Jump to content


Always

Adding Custom GlobalCondition to a DeploymentType - powershell

Recommended Posts

Hi WN

I trying to add a custom Global Condition to a deployment type. But cant figure out how it done. and a big error so ??

if (!(Get-CMGlobalCondition -Name "Is user is logged on"))
{
    Remove-Item "$env:temp\Is_user_is_logged_on.ps1" -ea SilentlyContinue
    Add-Content -Encoding UTF8 "$env:temp\Is_user_is_logged_on.ps1" "[bool] (Get-Process explorer –ea 0)"
    New-CMGlobalCondition -Name "Is user is logged on" -Description "Check if an user is logged on" -DeviceType Windows -DataType Boolean -ScriptLanguage PowerShell -FilePath "$env:temp\Is_user_is_logged_on.ps1"
    Remove-Item "$env:temp\Is_user_is_logged_on.ps1" -ea SilentlyContinue
}

$ApplicationName = "Igor Pavlov 7-Zip 18.05 (x64 edition) 18.05.00.0 V1"
$condition = Get-CMGlobalCondition -Name "Is user is logged on"
Set-CMDeploymentType -ApplicationName "$ApplicationName" -DeploymentTypeName "_Silent" -AddRequirement "$condition.Rule"

console return:

Cannot convert value "[SecurityVerbs(-1)]
instance of SMS_GlobalCondition

......

ref: https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/32636506-powershell-cmdlet-for-adding-global-conditions-as

anyone done this before?

Share this post


Link to post
Share on other sites

The Get-CMGlobalCondition CMDlet does not return a valid object for the AddRequirement property. This is a known problem and will be addressed in future CB versions.

 

There is a workaround available though.

https://social.technet.microsoft.com/Forums/ie/en-US/95e6ad51-0b5c-4d65-9831-753db4e3b557/how-to-add-an-existing-global-condition-to-an-application-deployment-type-via-powershell?forum=configmanagerapps

Share this post


Link to post
Share on other sites

9 hours ago, Peter33 said:

The Get-CMGlobalCondition CMDlet does not return a valid object for the AddRequirement property. This is a known problem and will be addressed in future CB versions.

 

There is a workaround available though.

https://social.technet.microsoft.com/Forums/ie/en-US/95e6ad51-0b5c-4d65-9831-753db4e3b557/how-to-add-an-existing-global-condition-to-an-application-deployment-type-via-powershell?forum=configmanagerapps

Thanks for the link

Got it to work with following code

Function Connect-SCCM
{
	Param (
		[Parameter(Mandatory = $True)]
		[String]$SiteCode,
		[Parameter(Mandatory = $True)]
		[String]$Primary
	)
	If (!(Get-Module -name ConfigurationManager))
	{
		import-module $env:SMS_ADMIN_UI_PATH.Replace('bin\i386', 'bin\ConfigurationManager.psd1') -force
		if ((get-psdrive $SiteCode -erroraction SilentlyContinue | Measure-Object).Count -ne 1)
		{
			new-psdrive -Name $SiteCode -PSProvider 'AdminUI.PS.Provider\CMSite' -Root $Primary -Scope Global
		}
		
		$ConsoleFolder = $Env:SMS_ADMIN_UI_PATH -replace '\\i386', ''
		[System.Reflection.Assembly]::LoadFrom("$($ConsoleFolder)\Microsoft.ConfigurationManagement.ApplicationManagement.dll") | Out-Null
	}
} #end function Connect-SCCM


Function Get-SCCMGlobalCondition($name, $siteServerName)
{
	$connectionManager = new-object Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine.WqlConnectionManager
	$isConnected = $connectionManager.Connect($siteServerName)
	$SCCMserver = $connectionManager.NamedValueDictionary.ServerName
	$SCCMsitecode = "PRI"
	$SCCMNamespace = "root\sms\site_PRI"
	#$nameformated = $name.Replace(" ","")
	$objResult = Get-WmiObject -ComputerName $siteServerName -Class SMS_GlobalCondition -Namespace $SCCMNamespace -filter "ModelName like '%$name%' "
	if ($objResult -eq $null)
	{
		$objResult = Get-WmiObject -ComputerName $siteServerName -Class SMS_GlobalCondition -Namespace $SCCMNamespace -filter "ModelName = '$name'"
	}
	if ($objResult -eq $null)
	{
		$objResult = Get-WmiObject -ComputerName $siteServerName -Class SMS_GlobalCondition -Namespace $SCCMNamespace -filter "LocalizedDisplayName = '$name'"
	}
	$objResult | Where-Object{$_.PlatformType -eq 1}
	
	
}

  <#
 
        .SYNOPSIS
            Creates a Global Condition rule of type [Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Rules.Rule]. 
            This rule can be added as a requirement for an deployment type

        .DESCRIPTION
            This function will Create a rule for an global condition
             
        .PARAMETER SiteServerName
           Name of the SCCM Site server to check Global Conditions
  
        .PARAMETER GlobalCondition
            Name of the global condition you wanted to use
 
        .PARAMETER Operator
            Operator used to validate the rule. Accepted values are Equals,NotEquals,GreaterThan,LessThan,Between,GreaterEquals,LessEquals,BeginsWith,NotBeginsWith,EndsWith,NotEndsWith,Contains,NotContains,AllOf,OneOf,NoneOf,SetEquals,Existential (Custom),NotExistential (Custom)
            
        .PARAMETER Value
            Value on which the rule should check. Use MB when data value is needed

        .PARAMETER SettingSourceType
           Default value is CIM if type is of other value please type this value. Possible values:
  Registry, IisMetabase, SqlQuery, WqlQuery, Script, XPathQuery, ADQuery, Complex, SoftwareUpdate, File, 
  Folder, RegistryKey, Assembly, Uri, Expression, CIM, ParameterizedSetting, PlistKey, MSI, MacDetection
  
 
        .EXAMPLE
            Create-SCCMGlobalConditionsRule . "TotalPhysicalMemory" "GreaterEquals" 524288000 "CIM"
             
            Creates a rule where Total Phyiscal memory is greater than or equals to 500 MB
 
        .EXAMPLE
            
            Create-SCCMGlobalConditionsRule . "CPU" "GreaterThan" 10000 "CIM"
            
            Creates a rule where the cpu speed is greater than 1 GHZ
 
 #>
Function Create-SCCMGlobalConditionsRule($siteServerName, $GlobalCondition, $Operator, $Value, $SettingSourceType)
{
	if ($GlobalCondition.ModelName -eq $null)
	{
		$GlobalCondition = Get-SCCMGlobalCondition $GlobalCondition $siteServerName
	}
	
	if ($GlobalCondition -eq $null)
	{
		Write-Error "Global condition not found"
		return
	}
	
	$gcTmp = $GlobalCondition.ModelName.Split("/")
	$gcScope = $gcTmp[0]
	$gcLogicalName = $gcTmp[1]
	$gcDataType = $GlobalCondition.DataType
	$gcExpressionDataType = [Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Expressions.DataType]::GetDataTypeFromTypeName($gcDataType)
	
	if ($operator.ToLower() -eq "notexistential" -OR $operator.ToLower() -eq "existential")
	{
		$gcExpressionDataType = [Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Expressions.DataType]::Int64
	}
	#Retrieving logical name of setting 
	$settingsxml = [xml] ([wmi]$GlobalCondition.__PATH).SDMPackageXML
	if ($settingsxml.DesiredConfigurationDigest.GlobalSettings.AuthoringScopeId -eq "GLOBAL")
	{
		$global = $true
		$SettingLogicalName = "$($gcLogicalName)_Setting_LogicalName"
	}
	else
	{
		$SettingLogicalName = $settingsxml.DesiredConfigurationDigest.GlobalSettings.Settings.FirstChild.FirstChild.LogicalName
	}
	if (!($SettingLogicalName))
	{
		$SettingLogicalName = $settingsxml.DesiredConfigurationDigest.GlobalExpression.LogicalName
	}
	
	#Checking for ConfigurationItemSetting 
	
	if ($SettingSourceType -ne $null -AND $SettingSourceType -ne "")
	{
		$CISettingSourceType = [Microsoft.ConfigurationManagement.DesiredConfigurationManagement.ConfigurationItemSettingSourceType]::$SettingSourceType
	}
	else
	{
		$CISettingSourceType = [Microsoft.ConfigurationManagement.DesiredConfigurationManagement.ConfigurationItemSettingSourceType]::CIM
	}
	
	#if ($global){
	$arg = @($gcScope,
		$gcLogicalName
		$gcExpressionDataType,
		$SettingLogicalName,
		$CISettingSourceType
	)
	$reqSetting = new-object  Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Expressions.GlobalSettingReference -ArgumentList $arg
	
	
	#custom properties Existential
	if ($operator.ToLower() -eq "notexistential")
	{
		$operator = "Equals"
		$Value = 0
		$reqSetting.MethodType = "Count"
	}
	if ($operator.ToLower() -eq "existential")
	{
		$operator = "NotEquals"
		$Value = 0
		$reqSetting.MethodType = "Count"
		
		
	}
	
	$arg = @($value,
		$gcExpressionDataType
	)
	$reqValue = new-object Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Expressions.ConstantValue -ArgumentList $arg
	
	$operands = new-object "Microsoft.ConfigurationManagement.DesiredConfigurationManagement.CustomCollection``1[[Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Expressions.ExpressionBase]]"
	$operands.Add($reqSetting) | Out-Null
	$operands.Add($reqValue) | Out-Null
	
	#Changing Equals to IsEquals 
	if ($operator.ToLower() -eq "equals") { $operator = "IsEquals" }
	$Expoperator = Invoke-Expression [Microsoft.ConfigurationManagement.DesiredConfigurationManagement.ExpressionOperators.ExpressionOperator]::$operator
	
	
	
	
	if ($GlobalCondition.DataType -eq "OperatingSystem")
	{
		
		$operands = new-object "Microsoft.ConfigurationManagement.DesiredConfigurationManagement.CustomCollection``1[[Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Expressions.RuleExpression]]"
		foreach ($os in $value)
		{
			$operands.Add($os)
		}
		$arg = @($Expoperator,
			$operands
		)
		$expression = new-object Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Expressions.OperatingSystemExpression -ArgumentList $arg
		
	}
	else
	{
		$arg = @($Expoperator,
			$operands
		)
		$expression = new-object Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Expressions.Expression -ArgumentList $arg
		
	}
	
	
	$anno = new-object Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Rules.Annotation
	$annodisplay = "$($GlobalCondition.LocalizedDisplayName) $operator $value"
	$arg = @(
		"DisplayName",
		$annodisplay,
		$null
	)
	$anno.DisplayName = new-object Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Rules.LocalizableString -ArgumentList $arg
	
	$arg = @(
		("Rule_" + [Guid]::NewGuid().ToString()),
		[Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Rules.NoncomplianceSeverity]::None,
		$anno,
		$expression
	)
	$rule = new-object "Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Rules.Rule" -ArgumentList $arg
	
	
	return $rule
}

$Primary = 'CM01.lab.local'
$SiteCode = "PRI"

Connect-SCCM -SiteCode $SiteCode -Primary $Primary

$applicationname = 'Igor Pavlov 7-Zip 18.05 (x64 edition) 18.05.00.0 V1'
$GC = "Is user is logged on"
$DTName = '_Interactive'

set-location "$($SiteCode):"

$rule = Create-SCCMGlobalConditionsRule -GlobalCondition $gc -Operator "IsEquals" -Value "True" -siteServerName $Primary -SettingSourceType 'WqlQuery'

Set-CMDeploymentType -ApplicationName $applicationname -DeploymentTypeName $DTName -AddRequirement $rule -verbose

 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.