SCCM Baseline compliance - Output from Powershell script for reporting purposes
Question
I am trying to create a report of what version of .NET is instlaled over the estate, but I can't edit .mof file for SCCM inventory... I need to do it massively - standalone Powershell can't aid me, since it can't connect to remote registry in this environment...but SCCM can do it.
What I thought would be a good idea - Create baseline that will scan the estate, get the data and then I'd report it.
I have found a really awesome script https://github.com/EliteLoser/DotNetVersionLister - this is how output looks:
ComputerName : localhost
>=4.x : 4.6.2
v4\Client : Installed
v4\Full : Installed
v3.5 : Not installed (no key)
v3.0 : Not installed (no key)
v2.0.50727 : Not installed (no key)
v1.1.4322 : Not installed (no key)
Ping : True
Error :
As you can see output is vast. I've made a small script that imports this module, runs it against localhost and it's awesome, but...how to report this?
I've added it to SCCM, made baseline to use this but do anyone know how, and if it is even possible, to make a report/query or anything out from it, that would return the same output from above, per each computer in my collection?
1 answers
solution1
0 2019-11-12 22:10:53
I don't know if it's exactly what you are looking for, but I signed up to throw an idea your way that you might find useful.
You can setup a baseline config to run your script and have it write the output to the host. For this to work, you have to make the compliance condition be non-compliant. So set the compliance condition that the script returns an impossible value so it will be non-compliant.
Then in SQL management studio, you can query the baseline config and see the output results of every system.
Here's an example baseline config script. In this one we check if some folders exist and write output based on the results, this is just to show you an example, use your test script that you setup to write your output to the host:
if (Test-Path -Path "C:\Windows") {
if (Test-Path -Path "C:\Windows\Debug") {
"Debug"
}
if (Test-Path -Path "C:\Windows\System") {
"System"
}
if (Test-Path -Path "C:\Windows\System32") {
"System32"
}
if (Test-Path -Path "C:\Windows\Nothing") {
"Nothing"
}
} else {
"NOT INSTALLED"
}
Create a baseline for this and deploy it to some test systems. After the test systems evaluate and report results back, you can go to your sql management studio connected to your sccm database and run this sql command. Modify it with the exact name of your configuration item you created:
Select csd.Netbios_Name0, csd.ConfigurationItemName, csd.CurrentValue, csd.Criteria, csd.LastComplianceMessageTime, csd.CIVersion
From v_CIComplianceStatusDetail csd
Where csd.ConfigurationItemName = 'YourConfigurationItemNameHere'
Order By csd.CurrentValue
Hopefully this gives you some ideas you can run with.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.