Here’s a “quick and dirty” way to add a computer to a collection during a task sequence. It uses PSRemoting to your ConfigMgr Site server and will happily run where only PowerShell 2.0 is installed.
It uses the Run Command Line step to invoke PowerShell and run the necessary commands on the site server to add the machine to the specified collection. You run this step with an account that has the necessary permissions.
- Add a new TS step “Run Command Line”
- Paste the code below into the Command line window
- Change the following items in CAPS in the code:
- MYSITESERVER (ConfigMgr Site Server Name, or anywhere with the ConfigMgr Console / Cmdlets installed)
- ABC (Site Code)
- COLLECTIONNAME (The name of the target collection)
- Change the “Run this step as…” account to an account that has the necessary permissions on the site server
Code:
cmd /c powershell.exe -Command "&{$Me = $Env:COMPUTERNAME; Invoke-command -Computername MYSITESERVER -ArgumentList $Me -scriptblock {param($Me)Import-Module ConfigurationManager; cd ABC:; $Computer = Get-CMDevice -Name $Me; if ($Computer){Add-CMDeviceCollectionDirectMembershipRule -CollectionName 'COLLECTIONNAME' -Resource $Computer}}}"
you don’t know how long I tried to achieve this with orchestrator only for something to fail.Thanks so much.
You’re welcome. It is possible with Orchestrator too, by the way 🙂 We also use a runbook for adding computers to a collection during OSD.
Hi could you advise me as im not so clever
I am running your Script but doesn’t appear to Run
when i run it directly on a client i recieve the following could you please comment
Missing condition in if statement after ‘if (‘.
At line:1 char:169
+ &{ = ROGERTESTSCCM2; Invoke-command -Computername CCISCCM1P-ArgumentList -sc
riptblock {param()Import-Module ConfigurationManager; cd ABC:; = Get-CMDevice
-Name ; if ( <<<< ){Add-CMDeviceCollectionDirectMembershipRule -CollectionName
'NewBuild_TestDeploy' -Resource }}}
+ CategoryInfo : ParserError: (:) [], ParentContainsErrorRecordEx
ception
+ FullyQualifiedErrorId : IfStatementMissingCondition
Can you post the code you are running? Based on the variable values I can see in the error, this code should work. You will need to change the site code “ABC” and the ‘COLLECTIONNAME’ first:
cmd /c powershell.exe -Command “&{$Me = ‘ROGERTESTSCCM2’; Invoke-command -Computername ‘CCISCCM1P’ -ArgumentList $Me -scriptblock {param($Me)Import-Module ConfigurationManager; cd ABC:; $Computer = Get-CMDevice -Name $Me; if ($Computer){Add-CMDeviceCollectionDirectMembershipRule -CollectionName ‘COLLECTIONNAME’ -Resource $Computer}}}”
THis is what i am running
i had Omitted changing the site code !
cmd /c powershell.exe -Command “&{$Me = $Env:COMPUTERNAME; Invoke-command -Computername ccisccm1p -ArgumentList $Me -scriptblock {param($Me)Import-Module ConfigurationManager; cd PRI:; $Computer = Get-CMDevice -Name $Me; if ($Computer){Add-CMDeviceCollectionDirectMembershipRule -CollectionName ‘NewBuild_Testdeploy’ -Resource $Computer}}}”
THis is the reply error
At line:1 char:164
+ … ce -Name ; if (){Add-CMDeviceCollectionDirectMembershipRule -CollectionName ‘New …
+ ~
Missing condition in if statement after ‘if (‘.
+ CategoryInfo : ParserError: (:) [], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : IfStatementMissingCondition
Thanks
It seems the $computer variable is not being populated. It’s possible the ConfigurationManager module is not being imported, you might need to make it visible first, check out this script for that: https://gallery.technet.microsoft.com/scriptcenter/Make-Configuration-Manager-04474a87
If it’s still not working after that, I suggest to run each command individually to see what’s not working. Are you sure the account you are using has the appropriate permissions and PowerShell remoting is enabled?
From the client you can try, in PowerShell ISE (run each line one at a time):
$Me = $Env:COMPUTERNAME
$Session = New-PSSession -ComputerName ccisccm1p
Invoke-command -Session $Session -ScriptBlock { Import-Module ConfigurationManager }
Invoke-command -Session $Session -ScriptBlock { cd PRI: }
Invoke-command -Session $Session -ArgumentList $Me -ScriptBlock { Param($Me); $Computer = Get-CMDevice -Name $Me }
Invoke-command -Session $Session -ScriptBlock { if ($Computer){Add-CMDeviceCollectionDirectMembershipRule -CollectionName ‘NewBuild_Testdeploy’ -Resource $Computer} }
Remove-PSSession $Session
You can also try each command on the site server itself, without the pssession / invoke-commands.
Replace “Import-Module ConfigurationManager” part with exact path of the ConfigurationManager module on the site server e.g. Import-Module ‘C:\Microsoft Configuration Manager\AdminConsole\bin\ConfigurationManager.psd1’
When I run this in a task sequence, I get an exit code of zero but the collection never gets populated. Any ideas?
Managed to get this script working with a slight tweak, using ResourceID and CollectionID.
$Me = $Env:COMPUTERNAME
$Session = New-PSSession -ComputerName rs-sccm01
Invoke-command -Session $Session -ScriptBlock { Import-Module “$($ENV:SMS_ADMIN_UI_PATH)\..\ConfigurationManager.psd1” }
Invoke-command -Session $Session -ScriptBlock { cd ABC: }
Invoke-command -Session $Session -ArgumentList $Me -ScriptBlock { Param($Me); $Computer = (Get-CMDevice -Name $Me).ResourceID }
Invoke-command -Session $Session -ScriptBlock { if ($Computer){Add-CMDeviceCollectionDirectMembershipRule -CollectionId ABC00001 -ResourceID $Computer} }
Remove-PSSession $Session
At what point would you run this in an OSD task sequence. The resource ID changes in newer versions of config manager.
Hi there, wondered if you can help, if I run this in a task sequence as available it runs ok and adds the device to the collection, if I run it as required then it does not add the device to the collection. I use the run as step with my adm which has the correct perms etc as works when available. I know that when required it can use the system account but not if I have a run as account setup. Any help greatly appreciated . Robert
Hi, wondered if you can help, when I run this TS as available it runs ok and collection gets updated, If I run it as required, it does not get added to the collection,. I have set a runas step with my adm which has the correct perms etc and works ok as available. I know it can use the system acc when a required deployment but shouldn’t if I specify an account to use, any help greatly appreciated