IT Diary (May 2021) - System Management Recipes

Quick note: OSD fails, MP_Framework.log shows MPDP ERROR

Problem: The task sequence doesn’t start, in the MP_Framework.log you find these entries:

MPDP ERROR – CONNECTION PARAMETERSSQL SERVER NAME
Error Description: The execution permission was denied on the object sp_GetPublicKeyForSMSID, database CM_XYZ

In my case the issue was fixed by configuring the Network Access Account correctly.

Distribution Point Content Summary

Some short notes about the ConfigMgr report Distribution Point Content Summary: On every DP, the scheduled task Content Usage runs daily at midnight. The task launches the tool smsdpusage.exe which parses the IIS log of the previous day to determine the number of machines that connected to the DP and the amount of data that had been downloaded. smsdpusage writes a log from which you see that it sends a state message to the MP after completing. Run select * from v_DPUsageSummary to see the collected information.

Quick note: Find Configuration Manager console version by PowerShell

$FileVer = (Get-Item -Path ((Split-Path -parent $env:SMS_ADMIN_UI_PATH) + '\Microsoft.ConfigurationManagement.exe')).VersionInfo.FileVersion

Add dummy machine entries to ConfigMgr

In test environments, you might want to have more than a handful of machines to create a more realistic look and feel. The script below will simply create dummy machine objects. Mind that a huge number of machines decreases performance.

# ---------------------------------------------------------------
# AddMachinesToCM
# The script will add 50000 machines. It is provided AS-IS with 
# no warrantees and should only be used in test environments. 
# ---------------------------------------------------------------

[CmdletBinding()]
Param
(
[string]
$SiteServer = $env:COMPUTERNAME
)

function Load
{ 
#region Eventhandler
#$handler_OnFormLoad= #Module Loading and Errorchecking
try
{
#MAX Add-Type -AssemblyName System.Windows.Forms
$Script:Location = Get-Location # Save original Location => When the Application closes the original Location will be restored
$siteCode = Get-WmiObject -Namespace root\sms -Class SMS_ProviderLocation -ComputerName $SiteServer -ErrorAction Stop -Filter 'ProviderForLocalSite=1' | Select-Object -ExpandProperty SiteCode

if(-not (Get-Module ConfigurationManager))
{
Import-Module "$($env:SMS_ADMIN_UI_PATH)\..\ConfigurationManager.psd1"
}
Set-Location "$($siteCode):"
$Script:ConfigurationItems = @()
}
catch
{
Write-Host "$($_.Exception.Message)" -ForegroundColor Yellow
#MAX$Form.Close()
} 
}

$i = 2000;

while ($i -lt 50001)
{
if ($i -lt 10)
{
$strMachineName = "FEC0000x"
$strGUID = "ABC245AB-ABCD-989A-8998-ABACxxxxxxxx" 
$strNumber = $i.ToString()
$strMachineName = $strMachineName.Replace('x', $strNumber)
$strMac = "00:A1:" + $strMachineName.Chars(0) + $strMachineName.Chars(1) + ":" + $strMachineName.Chars(2) + $strMachineName.Chars(3) + ":" + $strMachineName.Chars(4) + $strMachineName.Chars(5) + ":" + $strMachineName.Chars(4) + $strMachineName.Chars(7) 
$strGUID = $strGUID.Replace('xxxxxxxx', $strMachineName)
}
if ($i -ge 10 -and $i -lt 100)
{
$strMachineName = "FEC000xx"
$strGUID = "ABC245AB-ABCD-989A-8998-ABACxxxxxxxx"
$strNumber = $i.ToString()
$strMachineName = $strMachineName.Replace('xx', $strNumber)
$strMac = "00:A1:" + $strMachineName.Chars(0) + $strMachineName.Chars(1) + ":" + $strMachineName.Chars(2) + $strMachineName.Chars(3) + ":" + $strMachineName.Chars(4) + $strMachineName.Chars(5) + ":" + $strMachineName.Chars(6) + $strMachineName.Chars(7) 
$strGUID = $strGUID.Replace('xxxxxxxx', $strMachineName)
}
if ($i -ge 100 -and $i -lt 1000)
{
$strMachineName = "FEC00xxx"
$strGUID = "ABC245AB-ABCD-989A-8998-ABACxxxxxxxx"
$strNumber = $i.ToString()
$strMachineName = $strMachineName.Replace('xxx', $strNumber)
$strMac = "00:A1:" + $strMachineName.Chars(0) + $strMachineName.Chars(1) + ":" + $strMachineName.Chars(2) + $strMachineName.Chars(3) + ":" + $strMachineName.Chars(4) + $strMachineName.Chars(5) + ":" + $strMachineName.Chars(6) + $strMachineName.Chars(7) 
$strGUID = $strGUID.Replace('xxxxxxxx', $strMachineName)
}
if ($i -ge 1000 -and $i -lt 10000)
{
$strMachineName = "FEC0xxxx"
$strGUID = "ABC245AB-ABCD-989A-8998-ABACxxxxxxxx"
$strNumber = $i.ToString()
$strMachineName = $strMachineName.Replace('xxxx', $strNumber)
$strMac = "00:A1:" + $strMachineName.Chars(0) + $strMachineName.Chars(1) + ":" + $strMachineName.Chars(2) + $strMachineName.Chars(3) + ":" + $strMachineName.Chars(4) + $strMachineName.Chars(5) + ":" + $strMachineName.Chars(6) + $strMachineName.Chars(7) 
$strGUID = $strGUID.Replace('xxxxxxxx', $strMachineName)
}
if ($i -ge 10000)
{
$strMachineName = "FECxxxxx"
$strGUID = "ABC245AB-ABCD-989A-8998-ABACxxxxxxxx"
$strNumber = $i.ToString()
$strMachineName = $strMachineName.Replace('xxxxx', $strNumber)
$strMac = "00:A1:" + $strMachineName.Chars(0) + $strMachineName.Chars(1) + ":" + $strMachineName.Chars(2) + $strMachineName.Chars(3) + ":" + $strMachineName.Chars(4) + $strMachineName.Chars(5) + ":" + $strMachineName.Chars(6) + $strMachineName.Chars(7) 
$strGUID = $strGUID.Replace('xxxxxxxx', $strMachineName)
}
$i++;
Write-Host $strMachineName + ", " + $strMac + ", " + $strGUID

#Import-CMComputerInformation -CollectionName "All Systems" -ComputerName $strMachineName -MacAddress $strMAC -SmBiosGuid $strGUID
Get-CMDevice -Name $strMachineName | Remove-CMDevice
}

Write to remote registry

Sometimes PowerShell doesn’t behave logically: For some strange reason Set-ItemProperty failed to set a registry value when I used a variable for the value. Example:

Invoke-Command -ComputerName $Computer -ScriptBlock {Set-ItemProperty -Path HKLM:\SYSTEM\HappyAdmin -Name ‘FunFactor’ -Value $FunFactor}

After trying for long enough I decided to call reg.exe from my script. I’m not proud of the function below but efficiency sometimes beats beauty.

# RegWriteBruteForce: Because efficiency beats beauty. The function below reliably writes to the registry, locally or on remote machines.
# Example: RegWriteBruteForce -ComputerName $Computer -KeyName 'HKLM\Software\HappyAdmin' -ValueName $FunFactor -Value 'high' -DataType REG_SZ

function RegWriteBruteForce
{

Param(
[Parameter(Mandatory=$false)]
[String[]]
$ComputerName = '.',
[Parameter(Mandatory=$true)]
[String[]]
$KeyName,
[Parameter(Mandatory=$true)]
[String[]]
$ValueName,
[Parameter(Mandatory=$true)]
[String[]]
$Value,
[Parameter(Mandatory=$false)]
[ValidateSet('REG_SZ','REG_MULTI_SZ','REG_EXPAND_SZ','REG_DWORD','REG_QWORD','REG_BINARY','REG_NONE')]
[String[]]
$DataType='REG_SZ'
)

$arg = 'ADD \\' + $Computer + '\'+ $KeyName + ' /v ' + $ValueName + ' /t ' + $DataType + ' /d ' + $Value + " /f"

$process = (Start-Process -FilePath reg.exe -ArgumentList $arg -WindowStyle Hidden -PassThru) 
$process.WaitForExit() 
return $(if($process.ExitCode -eq 0) {$true} else {$false}) # return true if successful
}