not crediting you correctly.
Reporting on "Attached Monitors" is occasionally something whic…
ConfigMgr Inventory of Powershell Versions
If you happen to be curious about what versions of Powershell are installed/available on your clients, here's one way to pull out the information. Note that the regkey locations for some of this information has changed from version 2 to higher versions, so it's completely possible that a future up…
MEMCM Keep a System Group active without re- Group Discovery
Background for context:
I happen to work at a large company, which has more than 300,000 employees. Using Enterprise Client Management (MEMCM), we often deploy 'free' Software to the majority of users (think something like Adobe Reader, or Google Chrome). This is so that as soon as <new employe…
Application Deployment options for all App Deployments
Have you ever wondered if you could get a report of all your Application Deployments' options? The ones which are in the GUI for things like "User Experience, Show a dialog window instead of a toast", or "Deployment Settings, Send wake-up packets". No? Well, I did. So with the help of my good f…
Windows 10 Inplace Update History Inventory
We were tasked at our company to get some statistics around machines which went through inplace upgrades, vs. machines which were on an 'original image' (or bare metal image, or whatever phrase you would like to give that). With the assistance of --> Gary Blok <-- he suggested using the subk…
ConfigMgr MaxExecutionTime Guesses for Updates
There is a situation which MIGHT happen for you. The default for Cumulative Updates is, I believe 60 minutes now. But many updates are still defaulting to 10 minutes. I don't personally think that default should change, however, occasionally there are large updates (think Microsoft Office update…
Create ConfigMgr Powershell Configuration Items using Powershell
As part of a presentation for the 2019 Midwest Management Summit in Minneapolis, one of the sessions I'm presenting with Jeff Bolduan is Configuration Items. As part of that session, we'll be demoing using a PowerShell Script to create PowerShell-based Configuration Item.
If you want to see ho…
ConfigMgr Truncate History Tables
Thanks very much to Umair Khan, Twitter @TheFrankUK, for the assist! One of the hiccups recently was making sure to exclude "globaldata" type HIST tables, so that DRS replication doesn't want to go into MAINTENANCE_MODE and re-initialize global data.
Have you ever noticed, being the extreme Co…
Inventory Per User Installed Applications, For Example, Click-Once
This routine has only had a limited life in a lab environment with only 3 clients. Use at your own risk, etc. etc. No promises or guarantees, and it might be the Worst Thing Ever. Test, test, and test some more.
What this routine would be for, is a custom powershell script, which tries to read…
Use CM Console scripts node to gather log files from CM Clients
To assist in answering a question in this forum post: https://social.technet.microsoft.com/Forums/en-us/9017aca5-06aa-4a79-a034-a646b19b89fe/collecting-log-files-from-the-client?forum=configmgrcbgeneral
I'm blogging on behalf of Srikant Yadav; he gave me permission to do so. Thanks Srikant!
How…
Politely Schedule restarts of CCMExec Service
Over the years of troubleshooting the SCCM Client, even with the built-in CCMEval task to attempt to watch and remediate client health of the SCCM Client, experience has shown to those of us in the trenches that sometimes, despite everything else, simply restarting the SMS Agent Host (aka, ccmexec…