Tuesday, March 31, 2015

Intel NUC and SCCM issues

We purchased a couple of the Intel NUC mini desktops (model NUC5i3RYK) for our custom Lync Room systems.

Deploying with Microsoft System Center Configuration Manager...

Same with any new system... the Window PE boot image needed new drivers for the Ethernet adapter. (In our case the 64 bit driver - e1d64x64.inf)

Created a driver pack for the Intel NUC system, however the drivers were not getting installed into the image by the "Apply Device Drivers" task.

Decided to try the "Apply Driver Package" and picked the Intel NUC package option to see what would happen.

Now the task sequence fails with...
This task sequence cannot be run because a package referenced by the task sequence could not be found. For more information, please contact your system administrator or helpdesk operator.

Using F8 and cmtrace to open the \windows\temp\SMSTS.log file and found this error message...
Failed to resolve selected task sequence dependencies. Code(0x80040104)

Found this website and updated the distribution points so that the source version number would not be '1' and now the task sequence is working and drivers are installing.

More SCCM related posts

Friday, March 6, 2015

SCCM Task Sequence User Verification

We know that Config Manager's Task Sequences run with a system account and can only be advertised to Device collections.

What if we wanted only certain people to have permission to re-image their computer?

This script will record the logged in username via wmi as a Task Variable.
If that account is a member of a specific domain group then the 'ValidUser' Task Variable will be set as True.

You can then use that 'ValidUser' Task Variable to allow groups or other commands/applications to run.

To test the sequence with the msgbox dialogs you will need the ServiceUI.exe file from the Microsoft Development kit.

'Find Logged in user
'Version 1.60
on error resume next
Dim objNetwork, objDomain, oTaskSequence
'msgbox "Testing"
'Create Objects
Set objNetwork = CreateObject("Wscript.Network")
Set objDomain = GetObject("LDAP://RootDSE")
Set oTaskSequence = CreateObject ("Microsoft.SMS.TSEnvironment")

' Obtain user information.
'strUserName = objNetwork.UserName
strcomputer = "."

Set objWMI = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") 
Set colSessions = objWMI.ExecQuery ("Select * from Win32_ComputerSystem",,48) 
For Each objItem in colSessions 
if objItem.Username <> "" then
strUserName = Replace(Lcase(objItem.UserName),"prairiesouth","")
oTaskSequence("UserName") = replace(strUserName,chr(92),"")
'msgbox strUserName
strUserName = objNetwork.UserName
end if

If not lcase(strUserName) = "system" then
'Verifies not the System account.
strDomain = objDomain.Get("dnsHostName")
Set objUser = GetObject("WinNT://" & strDomain & "/" & strUserName)
For Each strGroup in objUser.Groups
If Lcase(strGroup.Name) = "help desk end users" or Lcase(strGroup.Name) = "information technology department" then
strValid = 1
oTaskSequence("UserGroup") = strGroup.Name
'msgbox strGroup.Name
exit for
end if
strValid = 0
end if

If strValid = 1 then
oTaskSequence("ValidUser") = "True"
'msgbox strValid
oTaskSequence("ValidUser") = "False"
'msgbox strValid
end if

More SCCM related posts