Jump to content


  • 0
Mike S

Configure User/Device Affinity During Image Deployment

Question

I am doing some recon on the possibility of determining user/device affinity during image deployment via a task sequence.

 

I would like to know if it is even possible to establish affinity during the imaging process? This could be automatic or manual (through the use of input field prompts during the TS). Provided this is possible, this could simplify the installation of existing applications that are already installed based on user enrollment in certain security groups. It will also eliminate the need to create additional packages and task sequences since applications do not run (at least I haven't figured out how to do this) during a task sequence.

 

We are running a single SCCM 2012 primary site with WSUS and SCOM. Nothing else is configured/needed at the moment.

 

Basically, I want to do the following:

 

  1. Start TS deployment
  2. Input/establish user affinity
  3. Finish image deployment (base image, user profile, etc.)
  4. Finished machine is added to correct user group based on affinity set in step 2 above.
  5. Required software for user group is installed.
  6. Machine deployed to user.
  7. Voila'...finshed.

It seems simple enough, but with the many "features" Microsoft has included with their products, I have my reservations.

 

I don't want to spin my wheels trying to figure this out on my own, so I thought I would ask here first to see if this is even feasible.

 

Thanks in advance,

Mike

Share this post


Link to post
Share on other sites

Recommended Posts

  • 0

Your link looks very promising. Would I need to import affinity associations prior to trying something like this or can i stick with entering a user affinity upon execution of the image TS? I have already added the SMSTSUdaUsers variable to my boot image and am currently testing it out. It prompted me for a primary user so i am crossing my fingers.

 

Being a little slow, could you explain the $ResourceName and $Container variable for your script a little more.

 

I am going to assume that the "Get Applications" TS step shown in the illustration is where the powershell script is configured.

 

Great info...Thanks again for the ideas.

Share this post


Link to post
Share on other sites

  • 0

It doesn't matter how you input the user, as long as you do :)

 

The resourcename variable is the name of the computer object running the task sequence and the container variable is the folder name that contains your application deployment collections (just to prevent the script from searching through all collections).

Share this post


Link to post
Share on other sites

  • 0

hmmm, something went wrong. I am going to chalk the failure up to not knowing anything about powershell and how to use scripts in a TS. I am hoping that I can figure this out. Again, any advice i can get is greatly appreciated.

 

I am running SCCM 2012 on a 2008 R2 server with a local instance of SQL 2012.

 

When the OSD TS loads via boot media, I am prompted to enter in a primary user for the machine being loaded. This is accomplished using the SMSTSUdaUsers variable that I have pre-defined in the boot image. This part works.

 

The deployment works fine until the powershell script executes. I followed the instructions (I think) correctly. I created a package for the script with no program. It has been distributed correctly to my distribution points. I have created a separate folder called "Software Applications" within the Applications node and populated it with my Firefox application (see app_container attachment). I have tested the application to ensure that it works correctly.

 

Script Parameters:

param (
[%_SMSTSMachineName%]$ResourceName,
[DOR]$SiteCode,
[sCCM2012DOR.fqdn]$SiteServer, (is the fqdn required here?)
[software Applications]$Container
)
TS Steps: (see attached files, get_apps executes powershell, install_apps installs them)
Every thing executes fine up to the powershell step. Then the system hangs for a few seconds and reboots. The user affinity is set correctly, but firefox is not installed. Once rebooted and the config manager starts communicating, firefox is loaded based on the user group setting assigned to the primary user.
I do not have any logs at the moment as I am running another test, but I think my setup is causing the issues at hand.
What am I doing wrong here? I have a gut feeling it is something very simple.
Thanks again,
Mike

post-6493-0-29073400-1400764009_thumb.jpg

post-6493-0-34771200-1400764019_thumb.jpg

post-6493-0-30172300-1400764039_thumb.jpg

Share this post


Link to post
Share on other sites

  • 0

Sorry, I completely missed your reply.

 

You're getting close. Your task sequence setup looks correct, but the folder part is wrong. The container that should be added as input should be a container holding your application collections. Based on that container the search for collection memberships of the user will be narowed from the start.

Share this post


Link to post
Share on other sites

  • 0

I have created a folder in User Collections called Applications. This sub-folder will contain all of the user collections for applications.

 

For the container variable in the script, I used Applications as the variable. Is this sufficient, or do I need to define a specific path that directs the script to this container?

 

It appears that there is more to this. The TS just failed with the error code 0x00000001. I am trying to find the logs now to see what went wrong.

Share this post


Link to post
Share on other sites

  • 0

Found the SMSTS.log... The lines indented and in bold font are the errors that appeared.

 

[ OSDRunPSScript.exe ] RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Running powershell script: 'GetTargetedApplications_v0_9.ps1'(PkgID: DOR0008C) with execution policy: 'Bypass' RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
The execution scope for running the powershell script is specified not to verify the signature of the scripts. This is unsafe and potentially risk running malicious scripts. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Sending warning status message RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Setting URL = http://xx.xxx.xx.xx, Ports = 80,443, CRL = false RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Setting Server Certificates. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Setting Authenticator. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Set authenticator in transport RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Setting Media Certificate. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Sending StatusMessage RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Setting message signatures. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Setting the authenticator. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
CLibSMSMessageWinHttpTransport::Send: URL: xx.xxx.xx.xx:80 CCM_POST /ccm_system/request RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Request was successful. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Powershell path: C:\Windows\System32\WindowsPowerShell\v1.0\ RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
ResolveSource flags: 0x00000000 RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
SMSTSPersistContent: . The content for package DOR0008C will be persisted RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
DownloadOnDemand flag is true. Attempting to download content locally for Package DOR0008C. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Locations: Multicast = 0, HTTP = 1, SMB = 0. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Package Flags: 0x01000000 RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Multicast is not enabled for the package. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Trying http://xx.xxx.xx.xx/SMS_DP_SMSPKG$/DOR0008C. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
GetDirectoryListing() entered RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Initializing HTTP transport. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Setting URL = http://xx.xxx.xx.xx/SMS_DP_SMSPKG$/DOR0008C. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Address=http://xx.xxx.xx.xx, Scheme=http, Object=/SMS_DP_SMSPKG$/DOR0008C, Port=80. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Setting Authenticator. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Set authenticator in transport RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
WinHttp credentials set RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
CLibSMSMessageWinHttpTransport::Send: URL: xx.xxx.xx.xx:80 PROPFIND /SMS_DP_SMSPKG$/DOR0008C RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
401 - Unsuccessful with anonymous access. Retrying with context credentials. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Using thread token for request RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
Request was successful. RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
DAV response string is:
<?xml version="1.0" encoding="utf-8" ?><D:multistatus xmlns:D="DAV:"><D:response><D:href>http://REVIMAGEDOR.revenue.wi.gov/SMS_DP_SMSPKG$/sccm?/DOR0008C/</D:href><D:propstat><D:status>HTTP/1.1 200 OK</D:status><D:prop><D:getcontenttype/><D:supportedlock/><D:getetag/><D:creationdate/><D:iscollection>1</D:iscollection><D:resourcetype><D:collection/></D:resourcetype><D:ishidden>0</D:ishidden><D:displayname>http://xx.xxx.xx.xx/SMS_DP_SMSPKG$/sccm?/DOR0008C/</D:displayname><D:getlastmodified></D:getlastmodified><D:getcontentlanguage/><D:getcontentlength>0</D:getcontentlength></D:prop></D:propstat></D:response><D:response><D:href>http://xx.xx.xx.xx/SMS_DP_SMSPKG$/DOR0008C/sccm?/GetTargetedApplications_v0_9.ps1</D:href><D:propstat><D:status>HTTP/1.1 200 OK</D:status><D:prop><D:getcontenttype/><D:lockdiscovery/><D:supportedlock/><D:getetag/><D:getcontentlanguage/><D:iscollection>0</D:iscollection><D:creationdate/><D:resourcetype/><D:ishidden>0</D:ishidden><D:displayname>http://xx.xx.xx.xx/SMS_DP_SMSPKG$/DOR0008C/sccm?/GetTargetedApplications_v0_9.ps1</D:displayname><D:getlastmodified>Mon, 02 Jun 2014 15:02:26 GMT</D:getlastmodified><D:getcontentlength>2433</D:getcontentlength></D:prop></D:propstat></D:response></D:multistatus> RunPowerShellScript 6/2/2014 11:36:34 AM 1920 (0x0780)
List of files to be downloaded RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
File: http://xx.xxx.xx.xx:80/SMS_DP_SMSPKG$/DOR0008C/sccm?/GetTargetedApplications_v0_9.ps1 RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
GetDirectoryListing() successfully completed RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
Succeeded loading resource DLL 'C:\WINDOWS\CCM\1033\TSRES.DLL' RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
401 - Unsuccessful with anonymous access. Retrying with context credentials. RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
Downloading file /SMS_DP_SMSPKG$/DOR0008C/sccm?/GetTargetedApplications_v0_9.ps1 range 0-2432 RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
Downloaded file from http://xx.xxx.xx.xx:80/SMS_DP_SMSPKG$/DOR0008C/sccm?/GetTargetedApplications_v0_9.ps1 to C:\_SMSTaskSequence\Packages\DOR0008C\GetTargetedApplications_v0_9.ps1 RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
VerifyContentHash: Hash algorithm is 32780 RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
Content successfully downloaded at C:\_SMSTaskSequence\Packages\DOR0008C. RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
Resolved source to 'C:\_SMSTaskSequence\Packages\DOR0008C' RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
Command line for extension .exe is "%1" %* RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
Set command line: Run Powershell script RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
Working dir 'C:\_SMSTaskSequence\Packages\DOR0008C' RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
Executing command line: Run Powershell script RunPowerShellScript 6/2/2014 11:36:35 AM 1920 (0x0780)
Process completed with exit code 1 RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
Unable to find type [%_SMSTSMachineName%]: make sure that the assembly containi RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
ng this type is loaded. RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
At C:\_SMSTaskSequence\Packages\DOR0008C\GetTargetedApplications_v0_9.ps1:12 ch RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
ar:26 RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
+ [%_SMSTSMachineName%] <<<< $ResourceName, RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
+ CategoryInfo : InvalidOperation: (%_SMSTSMachineName%:String) [ RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
], RuntimeException RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
+ FullyQualifiedErrorId : TypeNotFound RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
Command line returned 1 RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
ReleaseSource() for C:\_SMSTaskSequence\Packages\DOR0008C. RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
reference count 1 for the source C:\_SMSTaskSequence\Packages\DOR0008C before releasing RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
Released the resolved source C:\_SMSTaskSequence\Packages\DOR0008C RunPowerShellScript 6/2/2014 11:36:41 AM 1920 (0x0780)
Process completed with exit code 1 TSManager 6/2/2014 11:36:41 AM 2264 (0x08D8)
!--------------------------------------------------------------------------------------------! TSManager 6/2/2014 11:36:41 AM 2264 (0x08D8)
Failed to run the action: Get Applications.
Incorrect function. (Error: 00000001; Source: Windows) TSManager 6/2/2014 11:36:41 AM 2264 (0x08D8)
MP server http://xx.xxx.xx.xx. Ports 80,443. CRL=false. TSManager 6/2/2014 11:36:41 AM 2264 (0x08D8)
Setting authenticator TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Set authenticator in transport TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Sending StatusMessage TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Setting message signatures. TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Setting the authenticator. TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
CLibSMSMessageWinHttpTransport::Send: URL: xx.xxx.xx.xx:80 CCM_POST /ccm_system/request TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Request was successful. TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Set a global environment variable _SMSTSLastActionRetCode=1 TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Set a global environment variable _SMSTSLastActionSucceeded=false TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Clear local default environment TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Let the parent group (Install User Applications) decides whether to continue execution TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
The execution of the group (Install User Applications) has failed and the execution has been aborted. An action failed.
Operation aborted (Error: 80004004; Source: Windows) TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Failed to run the last action: Get Applications. Execution of task sequence failed.
Incorrect function. (Error: 00000001; Source: Windows) TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
MP server http://xx.xxx.xx.xx. Ports 80,443. CRL=false. TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Setting authenticator TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Set authenticator in transport TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Sending StatusMessage TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Setting message signatures. TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Setting the authenticator. TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
CLibSMSMessageWinHttpTransport::Send: URL: xx.xxx.xx.xx:80 CCM_POST /ccm_system/request TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Request was successful. TSManager 6/2/2014 11:36:42 AM 2264 (0x08D8)
Launching command shell. OSDSetupHook 6/2/2014 11:36:49 AM 2340 (0x0924)
executing command: C:\WINDOWS\system32\cmd.exe /k OSDSetupHook 6/2/2014 11:36:49 AM 2340 (0x0924)
executed command: C:\WINDOWS\system32\cmd.exe /k OSDSetupHook 6/2/2014 11:36:49 AM 2340 (0x0924)
Execution::enExecutionFail != m_eExecutionResult, HRESULT=80004005 (e:\nts_sccm_release\sms\client\tasksequence\tsmanager\tsmanager.cpp,923) TSManager 6/2/2014 11:51:56 AM 2264 (0x08D8)
Task Sequence Engine failed! Code: enExecutionFail TSManager 6/2/2014 11:51:56 AM 2264 (0x08D8)
**************************************************************************** TSManager 6/2/2014 11:51:56 AM 2264 (0x08D8)
Task sequence execution failed with error code 80004005 TSManager 6/2/2014 11:51:56 AM 2264 (0x08D8)
Cleaning Up. TSManager 6/2/2014 11:51:56 AM 2264 (0x08D8)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...



×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.