tcilmo

Reading through the link you provided, On a 64 bit computer, I have to force PowerShell to launch as 64 bit bet to use Microsoft.SMS.TSEnvironment COM Object? To do that I have to launch PowerShell as follows: "%windir%\sysnative\windowspowershell\v1.0\powershell.exe -NoProfile -File MyFile.ps1? Does that sound right? Do you have experience personally in that space?

Has anyone been able to use the 'Run Command Line' task sequence task and while specifying "RUN AS" credentials and get the script to run? I have been trying to get PowerShell scripts to run from the 'Run Command Line' task while specifying a "RUN AS" account for a while now with no success. Here is the syntax I use in the task sequence step: Powershell.exe -Executionpolicy Bypass -File .\filename.ps1 I have tried with twice now with do different scripts that work with the 'Run PowerShell Script' task, but when I use the 'Run Command Line' task the first line always throws an error. For example this line: $tsenv=New-Object -COMObject Microsoft.SMS.TSEnvironment throws this error: New-Object : The term 'New-Object' is not recognized as the name of a cmdlet, function , script file, or operable InstallSoftware. I tried another script using this method and the first line calls Get-Content which returns the error message for the cmdlet. Are the know issues with running Powershell scripts using the 'Run Command Line' task and specifying a "RUN AS" account? The reason I am trying to do this in this way because I need to specify credentials, the 'Run PowerShell Script' task only runs as LocalSystem which does not have enough rights do all stuff in the script. Would anyone know what is going on here or what is causing this behavior? The script code works, it has been tested under the 'Run Powershell script' task. The script only fails using the'Run Power Script' task due to permissions. I would appreciate any help, I just cant wrap my mind around what is happening here. -Tony

Hi Peter I'm attempting to do what Torsten suggested. I updated my post on TechNet with additional details, if you would like to take a look. I do have a custom role, with a security scope assigned to both the Distribution Point and the Administrative User. When I attempt to distribute content I still see the DP as an option, no matter what type of content that is being distributed. Did I misunderstand what Torsten was suggesting? --Tony

Hello Everyone! I am standing up two new multicasting enabled distribution points to be specifically used for ONLY OSD. I would like to limit the types of content that can be distributed to these distribution points. My goal is to only allow Drivers, Driver Packages, OS Images, OS Installers, Boot Images, and Task Sequences but not Packages or Applications. Does anyone know if this type of granularity is possible? I have also posted this question on TechNet if anyone wants to reference it there. --Tony

Thanks Niall! One additional item I discovered with my HTA code is that someone can right click the body of the HTA file -> view source -> scroll to the bottom and see the code that specifies the password. To make this more secure, I created a Task Sequence variable in my Task Sequence to hold the password for the HTA. Next, I changed this line of code: If ppassword.value <> "password" Then to If ppassword.value <> objOSD("TSPassword") Then allowing the HTA to read the Task Seqeunce variable of "TSPassword". This approach will prevent someone from grabbing the password by viewing the HTA source. Thought it would be good to share this with the community. --Tony

Hi Niall I have been following this blog trying to get this Prompt For Password thing working. I have got this up and running for the most part now, but I am still having a problem. It is with the “Shutdown” portion of the task sequence. I have these options set: If All the conditions are true: Task Sequence Variable ALLOWOSBUILD not equals “YES”. Even though I input the correct password, the shutdown step still runs. Do you have any insight why that would be? Am I missing something? Attached is snip of my task sequence and my HTA code. Any help would be greatly appreciated. --Tony <html> <head> <title>Prompt for password</title> <HTA:APPLICATION ID="objAutoRefresh" APPLICATIONNAME="Auto Refresh" SCROLL="no" SINGLEINSTANCE="yes" WINDOWSTATE="maximize" icon="icon.ico" SHOWINTASKBAR="no" SYSMENU="no" > <link rel="stylesheet" type="text/css" href="skin.css"> <script language=vbscript> sub activate(thebutton) thebutton.classname="btnb" end sub sub activate2(thebutton) thebutton.classname="btnc" end sub sub deactivate(thebutton) thebutton.classname="btna" end sub sub lblactivate(thebutton) thebutton.classname="lblb" end sub sub lblactivate2(thebutton) thebutton.classname="lblc" end sub sub lbldeactivate(thebutton) thebutton.classname="lbla" end sub </script> </head> <SCRIPT LANGUAGE="VBScript"> on error resume next Set objFSO = CreateObject("Scripting.FileSystemObject") Set WshShell = CreateObject("WScript.Shell") Set objOSD = CreateObject("Microsoft.SMS.TSEnvironment") Sub Window_Onload window.resizeTo 700,500 window.moveTo ((screen.availWidth \ 2) - (700 \ 2)), ((screen.availHeight \ 2) - (500 \ 2)) self.Focus() strVersion = "20100929" Footer.InnerHTML= "<HR width='100%' SIZE='2'>" & vbcrlf & _ "<table vAlign='bottom' border='0' width='100%'>" & vbcrlf & _ "<td align='left'>" & vbcrlf & _ "<font color='blue' size='2'>Division of IT -- Metrics & Automation" & vbcrlf & _ "<td align='right'>" & vbcrlf & _ "<font color='blue' size='2'>Version " & strVersion & vbcrlf & _ "</TD>" & vbcrlf & _ "</table>" MainMenu End Sub Sub EnterToTab If Window.event.keyCode = 13 Then Window.event.keyCode = 9 End Sub Sub Mainmenu Header.innerHTML = "<table width='100%' border='0' align='left'><tr><td><img src='logo.gif'><td><class='header'>A password is required to continue this task sequence.<br>" & vbcrlf & _ "Enter the password and click the <b>Continue</b> button.<tr><td colspan='2'><hr width='100%'></table>" Code.innerHTML ="<table width='100%' border='0'>" & vbcrlf & _ "<tr class='code'>" & vbcrlf & _ "<td colspan='1' valign='top'>Password:</td>" & _ "<td colspan='2'><input type='password' name='ppassword' size='30' onkeydown='EnterToTab'></td>" & vbcrlf & _ "<td colspan='2'><input type='checkbox' id=TogglePasswordInput name='TogglePasswordInput' onClick='TogglePasswordSub'><label class='lbla' onMouseOver='vbscript:lblactivate me' onMouseOut='vbscript:lbldeactivate me' onMouseDown='vbscript:lblactivate2 me' for=TogglePasswordInput>Show password</label>" & vbcrlf & _ "<td colspan='2'></td>" & _ "</tr>" & vbcrlf & _ "<tr class='code'><td colspan='5'><HR width='100%' SIZE='2'></td></tr>" & vbcrlf & _ "<tr class='code'><td colspan='2'><input id=runbutton class='btna' onMouseOver='vbscript:activate me' onMouseOut='vbscript:deactivate me' onMouseDown='vbscript:activate2 me' type='button' value='Continue' name='run_button' onClick='RunScript'>" & vbcrlf & _ "</table>" ppassword.focus End Sub Sub TogglePasswordSub If TogglePasswordInput.Checked Then Code.innerHTML ="<table width='100%' border='0'>" & vbcrlf & _ "<tr class='code'>" & vbcrlf & _ "<td colspan='1' valign='top'>Password:</td>" & _ "<td colspan='2'><input type='text' name='ppassword' size='30' value='" & ppassword.value & "' onkeydown='EnterToTab'></td>" & vbcrlf & _ "<td colspan='2'><input type='checkbox' id=TogglePasswordInput name='TogglePasswordInput' checked onClick='TogglePasswordSub'><label class='lbla' onMouseOver='vbscript:lblactivate me' onMouseOut='vbscript:lbldeactivate me' onMouseDown='vbscript:lblactivate2 me' for=TogglePasswordInput>Show password</label>" & vbcrlf & _ "<td colspan='2'></td>" & _ "</tr>" & vbcrlf & _ "<tr class='code'><td colspan='5'><HR width='100%' SIZE='2'></td></tr>" & vbcrlf & _ "<tr class='code'><td colspan='2'><input id=runbutton class='btna' onMouseOver='vbscript:activate me' onMouseOut='vbscript:deactivate me' onMouseDown='vbscript:activate2 me' type='button' value='Continue' name='run_button' onClick='RunScript'>" & vbcrlf & _ "</table>" Else Code.innerHTML ="<table width='100%' border='0'>" & vbcrlf & _ "<tr class='code'>" & vbcrlf & _ "<td colspan='1' valign='top'>Password:</td>" & _ "<td colspan='2'><input type='password' name='ppassword' size='30' value='" & ppassword.value & "' onkeydown='EnterToTab'></td>" & vbcrlf & _ "<td colspan='2'><input type='checkbox' id=TogglePasswordInput name='TogglePasswordInput' onClick='TogglePasswordSub'><label class='lbla' onMouseOver='vbscript:lblactivate me' onMouseOut='vbscript:lbldeactivate me' onMouseDown='vbscript:lblactivate2 me' for=TogglePasswordInput>Show password</label>" & vbcrlf & _ "<td colspan='2'></td>" & _ "</tr>" & vbcrlf & _ "<tr class='code'><td colspan='5'><HR width='100%' SIZE='2'></td></tr>" & vbcrlf & _ "<tr class='code'><td colspan='2'><input id=runbutton class='btna' onMouseOver='vbscript:activate me' onMouseOut='vbscript:deactivate me' onMouseDown='vbscript:activate2 me' type='button' value='Continue' name='run_button' onClick='RunScript'>" & vbcrlf & _ "</table>" End If ppassword.focus End Sub Sub RunScript If ppassword.value <> "password" Then messages.InnerHTML = "<font color='red' size='2'>Password is not valid.<br>" & vbcrlf & _ "<font color='black' size='2'>Retry entering the password ?<br>" & vbcrlf & _ "<input class='btna' onMouseOver='vbscript:activate me' onMouseOut='vbscript:deactivate me' onMouseDown='vbscript:activate2 me' type='button' value='Yes' name='Yes_button' onClick='Yes_button'>" & vbcrlf & _ "<input class='btna' onMouseOver='vbscript:activate me' onMouseOut='vbscript:deactivate me' onMouseDown='vbscript:activate2 me' type='button' value='No' name='No_button' onClick='No_button'>" Exit Sub Else on error resume next objOSD("ALLOWOSDBUILD") = "YES" Set objOSD = Nothing window.close() End If End Sub Sub No_button on error resume next objOSD("ALLOWOSDBUILD") = "NO" Set objOSD = Nothing window.close() End Sub Sub Yes_button messages.InnerHTML = "<font color='black' size='2'>Please try again" ppassword.value = "" ppassword.focus End Sub '*************************************************************************************** '****************** END SUB AREA ******************************************************* '*************************************************************************************** '*************************************************************************************** '****************** START FUNCTION AREA ************************************************ '*************************************************************************************** '*************************************************************************************** '****************** END FUNCTION AREA ************************************************** '*************************************************************************************** </SCRIPT> <body> <table height="100%" width="100%" border="0"> <TR> <TD vAlign="top" height="10"> <div class="header" id="Header"></div> </TD> </TR> <TR> <TD height="200"> <div class="code" id="Code"></div> </TD> </TR> <TR> <TD align="center"> <div class="messages" id="Messages"></div> </TD> </TR> <TR> <TD align="center"> <div id="Note"></div> </TD> </TR> <TR> <TD vAlign='bottom'> <div id="Footer"></div> </TD> </TR> </table> </body> </html>

Thanks Peter! -Tony

I am trying to understand what happens when the "Download content locally when needed by running task sequence" option in chosen on a task sequence deployment. My assumption is that any needed packages would not be identified and downloaded until task sequence is kicked off. Using task sequence boot media, it looks likes a package has been obtained before any task sequence has been selected. I am assuming the package was acquired during the WinPE boot process. Can anyone confirm that this is the correct behavior when using the "Download content locally when needed by running task sequence" option? If not, how would WinPE be obtaining the PS100292 SCCM package? This specific package contains and HTA file. Only one of several task sequences deployed to the All Unknown Computers make a call to the HTA file. The one that does, the HTA call is the very first step of the task sequence. --Tony

I have been working at implementing an HTA file to password protect my SCCM 2012 R2 task sequences as discussed here and various places throughout the web. I a looking for some clarification why the "Use Toolkit Package" is needed in the task sequence before the .WSF script (below) can run? I assume it is because it is calling the ZTIutility.vbs script which is part of MDT, but I don't understand what is actually happening. Could someone explain? <job id="setEnv"> <script language="VBScript" src="..\ZTIUtility.vbs"/> <script language="VBScript"> Dim oTSProgressUI set oTSProgressUI = CreateObject("Microsoft.SMS.TSProgressUI") oTSProgressUI.CloseProgressDialog() On error resume next Dim fso, WShell, oFile Set WShell = CreateObject("WScript.Shell") Set fso = CreateObject("scripting.filesystemobject") scriptroot = oEnvironment.Item("SCRIPTROOT") MsgBox "Please click OK to shutdown the computer.",0, "Task Sequence Aborted" WShell.Run "wpeutil shutdown",0, True </script> </job> Also, it there any other way to gracefully shut down the task sequence with out integrating MDT into SCCM to get the "Use Toolkit Package" option? --Tony

In my SCCM environment, system administrators have two different user accounts. A civilian ID and an administrative ID. When I attempt to create a custom report through the SCCM Console with my civilian ID, I receive the attached error, but when I attempt to create a custom report through the SCCM console with my administrative ID, I don’t receive the error. My administrative ID is assigned the "Full Administrator" Role. My civilian ID is not "usually", but in an attempt to troubleshoot I have given it the "Full Administrator" Role too. I still receive the error when using my civilian ID. (Plenty of time has passed to allow the permissions changes to take effect.) I am assuming there are some separate permissions in SQL that is causing this behavior, but not sure. I personally don't know much about SQL so I hope someone in the community could help me fix and understand why I am receiving this error. The main goal is to be able to allow other individuals the ability to create custom SCCM reports that are not system administrators. I inherited the current configuration was not involved in the initial conception of our environment; thus, I may not be able to answer some questions. System.NullReferenceException Object reference not set to an instance of an object. Stack Trace: at Microsoft.ConfigurationManagement.Reporting.Internal.SrsReportServer.DeployReport(String reportName, String reportPath, String reportDescription, String dataSourcePath, Byte[] reportRdl) at Microsoft.ConfigurationManagement.AdminConsole.SrsReporting.ReportDeploymentAgent.DeployReport() at Microsoft.ConfigurationManagement.AdminConsole.SrsReporting.CreateReportWizard.ApplyModelBasedProcessing(BackgroundWorker worker) at Microsoft.ConfigurationManagement.AdminConsole.SrsReporting.CreateReportWizard.PostApply(BackgroundWorker worker, DoWorkEventArgs e) at Microsoft.ConfigurationManagement.AdminConsole.ProgressPage.backgroundWorkerPostApply_DoWork(Object sender, DoWorkEventArgs e) at System.ComponentModel.BackgroundWorker.OnDoWork(DoWorkEventArgs e) at System.ComponentModel.BackgroundWorker.WorkerThreadStart(Object argument)