Thursday, June 18, 2015

Mass deleting Obsolete SCCM Clients

I would believe that every SCCM Admin would at some point of time need to cleanup obsolete SCCM Client objects from the SCCM Sites.
Most of the time when this is needed, all you will be provided is a list of the machines that are no longer in Active Directory and these SCCM Clients has to be purged from SCCM.
For this purpose, the below VBS will do just that

Const ForReading = 1, ForWriting = 2, ForAppending = 8
Const TristateUseDefault = -2, TristateTrue = -1, TristateFalse = 0
I = 0

strServer=InputBox("Enter Site Server Nmae",,"SCCM-Pri-Site-Server")
strSiteCode=InputBox("Enter Site Code",,"P01")

Set fso = CreateObject("Scripting.FileSystemObject")
strfolder = fso.GetParentFolderName(wscript.ScriptFullName) 

'You may replace obsolete.txt with any text file name you prefer. The contents of this file is used to list out the SCCM clients that are to be purged.
FileName = strfolder & "\Obsolete.txt"
'Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = fso.OpenTextFile(Filename,ForReading)
strmachine = objFile.ReadAll

arrcomp = split(strmachine, vbCrLf)
if isnull(strmachine) then
wscript.echo "No Machine info"
For each strmachine in arrcomp
strcomputer = strmachine
Set locator = CreateObject("WbemScripting.SWbemLocator")
Set WbemServices1 = locator.ConnectServer(strServer,"root\SMS\site_" & strSiteCode)
ResID = getResID(strComputer, WbemServices1)

Set sResource = WbemServices1.Get("SMS_R_System='" & ResID & "'")
Set sResource = Nothing
I = I +1

wscript.echo "Housekeep Done! A total of " & I & " obsolete SCCM records were deleted"
End if

Function getResID(strComputer, oWbem)
strQry = "Select ResourceID from SMS_R_System where Name=" & "'" & strComputer & "'"
Set objEnumerator = oWbem.ExecQuery(strQry)
If Err <> 0 Then
GetResID = 0
Exit Function
End If
For Each objInstance in objEnumerator
For Each oProp in objInstance.Properties_
GetResID = oProp.Value
Set objEnumerator = Nothing
End Function

Tuesday, June 9, 2015

Monitoring GPO changes using SCOM

It is pretty common for AD admins to want to be able to monitor changes to GPO via SCOM.
Of course, there are events that are logged for every change made to any GPO.
The real challenge is that we will not be able to know which GPO was changed without having to go through an extensive search through the GPMC or by means of powershell.
What is required is that the SCOM alert should include the name of the GPO so that the efforts and time of the IT Admins are keep to the minimum.

The below is an article from the community that will enable you to do just that
Click here