1 2 Previous Next 22 Replies Latest reply on Jun 24, 2016 7:08 AM by stacycarter

    VCO Integration with SCCM

    JoJoGabor Expert

      Hi,

       

      We are using SCCM 2012 R2 which isn't compatible with vRealize 6.2, but I need to be able to add a machine to a collection via Orchestrator. I can do this using the command:

       

      Add-CMDeviceCollectionDirectMembershipRule -CollectionName "mycollection" -ResourceId $(get-cmdevice -name "mymachine").ResourceID from a host with the conosle enabled, but I cant seem to run it from VCO.

       

      I have tried two methods:

       

      1. Remote Powershell commands running from the Powershell Host:

           $sess = New-PSSession -ComputerName mySCCMhost -ConfigurationName Microsoft.Powershell32 -Authentication Kerberos -Credential $cred

           Invoke-Command -Session $sess -ScriptBlock {$env.computername; Import-Module "D:\Program Files (x86)\Microsoft Configuration Manager\AdminConsole\bin\ConfigurationManager.psd1";      Add-CMDeviceCollectionDirectMembershipRule -CollectionName "myCollection" -ResourceId $(get-cmdevice -name "myVM").ResourceID}

       

       

      2. Running a script on the Powershell host:

           Import-Module ($Env:SMS_ADMIN_UI_PATH.Substring(0,$Env:SMS_ADMIN_UI_PATH.Length-5) + '\ConfigurationManager.psd1')

           CD MySiteDrive:\

           Add-CMDeviceCollectionDirectMembershipRule -CollectionName "myCollection" -ResourceId $(get-cmdevice -name "myVM").ResourceID

       

      Neither work, I believe its something to do with the ConfigurationManager module not being able to be called remotely.

       

      Both methods add the module successfully but cant connect to the SCCM site drive with the error "Cannot find drive. A drive with the name 'DPS' does not exist."

       

      I have verified that I have remote access to the SCCM server by doing invoking the command to get the hostname or the runnign services, which is successful, so I have ruled out auth issues.

       

      Has anyone got any ideas how I can call this command?

        • 1. Re: VCO Integration with SCCM
          vmwarepants Novice

          Hey,

           

          We are doing this using the Library/Powershell/Invoke an external script. We found that the vCo service account needs to connect to SCCM using powershell once and then it worked.

           

          Login to SCCM server with vCo service account (this is the account configured under inventory\powershell\<SCCM server added as a PShost>)

           

          Open SCCM and from the top left chose connect using powershell. this will prompt you to say yes to running scripts.

           

          try running your script again.

          1 person found this helpful
          • 2. Re: VCO Integration with SCCM
            JoJoGabor Expert

            I actually worked around this issue by using Guest Operations on the Powershell host, ie running powershell scripts locally so as not using Powershell remoting.

            It's pretty painful that the SCCM module doesn't support Powershell remoting

            • 3. Re: VCO Integration with SCCM
              chicagovm Hot Shot

              Hello JOJOG.


              Can you explain what you mean when you say using Guest Operations running powershell scripts locally?


              I am trying to create a WKFL which either installs the SCCM 2012 agent and/or SCOM 2012 agent. Any links or ideas or possible wflw download?

               

              When I am logged into the newly deployed VMs we run the following to install the SCCM agent.

               

              \\SCCMSERVER01\sms_sa1\Client\ccmsetup.exe /mp:SCCMSERVER01.ourdomain.com /logon /skipprereq:silverlight.exe SMSSITECODE=XX1 FSP=$BACKUPSCCMSERVER.ourdomain.com

               

              How did you create the wflw to prompt you for which ever local server you are trying to install it on?

               

              Thanks so much if you can help!

              • 4. Re: VCO Integration with SCCM
                JoJoGabor Expert

                I have the SCCM client already in the base VM template, which you can anonymise by deleting the SMS certificates and one other file, I think its called SMSConfig.ini.

                 

                The real problem was the lack of Powershell remoting on the module. Therefore I utilise the VMware Guest Operations API to launch the script on the Powershell host, which is also a VM (luckily) to do the SCCM commands. I dont yet have the code tracking any errors, its fire and forget, but use the inbuilt workflow from the VCO LIbrary called "Run Command in Guest OS" and change the parameters to run on the Powershell host, such as:

                 

                programPath: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

                arguments: -Command c:\powershell\scripts\SCCMPostBuild.ps1 -vm

                • 5. Re: VCO Integration with SCCM
                  chicagovm Hot Shot

                  Ohmy gosh.. I'm excited to try this out.. So much appreciated!.. !!

                  • 6. Re: VCO Integration with SCCM
                    JoJoGabor Expert

                    Dont get too excited - SCCM can be painful when you're trying to do rapid deployments. It is just so slow to react despite taking poll intervals down to the minimum. I ma finding the client takes about 6 mins to register in the console, then I have a task sequence which often fails, but then sets to auto retry 15 mins later and goes through without a hitch.

                     

                    I'm seriously thinking of ditching the SCCM integration and just running installs directly off a DFS-Namespace

                    • 7. Re: VCO Integration with SCCM
                      chicagovm Hot Shot

                      Ouch.. well.. I just would like a wflw which installs or removes the agents on VMs, after the OS / Mcafee agent is installed. So, seeing how you do you have it installed in the template.. we did try that.. I think we had an issue but fixable.


                      Otherwise, I just would like to figure out how to call PS commands to install or query from a wflow with a "pop-up" sort of the server name.

                       

                      Our decommission process requires the engineers to remove the agent locally from a PS command on the server ( in our case multiple servers )  locally with the following PS command -

                       

                      $resID = Get-WmiObject -computername OURSCCMSERVER -Query "select resourceID from sms_r_system where name like 'SERVER_NAME'" -Namespace "root\sms\site_xx01"; $computerID = $resID.ResourceID; $comp = [wmi]"\\OURSCCMSERVER\root\sms\site_xx01:sms_r_system.resourceid=$computerID"; $comp.psbase.delete()

                       

                      or from the SCCM console by deleting..

                       

                      So, not sure which is easier..at this point.

                      • 8. Re: VCO Integration with SCCM
                        chicagovm Hot Shot

                        Ahh.. vCO 5.5.2 does not have that particular name of wflw but does have Run program in guest.

                        • 9. Re: VCO Integration with SCCM
                          JoJoGabor Expert

                          I have never had any issues with the SCCM client being baked into the template as long as you delete the certs and delete the file I mentioned above

                           

                          Why bother removing the agent on Decommissioning? Just let the VM be deleted, and delete the object in SCCM using the command:

                           

                          $compObject = get-wmiobject -query "select * from SMS_R_SYSTEM WHERE Name='$vm'" -computername SCCMServer -namespace "ROOT\SMS\sitecode"

                          $compObject.psbase.delete()

                           

                          This looks similar to what you are doing anyway

                          • 10. Re: VCO Integration with SCCM
                            chicagovm Hot Shot

                            So, would run the workflow Run program in guest wflw from the library? I guess I'm confused where I would put that script or which wkflw I could use to enter it and then get a prompt for the server name.

                            • 11. Re: VCO Integration with SCCM
                              pizzle85 Hot Shot

                              Are you trying to provision VMs through vRA using SCCM 2012 R2? If so you can just use the native vRA integration. Works great. We deploy about a dozen different OSes from SCCM  2012 R2 from vRA 6.2.2. The deployments take about 20 minutes for a fully patched OS. It can take longer if we place it into an OU with additional software packages.

                               

                              I attached an image of the vRA custom properties im using with SCCM to deploy our systems.

                               

                              We have a large CM installation so we had to set the timeout of the connection to SCCM from 5 minutes to 10 minutes.

                              • 12. Re: VCO Integration with SCCM
                                pizzle85 Hot Shot

                                also, make sure you on a recent update pack. There was an issue with OSD in earlier updates that was making our OSD take over an hour. Applying the latest update pack resolved the issue.

                                • 13. Re: VCO Integration with SCCM
                                  chicagovm Hot Shot

                                  Negative. I am using vCO 5.5 or 6 to deploy and only SCCM for agent and post deployment customization / software installs.

                                  1 2 Previous Next