Querying SCCM for Collection rules by Powershell

Similar Messages

• How to query a Collection for Collection rules (Powershell only)

  I have :
   $Collection = gwmi -computer MyServer -namespace "root\sms\Site_XXX" -class "SMS_Collection"
   $MyCollection = $collection | where { $_.Name -eq "TEST" }
  $MyCollection have a property named CollectionRules
  I could'nt manage to read this property,
  nor $MyCollection.CollectionRules
  nor  $MyCollection.CollectionRules | % { $_ }
  is Working.
  Any help on this ?

  Hi, 
  the above code works, but if you have a large environment then it may take a long time to run as you are querying for every collection before looking for the 'TEST' collection.
  The following code only looks (filters) for the specific collection so should execute much faster.
  $Collection = gwmi -computer MyServer -namespace "root\sms\Site_XXX" -class "SMS_Collection" -filter "Name='TEST'"
  $Collection.Get()
  $Collection.CollectionRules | % { $_ }
  Another method of doing the same would be this:
  $Collection = Get-WMIObject -computer MyServer -namespace "root\sms\Site_XXX" -query "Select * FROM SMS_Collection WHERE Name = 'TEST'"
  $Collection.Get()
  $Collection.CollectionRules | % { $_ }
  Hope you or someone else may find this useful :)

• Query Logic for Collections

  Is it possible to create a collection query that will filter on the active directory computer description? We use a 3 letter code in the computer descript of each AD computer object and I need to create a query based on a particular 3-letter code.    
  Now I can do this with PowerShell and then manually enter it into a Static collection but I wanted a dynamic query. 
  mqh7

  I added the following under AD system discovery.  adminDescription, adminDisplayName, givenName.  Those are the only ones that seemed to make sense.  I already had displayName.
  I forced it to sync.  I start up SQL and under sms_r_system I don't see the new fields I added.     What do I add and once added where do I see them in SQL? 
  mqh7

• Creating a query in a collection - SCCM 2012

  Hi Everyone,
  I've got a weird issue and was hoping you techies could shed a light.
  I'm trying to create a script that makes a query into a collection with input from a CSV file. (this is a part of a bigger script, but this is what I'm having trouble with at the moment).
  #Import CSV
  $source = Import-Csv -Path C:\temp\source.csv -Delimiter ","
  foreach ($row in $source) {
  #Variables
  $ApplicationName = $row.ApplicationName
  $Customer = $row.Customer
  $ApplicationDL = $row.ApplicationDL
  $QueryPath = "$Customer\$ApplicationDL"
  $ApplicationDescription = $row.ApplicationDescription
  #Creates a Query Rule in the Collection
  Add-CMDeviceCollectionQueryMembershipRule -CollectionName $ApplicationName -QueryExpression "select * from SMS_R_System where SMS_R_System.SystemGroupName = '$QueryPath'" -RuleName $ApplicationName
  This is a multi-tenant environment so each customer has their own child domain. For example lets say that my root domain is contoso.com and my childdomain is test (and thus test.contoso.com).
  That is why I've created $QueryPath, which results in: test\groupname (The same as when I do it manually) 
  However the problem is when I execute this script it simply does not create the query.
  I don't get an error or what so ever.
  When I change $QueryPath to $ApplicationDL (resulting in just 'groupname' without the domain prefix) it actually does create the query but at that point it is not functional because it needs the domain prefix of the child-domain.
  Any help is much appreciated.
  Thanks in advance :)

  Sorry - chnage this line:
  $QueryPath='{}\{}'
  -f $row.Customer,$row.ApplicationDL
  To this:
  $QueryPath='{0}\{1}'
  -f $row.Customer,$row.ApplicationDL
  ¯\_(ツ)_/¯

• Direct Rule - Add Collection Rule fails - SCCM Integration

  I am trying to use Add Collection Rule and add a computer to a collection using Direct Rule. It fails with the following error:-
  "Failed to add rule '"Comp1.dev.com"' to collection 'Test SCCM deployment'". Configuration Manager reported an error 'ConfigMgr Error Object:
  instance of SMS_ExtendedStatus
      Description = "Failed to parse WQL string SELECT * FROM SMS_R_System WHERE NetbiosName = \"\"Comp1.dev.com\"\"";
      ErrorCode = 1078464256;
      File = "e:\\nts_sccm_release\\sms\\siteserver\\sdk_provider\\smsprov\\sspobjectquery.cpp";
      Line = 1782;
      ObjectInfo = "SELECT * FROM SMS_R_System WHERE NetbiosName = \"\"Comp1.dev.com\"\"";
      Operation = "ExecQuery";
      ParameterInfo = "SELECT * FROM SMS_R_System WHERE NetbiosName = \"\"Comp1.dev.com\"\"";
      ProviderName = "WinMgmt";
      StatusCode = 2147749889;
  '. Details: The SMS Provider reported an error.
  But I am using Collection Value Type as Name and Resource Definition Value Type as "Resource Names". If I use Resource ID instead and add the computer resource ID - it works. The FQDN does not work.
  I have added quotes "comp1.dev.com" . the screenshot below is older.
  Regards, Vik Singh "If this thread answered your question, please click on "Mark as Answer"

  It does not matter what I name the rule. Only success is using the ResourceID, but then I will to write a powershell command to get the resource id.
  The Rule Definition has to be in quotes, else it says it is invalid. I have tried all combos and this does not work.
  Maybe someone else who has the IP can check.
  Regards, Vik Singh "If this thread answered your question, please click on "Mark as Answer"

• Collection Membership Rules - Query returns object, Collection shows no members..?

  Hi All, 
  I'm hoping i have just made a simple error / change and not noticed, however at the moment and not for all Collections, i am having issues with Membership.
  Problem:
  Adding a Computer Object into an AD Group and using a Membership Query (Of the AD Group) to add members to a collection will not work.
  Info:
  I have added a PC to an AD Group "MS Office 2010", forced AD Group Discovery, made a Query and run it to test (Works, shows the member) and added the query to the Membership Rules Tab (Add Rule > Query Rule > Import Query)
  If i then "Update Membership" and/or refresh the collection membership it still does not appear, thus not receiving the software i have advertised to it.
  Any assistance would be greatly appreciated.
  Brandon

  Since this is CM07, it will take a while for new groups to be populated. If I remember right you MUST do the following in the following order.
  Create the group and add members
  Wait for AD replication to happened
  Reboot the computers
  Force AD group discovery to happen
  Force Heartbeat discovery to happen
  Create/ force the collection membership to up
  Run the machine policies
  If you use direct membership rule of the security Group:
  Create the group and add members
  Wait for AD replication to happened
  Force AD group discovery to happen
  Create/ force the collection membership to up
  Reboot the computers (anytime after step 2)
  Machine policies should run automatically
  BTW, in CM12 this process has change and it now take ~2 minutes an applciaiton to show on on the computer.
  Create the group and add members
  Wait for AD replication to happened
  Force AD group discovery to happen
  Create/ force the collection membership to up
  Run the machine policies
  Garth Jones | My blogs: Enhansoft and
  Old Blog site | Twitter:
  @GarthMJ

• Creating a new CI for each rule in a current CI using PowerShell

  I have a client investigating DCM and for reporting reasons they'd like EACH RULE in a CI to be it's own CI (so it's stored server side and they can report on it). They've imported the Windows 7 baseline recommended by MS and now would like to
  extract each rule and make a new CI based on it.
  So I'm digging around in the rules through PowerShell and I can get them out but they don't seem complete. Here's how I'm getting them:
  $CI = Get-CMConfigurationItem -Id 65210
  [XML]$RulesXML = $CI.SDMPackageXML
  $Rules = $RulesXML.DesiredConfigurationDigest.OperatingSystem.Rules
  This particular rule is a sample one I set up that requires the existence of C:\IT\test.txt. But I don't see the actual text of that rule anywhere in the XML:
  <Rules>
  <Rule xmlns="http://schemas.microsoft.com/SystemsCenterConfigurationManager/2009/06/14/Rules" id="Rule_e0beb149-7459-417f-9ae6-70cbc7f588b1" Severity="None" NonCompliantWhenSettingIsNotFound="false">
  <Annotation>
  <DisplayName Text="TEST - Test File" ResourceId="ID-b11826e5-b3e0-4444-ac2b-b6156ac8f5cc" />
  <Description Text="C:\IT\Test.txt must be present" ResourceId="ID-3dc17d90-e06f-46e1-9504-ec24c843dffb" />
  </Annotation>
  <Expression>
  <Operator>NotEquals</Operator>
  <Operands>
  <SettingReference AuthoringScopeId="ScopeId_811CF9C7-F08C-4528-8C02-E20811B33FD5" LogicalName="OperatingSystem_5c61496b-b4dc-4ca9-a3f7-30c3aec8e2a4" Version="1" DataType="Int64" SettingLogicalName="File_cccd7dc7-e590-494c-b166-6d4aea7abc57" SettingSourceType="File" Method="Count" Changeable="false" />
  <ConstantValue Value="0" DataType="Int64" />
  </Operands>
  </Expression>
  </Rule>
  </Rules>
  I see some GUID references so is the actual rule kept elsewhere in the DB? Or am I just barking up the wrong tree?
  Thanks.
  Keith

  Hi Keith,
  <<This particular rule is a sample one I set up that requires the existence of C:\IT\test.txt. But I don't see the actual text of that rule anywhere in the XML:>>
    In your XML, if you see these lines:  
  <Expression>
  <Operator>NotEquals</Operator>
  <Operands>
  <SettingReference AuthoringScopeId="ScopeId_811CF9C7-F08C-4528-8C02-E20811B33FD5" LogicalName="OperatingSystem_5c61496b-b4dc-4ca9-a3f7-30c3aec8e2a4" Version="1" DataType="Int64" SettingLogicalName="File_cccd7dc7-e590-494c-b166-6d4aea7abc57" SettingSourceType="File" Method="Count" Changeable="false" />
  <ConstantValue Value="0" DataType="Int64" />
  </Operands>
  </Expression>
       It has setting reference with GUID with Method="Count" means this is existential rule referenced to setting blah blah... (If method="Value" means that it has value rule defined) and for existential rule,
  XML has "NotEquals" operator and value is "0" which means that if file not equals to zero means file exist (compliant).
  Hope this helps.
  This posting is provided "AS IS", provides no warranties, and confers no rights. -Praveen S.

• Need to generate a report for Event collection rules created in SCOM

  Hi All,
  Can any one let me know where can i get a report of the Event based collection rules created in SCOM (For default and custom made).
  I used the below report but it gives the collection rules which are performance counter based not event collection based.
  Reporting -> Microsoft Generic report library ->Performance detail (Gives performance based Collection rule but not event based). Can any one help.
  Gautam.75801

  what is your objects setting?
  Suppose, I want to display the Windows Restart Event which is collected by "collection rule for windows Restarted Events" . from the Rules pane in Authoring workpsace, "collection rule for windows Restarted Events" is target on windows
  Server Operating system. As a result, my "custom event" report setting as
  1) Objects: objects instance of windows Operating system
  2) rules filter by rules name contains "windows Restarted Events"
  Roger

• OSD: SCCM 2012 collection which should exclude Windows 7 clients (query not working fine)

  Hi,
  We have an SCCM 2012 collection to which we deploy Windows 7.
  Vista clients get a SCCM 2012 client in SCCM 2007 and once they have it, they get a Windows 7 deployment.
  The group is populated by an AD query and that works fine. However, when we try to exclude Windows 7 machines (query = not Windows NT ... 6.1) the query does not return any result.
  Please advise.
  J.
  Jan Hoedt

  Please check your query. It should be like the following.
  select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System inner join SMS_G_System_OPERATING_SYSTEM on SMS_G_System_OPERATING_SYSTEM.ResourceId = SMS_R_System.ResourceId where SMS_G_System_OPERATING_SYSTEM.Version != "6.1.7601"
  Juke Chou
  TechNet Community Support

• Query for collection "Quick Fix Engineering"

  Hi!
  I try to create query for collection,to find all workstation with install specific KB, from "Quick Fix Engineering".
  Added by this sample:
  http://myitforum.com/myitforumwp/2011/10/04/non-security-hotfix-detection-for-windows-7-2008/
  Maybe you can help? Can not find an example :(
  cenubit

  That's made a lot simpler in ConfigMgr 2012, as it can now simply be selected as an extra class in the
  Hardware Inventory of your client settings.
  Simply go in to your client settings, go to Hardware Inventory
  and click Set Classes. Here you can select the Quick Fix Engineering class to be part of your inventory.
  After an inventory you will be able to create your collection. Do keep in mind that this will also capture a lot of information that you will probably never use.
  My Blog: http://www.petervanderwoude.nl/
  Follow me on twitter: pvanderwoude

• SCCM2012: Can you create a Query-based "User Collection" using an IP Subnet (or IP Address range) in the Query?

  The topic says it all (I hope).  I am new to 2012 and I have tried to accomplish this feat all day, which includes researching online, but I have had zero success in finding anything helpful.
  Obviously I can create "Device Collections" based on the IP Subnets, and I can do a "Direct Rule" in "User Collections" for the desired IP Subnet, but I do not want to do this because I need the results to update if/when
  any changes occur during a "scheduled/incremental update".
  The only thing I could find for the "User Collections" was this:
  select *  from  SMS_R_User where SMS_R_User.FullUserName = SMS_R_User.UserName and SMS_R_System.IPAddresses like "111.11.1%"
  EXAMPLE (Query for Devices):
  select *  from  SMS_R_System where SMS_R_System.IPAddresses like "111.11.1%"
  Is there a way to Query SCCM (2012) and display the Usernames of computers that login to the (sole) Domain through a specified (or desired) IP Subnet?

  Why do you want to install software by location for a user? Why do you care?
  Why would you want to create a collected of Users with software installed? PCs have the SW install not users so how would you use it?
  Garth Jones | My blogs: Enhansoft and
  Old Blog site | Twitter:
  @GarthMJ
  I was asked to setup these (Device and User Collections) in this manner so we can limit future distributions/deployments of Applications (and/or Packages) and (OS) Images by these groupings.  Apparently there will be occasions where deployments will need
  to be segmented as such because the company wants to have them grouped in this manner.  If there is a better option available than this, which I would not doubt since I am new to SCCM 2012, then I would appreciate the information.
  IMO, you need to go back to the person asking and get and better understand of exactly what they want and more importantly why.  Making a collection, just in case doesn't make sense.
  Garth Jones | My blogs: Enhansoft and
  Old Blog site | Twitter:
  @GarthMJ

• Generic CSV log collection Rule not pulling all records

  Hi,
  I created a Generic csv log collection rule with details as follows:
  Target: Windows Computer
  Directory: D:\async
  Pattern: Async*.csv
  Seperator: ,
  Expression: Params/Param[1]-matches wildcard- *
  Problem is the Csv file has around 50000 records whereas in the eventview of that rule it only shows 16853 records. I also tried with following SQL query but same results.
  select * from event.vEvent
  where EventNumber=0
  (Since this is the only csv rule I've created & I dont have any records with event 0 hence using eventnumber 0)
  I've verified first column of csv file (i.e Param[1]) doesn't contains blank records. Tried deleting & recreating Rules + CSV files but no luck.
  Please help. 

  Hi,
  As we can see all csv files that start with "Async" under D:\async foler will be collected.
  How many this kind of file exist under the directory?
  Would you please creat another simple Async.csv file and remove the original file to another folderto do a test.
  In addition, also hope the below article can be helpful:
  Monitoring Text and CSV log files in System Center Operations Manager
  http://support.microsoft.com/kb/2691973
  Regards,
  Yan Li
  Regards, Yan Li

• A question about Logical Disk Performace collection Rules and how the Data is displayed in a Report view

  Hello
  I am currently on SCOM 2007 R2 CU6 and Window Server Operating System MP version 6.0.6989.0 (I cannot use the latest version of the MP as we still have some Windows 2000 Servers we need to support, yes I know :( )
  Any way the issue is, I have never found the Logical Disk performance counter data very reliable from SCOM.
  For example, I have a Windows 2008 R2 Server and when looking at a local Logical Disk (which holds an SQL temp DB on a busy SQL Server) and look at the performance counter
  The SCOM collection rule is called "Collection Rule for Average Disk Seconds per Transfer"
  The actual Windows Perfmon counter is called "Avg. Disk Bytes/Transfer"
  if you look at the description of the above Perfmon counter it is described as 
  "Avg. Disk Bytes/Transfer is the average number of bytes transferred to or from the disk during write or read operations."
  The problem I have is as follows:
  The resulting SCOM performance chart over several days (which has a scale ox 1x) states the value never reach 3 (e.g. maximum wa s 2.7 say). I cannot believe the a drive holding the tempDB databases for a busy SQL Server does not transfer more then 2.7 "bytes"
  of data at a given to to its tempDB databases!
  Indeed when I look at Permon on the Server and looks at this counter over say 20 minutes or so, the figure is often in the 10,000 or 30,000 bytes etc. It does fall back to 0 (zero) momentarily but mostly it is in the 1000s, or 10,000s etc.
  Therefore when my boss says show me the "Avg. Disk Bytes/Transfer" and SCOM says it has not exceeded 2.7 over the last business week (i.e. the chart never peak above this value on the chart with scale 1x) he naturally does not believe it!!
  Any advice please regarding the above. Is it the fact if the counter ever falls to zero it messes up the SCOM report charts?
  Thanks
  AAnotherUser
  AAnotherUser__

  Create your own collection rule, to mirror the sample times, and what not.  Look at the data from your rule vs the mp default rule.  It probably has to do with the chart scale imho.
  Regards, Blake Email: mengotto<at>hotmail.com Blog: http://discussitnow.wordpress.com/ If my response was helpful, please mark it as so, if it answered your question, then please also mark it accordingly. Thank you.

• How to set security group as primary site collection admin and secondary site collection admin using powershell in sharepoint online site - office 365?

  How to set security group as primary site collection admin and secondary site collection admin using powershell in sharepoint online site - office 365?

  Hi,
  According to your description, my understanding is that you want to set security group as admin of primary and secondary site collection using PowerShell command in office 365.
  I suggest you can use the command below to set the group to site owner, then it will have the site collection admin permission.
  Set-SPOSite -Identity https://contoso.sharepoint.com/sites/site1 -Owner [email protected] -NoWait
  Here are some detailed articles for your reference:
  https://technet.microsoft.com/en-us/library/fp161394(v=office.15)
  http://blogs.realdolmen.com/experts/2013/08/16/managing-sharepoint-online-with-powershell/
  Thanks
  Best Regards
  Jerry Guo
  TechNet Community Support

• Multiple "FromAddressContainsWords" Conditions in One Rule via PowerShell?

  My organization recently moved to Exchange Online and I am looking at trying to convert the old mail rules from our old system (Sieve rules from Zimbra) to something that will work in Exchange Online.  My plan is to massage the Sieve output into New-InboxRule
  statements.  The massaging part is the easy part.  What I'm having difficult with is using PowerShell to recreate a rule that should have multiple -FromAddressContainsWords parameters.  Here's what I started off with:
  New-InboxRule -Name "Annoyances" -FromAddressContainsWords roxioemail.com -FromAddressContainsWords "Covalent Technologies" -FromAddressContainsWords process.con -FromAddressContainsWords [email protected] -DeleteMessage $true -StopProcessingRules -Mailbox George.Lenzer
  This didn't work as the -FromAddressContainsWords option can only be used once.  The error also suggested trying to do an array if the parameter would accept one.  I don't know, because that isn't documented anywhere.  The only thing mentioned
  in the help is that it will take a "MultivaluedProperty" which I assume means some sort of string or array that has multiple values in it.
  I then tried this:
  New-InboxRule -Name "Junk Mail" -FromAddressContainsWords {roxioemail.com; Covalent Technologies; process.com; [email protected]} -DeleteMessage $true -StopProcessingRules $true -Mailbox George.Lenzer
  While this worked, when I went into OWA to look at the rule and check the list of words, instead of each word on it's own line, had a single entry containing everything between { and }.  This doesn't look right, and I don't expect it would do what I
  want.  So how does one go about creating an Inbox rule from PowerShell that needs to check multiple conditions, some of the identical type?  It can be done from the GUI, so there must be a way to do it from PowerShell.  Any suggestions?

  Hi George.  Thanks for posting in the forums.  Looking at both of your code snippets, I can see where the problem is.  MultivaluedProperties in PowerShell are exactly as you describe: a set of properties presented as a single argument to a
  parameter.  The mistake you made was attempting to use the semicolon to separate the items in your multivalued property and then trying to present them as a single string.  This is why you get the whole blob of text between the squiggly braces.
  Before I give you the solution, let me say that what you want is to pass an array to -FromAddressContainsWords.  In PowerShell. the comma along with multiple quoted strings is what defines an array.  See here for a better explanation than I can
  give:
   http://theessentialexchange.com/blogs/michael/archive/2008/02/08/Multivalued-Parameters-.aspx
  With that said, here's the solution to your issue:
  New-InboxRule -Name "Junk Mail" -FromAddressContainsWords ("roxioemail.com", "Covalent Technologies", "process.com", "[email protected]") -DeleteMessage $true -StopProcessingRules
  $true -Mailbox George.Lenzer
  Hope this helps!