Jump to content


Sign in to follow this  
Mike S

Configure User/Device Affinity During Image Deployment

Recommended Posts

I am doing some recon on the possibility of determining user/device affinity during image deployment via a task sequence.

 

I would like to know if it is even possible to establish affinity during the imaging process? This could be automatic or manual (through the use of input field prompts during the TS). Provided this is possible, this could simplify the installation of existing applications that are already installed based on user enrollment in certain security groups. It will also eliminate the need to create additional packages and task sequences since applications do not run (at least I haven't figured out how to do this) during a task sequence.

 

We are running a single SCCM 2012 primary site with WSUS and SCOM. Nothing else is configured/needed at the moment.

 

Basically, I want to do the following:

 

  1. Start TS deployment
  2. Input/establish user affinity
  3. Finish image deployment (base image, user profile, etc.)
  4. Finished machine is added to correct user group based on affinity set in step 2 above.
  5. Required software for user group is installed.
  6. Machine deployed to user.
  7. Voila'...finshed.

It seems simple enough, but with the many "features" Microsoft has included with their products, I have my reservations.

 

I don't want to spin my wheels trying to figure this out on my own, so I thought I would ask here first to see if this is even feasible.

 

Thanks in advance,

Mike

Share this post


Link to post
Share on other sites


Your link looks very promising. Would I need to import affinity associations prior to trying something like this or can i stick with entering a user affinity upon execution of the image TS? I have already added the SMSTSUdaUsers variable to my boot image and am currently testing it out. It prompted me for a primary user so i am crossing my fingers.

 

Being a little slow, could you explain the $ResourceName and $Container variable for your script a little more.

 

I am going to assume that the "Get Applications" TS step shown in the illustration is where the powershell script is configured.

 

Great info...Thanks again for the ideas.

Share this post


Link to post
Share on other sites

It doesn't matter how you input the user, as long as you do :)

 

The resourcename variable is the name of the computer object running the task sequence and the container variable is the folder name that contains your application deployment collections (just to prevent the script from searching through all collections).

Share this post


Link to post
Share on other sites

Got it. Since I plan on implementing this script for all devices, can I use %_SMSTSMachineName% as the ResourceName?

Share this post


Link to post
Share on other sites

hmmm, something went wrong. I am going to chalk the failure up to not knowing anything about powershell and how to use scripts in a TS. I am hoping that I can figure this out. Again, any advice i can get is greatly appreciated.

 

I am running SCCM 2012 on a 2008 R2 server with a local instance of SQL 2012.

 

When the OSD TS loads via boot media, I am prompted to enter in a primary user for the machine being loaded. This is accomplished using the SMSTSUdaUsers variable that I have pre-defined in the boot image. This part works.

 

The deployment works fine until the powershell script executes. I followed the instructions (I think) correctly. I created a package for the script with no program. It has been distributed correctly to my distribution points. I have created a separate folder called "Software Applications" within the Applications node and populated it with my Firefox application (see app_container attachment). I have tested the application to ensure that it works correctly.

 

Script Parameters:

param (
[%_SMSTSMachineName%]$ResourceName,
[DOR]$SiteCode,
[sCCM2012DOR.fqdn]$SiteServer, (is the fqdn required here?)
[software Applications]$Container
)
TS Steps: (see attached files, get_apps executes powershell, install_apps installs them)
Every thing executes fine up to the powershell step. Then the system hangs for a few seconds and reboots. The user affinity is set correctly, but firefox is not installed. Once rebooted and the config manager starts communicating, firefox is loaded based on the user group setting assigned to the primary user.
I do not have any logs at the moment as I am running another test, but I think my setup is causing the issues at hand.
What am I doing wrong here? I have a gut feeling it is something very simple.
Thanks again,
Mike

post-6493-0-29073400-1400764009_thumb.jpg

post-6493-0-34771200-1400764019_thumb.jpg

post-6493-0-30172300-1400764039_thumb.jpg

Share this post


Link to post
Share on other sites

Does anyone have some sort of tutorial on how to do this? I have not figured out why I cannot get this to work. After 2 weeks of futility, I am ready to give up on this.

Share this post


Link to post
Share on other sites

Sorry, I completely missed your reply.

 

You're getting close. Your task sequence setup looks correct, but the folder part is wrong. The container that should be added as input should be a container holding your application collections. Based on that container the search for collection memberships of the user will be narowed from the start.

Share this post


Link to post
Share on other sites

I have created a folder in User Collections called Applications. This sub-folder will contain all of the user collections for applications.

 

For the container variable in the script, I used Applications as the variable. Is this sufficient, or do I need to define a specific path that directs the script to this container?

 

It appears that there is more to this. The TS just failed with the error code 0x00000001. I am trying to find the logs now to see what went wrong.

Share this post


Link to post
Share on other sites

Found the SMSTS.log... The lines indented and in bold font are the errors that appeared.

 

[ OSDRunPSScript.exe ] RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Running powershell script: 'GetTargetedApplications_v0_9.ps1'(PkgID: DOR0008C) with execution policy: 'Bypass' RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
The execution scope for running the powershell script is specified not to verify the signature of the scripts. This is unsafe and potentially risk running malicious scripts. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Sending warning status message RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Setting URL = http://xx.xxx.xx.xx, Ports = 80,443, CRL = false RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Setting Server Certificates. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Setting Authenticator. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Set authenticator in transport RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Setting Media Certificate. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Sending StatusMessage RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Setting message signatures. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Setting the authenticator. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
CLibSMSMessageWinHttpTransport::Send: URL: xx.xxx.xx.xx:80 CCM_POST /ccm_system/request RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Request was successful. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Powershell path: C:\Windows\System32\WindowsPowerShell\v1.0\ RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
ResolveSource flags: 0x00000000 RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
SMSTSPersistContent: . The content for package DOR0008C will be persisted RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
DownloadOnDemand flag is true. Attempting to download content locally for Package DOR0008C. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Locations: Multicast = 0, HTTP = 1, SMB = 0. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Package Flags: 0x01000000 RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Multicast is not enabled for the package. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Trying http://xx.xxx.xx.xx/SMS_DP_SMSPKG$/DOR0008C. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
GetDirectoryListing() entered RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Initializing HTTP transport. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Setting URL = http://xx.xxx.xx.xx/SMS_DP_SMSPKG$/DOR0008C. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Address=http://xx.xxx.xx.xx, Scheme=http, Object=/SMS_DP_SMSPKG$/DOR0008C, Port=80. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Setting Authenticator. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Set authenticator in transport RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
WinHttp credentials set RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
CLibSMSMessageWinHttpTransport::Send: URL: xx.xxx.xx.xx:80 PROPFIND /SMS_DP_SMSPKG$/DOR0008C RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
401 - Unsuccessful with anonymous access. Retrying with context credentials. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Using thread token for request RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Request was successful. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
DAV response string is:
<?xml version="1.0" encoding="utf-8" ?><D:multistatus xmlns:D="DAV:"><D:response><D:href>http://REVIMAGEDOR.revenue.wi.gov/SMS_DP_SMSPKG$/sccm?/DOR0008C/</D:href><D:propstat><D:status>HTTP/1.1 200 OK</D:status><D:prop><D:getcontenttype/><D:supportedlock/><D:getetag/><D:creationdate/><D:iscollection>1</D:iscollection><D:resourcetype><D:collection/></D:resourcetype><D:ishidden>0</D:ishidden><D:displayname>http://xx.xxx.xx.xx/SMS_DP_SMSPKG$/sccm?/DOR0008C/</D:displayname><D:getlastmodified></D:getlastmodified><D:getcontentlanguage/><D:getcontentlength>0</D:getcontentlength></D:prop></D:propstat></D:response><D:response><D:href>http://xx.xx.xx.xx/SMS_DP_SMSPKG$/DOR0008C/sccm?/GetTargetedApplications_v0_9.ps1</D:href><D:propstat><D:status>HTTP/1.1 200 OK</D:status><D:prop><D:getcontenttype/><D:lockdiscovery/><D:supportedlock/><D:getetag/><D:getcontentlanguage/><D:iscollection>0</D:iscollection><D:creationdate/><D:resourcetype/><D:ishidden>0</D:ishidden><D:displayname>http://xx.xx.xx.xx/SMS_DP_SMSPKG$/DOR0008C/sccm?/GetTargetedApplications_v0_9.ps1</D:displayname><D:getlastmodified>Mon, 02 Jun 2014 15:02:26 GMT</D:getlastmodified><D:getcontentlength>2433</D:getcontentlength></D:prop></D:propstat></D:response></D:multistatus> RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
List of files to be downloaded RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
File: http://xx.xxx.xx.xx:80/SMS_DP_SMSPKG$/DOR0008C/sccm?/GetTargetedApplications_v0_9.ps1 RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
GetDirectoryListing() successfully completed RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
Succeeded loading resource DLL 'C:\WINDOWS\CCM\1033\TSRES.DLL' RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
401 - Unsuccessful with anonymous access. Retrying with context credentials. RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
Downloading file /SMS_DP_SMSPKG$/DOR0008C/sccm?/GetTargetedApplications_v0_9.ps1 range 0-2432 RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
Downloaded file from http://xx.xxx.xx.xx:80/SMS_DP_SMSPKG$/DOR0008C/sccm?/GetTargetedApplications_v0_9.ps1 to C:\_SMSTaskSequence\Packages\DOR0008C\GetTargetedApplications_v0_9.ps1 RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
VerifyContentHash: Hash algorithm is 32780 RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
Content successfully downloaded at C:\_SMSTaskSequence\Packages\DOR0008C. RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
Resolved source to 'C:\_SMSTaskSequence\Packages\DOR0008C' RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
Command line for extension .exe is "%1" %* RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
Set command line: Run Powershell script RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
Working dir 'C:\_SMSTaskSequence\Packages\DOR0008C' RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
Executing command line: Run Powershell script RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
Process completed with exit code 1 RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
Unable to find type [%_SMSTSMachineName%]: make sure that the assembly containi RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
ng this type is loaded. RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
At C:\_SMSTaskSequence\Packages\DOR0008C\GetTargetedApplications_v0_9.ps1:12 ch RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
ar:26 RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
+ [%_SMSTSMachineName%] <<<< $ResourceName, RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
+ CategoryInfo : InvalidOperation: (%_SMSTSMachineName%:String) [ RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
], RuntimeException RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
+ FullyQualifiedErrorId : TypeNotFound RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
Command line returned 1 RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
ReleaseSource() for C:\_SMSTaskSequence\Packages\DOR0008C. RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
reference count 1 for the source C:\_SMSTaskSequence\Packages\DOR0008C before releasing RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
Released the resolved source C:\_SMSTaskSequence\Packages\DOR0008C RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
Process completed with exit code 1 TSManager 6/2/2014 11:36:41 AM 2264 (0x08D8)
!--------------------------------------------------------------------------------------------! TSManager 6/2/2014 11:36:41 AM 2264 (0x08D8)
Failed to run the action: Get Applications.
Incorrect function. (Error: 00000001; Source: Windows) TSManager 6/2/2014 11:36:41 AM 2264 (0x08D8)
MP server http://xx.xxx.xx.xx. Ports 80,443. CRL=false. TSManager 6/2/2014 11:36:41 AM 2264 (0x08D8)
Setting authenticator TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Set authenticator in transport TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Sending StatusMessage TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Setting message signatures. TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Setting the authenticator. TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
CLibSMSMessageWinHttpTransport::Send: URL: xx.xxx.xx.xx:80 CCM_POST /ccm_system/request TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Request was successful. TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Set a global environment variable _SMSTSLastActionRetCode=1 TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Set a global environment variable _SMSTSLastActionSucceeded=false TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Clear local default environment TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Let the parent group (Install User Applications) decides whether to continue execution TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
The execution of the group (Install User Applications) has failed and the execution has been aborted. An action failed.
Operation aborted (Error: 80004004; Source: Windows) TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Failed to run the last action: Get Applications. Execution of task sequence failed.
Incorrect function. (Error: 00000001; Source: Windows) TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
MP server http://xx.xxx.xx.xx. Ports 80,443. CRL=false. TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Setting authenticator TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Set authenticator in transport TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Sending StatusMessage TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Setting message signatures. TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Setting the authenticator. TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
CLibSMSMessageWinHttpTransport::Send: URL: xx.xxx.xx.xx:80 CCM_POST /ccm_system/request TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Request was successful. TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Launching command shell. OSDSetupHook 6/2/2014 11:36:49 AM 2340 (0x0924)
executing command: C:\WINDOWS\system32\cmd.exe /k OSDSetupHook 6/2/2014 11:36:49 AM 2340 (0x0924)
executed command: C:\WINDOWS\system32\cmd.exe /k OSDSetupHook 6/2/2014 11:36:49 AM 2340 (0x0924)
Execution::enExecutionFail != m_eExecutionResult, HRESULT=80004005 (e:\nts_sccm_release\sms\client\tasksequence\tsmanager\tsmanager.cpp,923) TSManager 6/2/2014 11:51:56 AM 2264 (0x08D8)
Task Sequence Engine failed! Code: enExecutionFail TSManager 6/2/2014 11:51:56 AM 2264 (0x08D8)
**************************************************************************** TSManager 6/2/2014 11:51:56 AM 2264 (0x08D8)
Task sequence execution failed with error code 80004005 TSManager 6/2/2014 11:51:56 AM 2264 (0x08D8)
Cleaning Up. TSManager 6/2/2014 11:51:56 AM 2264 (0x08D8)

Share this post


Link to post
Share on other sites

You're doing something wrong with your input variables and I just noticed it based on the log file, while you already posted them before. It should be something like below. The resource name will be added as input variable.

 

param (

[string]$ResourceName,

[string]$SiteCode="YourSiteCode",

[string]$SiteServer="YourSiteServer",

[string]$Container="YourContainer"

)

Share this post


Link to post
Share on other sites

I see clearer now. Scripting is not my strong suit. So my parameters should look like this:

 

param (

[string]$ResourceName,

[string]$SiteCode="DOR",

[string]$SiteServer="SCCM2012DOR",

[string]$Container="Applications"

)

The $ResourceName is defined in the TS step "GetApplications"...correct?

Share this post


Link to post
Share on other sites

Almost there. The TS "Install Applications" started to run this time. Unfortunately, it failed. I think it is due to incorrect permissions...

 

Get-WmiObject : Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESS RunPowerShellScript 6/3/2014 9:00:08 AM 1908 (0x0774)
DENIED)) RunPowerShellScript 6/3/2014 9:00:08 AM 1908 (0x0774)
At C:\_SMSTaskSequence\Packages\DOR0008C\GetTargetedApplications_v0_9.ps1:21 ch RunPowerShellScript 6/2/2014 2:44:19 PM 2188 (0x088C)
ar:34 RunPowerShellScript 6/2/2014 2:44:19 PM 2188 (0x088C)
+ $PrimaryUser = (Get-WmiObject <<<< -ComputerName $SiteServer -Class SMS_ RunPowerShellScript 6/2/2014 2:44:19 PM 2188 (0x088C)
UserMachineRelationship -Namespace root\SMS\Site_$SiteCode -Filter "ResourceNam RunPowerShellScript 6/2/2014 2:44:19 PM 2188 (0x088C)
e='$ResourceName'").UniqueUserName RunPowerShellScript 6/2/2014 2:44:19 PM 2188 (0x088C)
+ CategoryInfo : NotSpecified: ( :) [Get-WmiObject], UnauthorizedA RunPowerShellScript 6/2/2014 2:44:19 PM 2188 (0x088C)
ccessException RunPowerShellScript 6/2/2014 2:44:19 PM 2188 (0x088C)
+ FullyQualifiedErrorId : System.UnauthorizedAccessException,Microsoft.Pow RunPowerShellScript 6/2/2014 2:44:19 PM 2188 (0x088C)
erShell.Commands.GetWmiObjectCommand RunPowerShellScript 6/2/2014 2:44:19 PM 2188 (0x088C)
RunPowerShellScript 6/2/2014 2:44:19 PM 2188 (0x088C)
This appeared as well: No Env variable with specified basename APPId and suffix '01' is found. No applications installed. InstallApplication 6/2/2014 2:44:20 PM 2280 (0x08E8)
Are there special permissions required for scripts like this to work? Again, excuse my ignorance, but I am flying blind when it comes to scripting and powershell stuff.

Share this post


Link to post
Share on other sites

Could very well be a permission issue. The computer account running the script needs to have read permissions in ConfigMgr. This would probably mean that you would need to give the domain computers the read-only analyst rights.

Share this post


Link to post
Share on other sites

You were correct, once I added the domain computers to the read-only analyst role, things ran smoother. However, the TS failed during the Install Applications TS.

Do I need to ensure that the box is ticked under Deployment settings to enable "Pre-deploy software to the user's primary device"?

 

Here is a snippet from the logfile:

 

Retrieving Policy Assignments: InstallApplication 6/3/2014 3:39:11 PM 1548 (0x060C)
assignmentList.size() > 0, HRESULT=80004005 (e:\nts_sccm_release\sms\client\osdeployment\installapplication\dautils.cpp,452) InstallApplication 6/3/2014 3:39:11 PM 1548 (0x060C)
No matching policy assignments received. InstallApplication 6/3/2014 3:39:11 PM 1548 (0x060C)
Policy download failed, hr=0x80004005 InstallApplication 6/3/2014 3:39:11 PM 1548 (0x060C)
daUtil.DownloadPolicies(), HRESULT=80004005 (e:\nts_sccm_release\sms\client\osdeployment\installapplication\dainstaller.cpp,295) InstallApplication 6/3/2014 3:39:11 PM 1548 (0x060C)
Successfully cleared App model names from TS env. InstallApplication 6/3/2014 3:39:11 PM 1548 (0x060C)
daInstaller.Execute(), HRESULT=80004005 (e:\nts_sccm_release\sms\client\osdeployment\installapplication\main.cpp,260) InstallApplication 6/3/2014 3:39:11 PM 1548 (0x060C)
Process completed with exit code 2147500037 TSManager 6/3/2014 3:39:11 PM 1912 (0x0778)
!--------------------------------------------------------------------------------------------! TSManager 6/3/2014 3:39:11 PM 1912 (0x0778)
Failed to run the action: Install Applications.
Unspecified error (Error: 80004005; Source: Windows) TSManager 6/3/2014 3:39:11 PM 1912 (0x0778)
MP server http://xx.xxx.xx.xx. Ports 80,443. CRL=false. TSManager 6/3/2014 3:39:11 PM 1912 (0x0778)
Setting authenticator TSManager 6/3/2014 3:39:11 PM 1912 (0x0778)
Set authenticator in transport TSManager 6/3/2014 3:39:11 PM 1912 (0x0778)
Sending StatusMessage TSManager 6/3/2014 3:39:11 PM 1912 (0x0778)
Setting message signatures. TSManager 6/3/2014 3:39:11 PM 1912 (0x0778)
Setting the authenticator. TSManager 6/3/2014 3:39:11 PM 1912 (0x0778)
CLibSMSMessageWinHttpTransport::Send: URL: xx.xxx.xx.xx:80 CCM_POST /ccm_system/request TSManager 6/3/2014 3:39:11 PM 1912 (0x0778)
Request was successful. TSManager 6/3/2014 3:39:11 PM 1912 (0x0778)
Set a global environment variable _SMSTSLastActionRetCode=-2147467259 TSManager 6/3/2014 3:39:11 PM 1912 (0x0778)
Set a global environment variable _SMSTSLastActionSucceeded=false TSManager 6/3/2014 3:39:11 PM 1912 (0x0778)
Clear local default environment TSManager 6/3/2014 3:39:11 PM 1912 (0x0778)
Let the parent group (Install User Applications) decides whether to continue execution TSManager 6/3/2014 3:39:11 PM 1912 (0x0778)
The execution of the group (Install User Applications) has failed and the execution has been aborted. An action failed.
Operation aborted (Error: 80004004; Source: Windows) TSManager 6/3/2014 3:39:11 PM 1912 (0x0778)
Failed to run the last action: Install Applications. Execution of task sequence failed.
Unspecified error (Error: 80004005; Source: Windows) TSManager 6/3/2014 3:39:11 PM 1912 (0x0778)

Share this post


Link to post
Share on other sites

I have fixed the above "problem". It seems that I forgot to check the little box in the application properties under the "General Information" tab that allows the application to be installed from the Install Application task sequence action without being deployed.

 

I tested everything again and it worked like a charm (after about 40 attempts). I have got to learn more about powershell.

 

Quick question, is there a limit to the number of applications that can be installed using this method? I know that if a manual list is used, only 8 applications can be installed per step. Wondering if it is different for dynamic lists?

 

Thank you Peter for all of your assistance.

 

As time permits, I will try to piece together a detailed guide on how to do this. This is an excellent way to deploy user-specific software during the OSD.

Share this post


Link to post
Share on other sites

Your welcome. I'm not sure about the maximum number of applications, I haven't stressed it yet. I would guess that it would be 99, but indeed knowing the normal limit it makes me doubt.

Share this post


Link to post
Share on other sites

After testing this a couple of times, I decided to attempt using a collection based on a security group instead of individual users assigned to the group. The user set during the OSD deployment was a member of the security group assigned to the user collection. When I executed the OSD, it failed as soon as the get/install applications TS started.

 

Can the automated process you developed be implemented with security groups, or will I need to ensure that each user be added to the correct application collection? My guess is that since the affinity is looking for a specific user to belong to a group, when a security group is used to define multiple members, the affinity does not see the user as being a member. It only sees the security group as the member and therefore fails.

 

I hope I explained that correctly.

 

**EDIT**

I think I have it figured out, I added a query rule to add users individually based on the AD group membership.

 

Thanks again :)

Share this post


Link to post
Share on other sites

I am running into a rather interesting issue. When I add a new deployment to the user collection, the process fails. Additionally, when I add a second user collection to the container, the process also fails.

 

The log looks good until the following error appears:

 

No Env variable with specified basename APPId and suffix '01' is found. No applications installed.

 

The sequence then aborts with an 80004004 code.

 

The second deployment is configured exactly like the first one (except for the application, of course).

 

Once I remove the deployment and the second user collection, the TS runs just fine. Is there a trick to allowing multiple application to be deployed to the same user collection that i am missing? The same goes for having multiple user collections in the same parent container (in this case, I am using "Applications" as the parent container).

 

Doing more research, but it can't hurt to ask a guru.

Share this post


Link to post
Share on other sites

Multiple collections should definitly be possible. As it's been a while since I created that little script, I can't remember if I tested with multiple deployments to one collection. Theoratically, looking at the code, it should be possible,

Share this post


Link to post
Share on other sites

Since I have about 50 AD groups to configure, your script was a welcome relief. We are hoping to have a single OSD TS that will install applications based on user collections created using these AD memberships. Each user collection will have approximately 7 or 8 applications deployed to them.

 

I have got to talk my boss into sending me to a powershell class.

Share this post


Link to post
Share on other sites

I rolled back to the working configuration I had a couple of days ago. Now, I am finding that this no longer works. I deleted everything and started over from scratch, hoping that my tinkering with things was what caused the problem. Everything is correct as far as I can tell, and the TS executes correctly up until the "Install Applications" sequence. The only error generated points towards the base variable not having the specified basename of "APPId". I double checked the script and it is there. I have not changed anything for the application.

 

I am at a loss since the log file tells me nothing other than the Env variable is wrong. What could possibly cause this irritating "feature" (I call all Microsoft problems that in an effort to ease the pain that often accompanies them)

 

 

post-6493-0-66302800-1402080328_thumb.jpg

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...