Jump to content




Always

Adding Custom GlobalCondition to a DeploymentType - powershell



Recommended Posts

Hi WN

I trying to add a custom Global Condition to a deployment type. But cant figure out how it done. and a big error so ??

if (!(Get-CMGlobalCondition -Name "Is user is logged on"))
{
    Remove-Item "$env:temp\Is_user_is_logged_on.ps1" -ea SilentlyContinue
    Add-Content -Encoding UTF8 "$env:temp\Is_user_is_logged_on.ps1" "[bool] (Get-Process explorer –ea 0)"
    New-CMGlobalCondition -Name "Is user is logged on" -Description "Check if an user is logged on" -DeviceType Windows -DataType Boolean -ScriptLanguage PowerShell -FilePath "$env:temp\Is_user_is_logged_on.ps1"
    Remove-Item "$env:temp\Is_user_is_logged_on.ps1" -ea SilentlyContinue
}

$ApplicationName = "Igor Pavlov 7-Zip 18.05 (x64 edition) 18.05.00.0 V1"
$condition = Get-CMGlobalCondition -Name "Is user is logged on"
Set-CMDeploymentType -ApplicationName "$ApplicationName" -DeploymentTypeName "_Silent" -AddRequirement "$condition.Rule"

console return:

Cannot convert value "[SecurityVerbs(-1)]
instance of SMS_GlobalCondition

......

ref: https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/32636506-powershell-cmdlet-for-adding-global-conditions-as

anyone done this before?

Share this post


Link to post
Share on other sites


One option may be to create an uninstall package/application for 7zip.  Then "require" it for a custom collection that you added specific users/computers to. That way it will auto run in the background and remove the app.

Share this post


Link to post
Share on other sites

The Get-CMGlobalCondition CMDlet does not return a valid object for the AddRequirement property. This is a known problem and will be addressed in future CB versions.

 

There is a workaround available though.

https://social.technet.microsoft.com/Forums/ie/en-US/95e6ad51-0b5c-4d65-9831-753db4e3b557/how-to-add-an-existing-global-condition-to-an-application-deployment-type-via-powershell?forum=configmanagerapps

Share this post


Link to post
Share on other sites
9 hours ago, Peter33 said:

The Get-CMGlobalCondition CMDlet does not return a valid object for the AddRequirement property. This is a known problem and will be addressed in future CB versions.

 

There is a workaround available though.

https://social.technet.microsoft.com/Forums/ie/en-US/95e6ad51-0b5c-4d65-9831-753db4e3b557/how-to-add-an-existing-global-condition-to-an-application-deployment-type-via-powershell?forum=configmanagerapps

Thanks for the link

Got it to work with following code

Function Connect-SCCM
{
	Param (
		[Parameter(Mandatory = $True)]
		[String]$SiteCode,
		[Parameter(Mandatory = $True)]
		[String]$Primary
	)
	If (!(Get-Module -name ConfigurationManager))
	{
		import-module $env:SMS_ADMIN_UI_PATH.Replace('bin\i386', 'bin\ConfigurationManager.psd1') -force
		if ((get-psdrive $SiteCode -erroraction SilentlyContinue | Measure-Object).Count -ne 1)
		{
			new-psdrive -Name $SiteCode -PSProvider 'AdminUI.PS.Provider\CMSite' -Root $Primary -Scope Global
		}
		
		$ConsoleFolder = $Env:SMS_ADMIN_UI_PATH -replace '\\i386', ''
		[System.Reflection.Assembly]::LoadFrom("$($ConsoleFolder)\Microsoft.ConfigurationManagement.ApplicationManagement.dll") | Out-Null
	}
} #end function Connect-SCCM


Function Get-SCCMGlobalCondition($name, $siteServerName)
{
	$connectionManager = new-object Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine.WqlConnectionManager
	$isConnected = $connectionManager.Connect($siteServerName)
	$SCCMserver = $connectionManager.NamedValueDictionary.ServerName
	$SCCMsitecode = "PRI"
	$SCCMNamespace = "root\sms\site_PRI"
	#$nameformated = $name.Replace(" ","")
	$objResult = Get-WmiObject -ComputerName $siteServerName -Class SMS_GlobalCondition -Namespace $SCCMNamespace -filter "ModelName like '%$name%' "
	if ($objResult -eq $null)
	{
		$objResult = Get-WmiObject -ComputerName $siteServerName -Class SMS_GlobalCondition -Namespace $SCCMNamespace -filter "ModelName = '$name'"
	}
	if ($objResult -eq $null)
	{
		$objResult = Get-WmiObject -ComputerName $siteServerName -Class SMS_GlobalCondition -Namespace $SCCMNamespace -filter "LocalizedDisplayName = '$name'"
	}
	$objResult | Where-Object{$_.PlatformType -eq 1}
	
	
}

  <#
 
        .SYNOPSIS
            Creates a Global Condition rule of type [Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Rules.Rule]. 
            This rule can be added as a requirement for an deployment type

        .DESCRIPTION
            This function will Create a rule for an global condition
             
        .PARAMETER SiteServerName
           Name of the SCCM Site server to check Global Conditions
  
        .PARAMETER GlobalCondition
            Name of the global condition you wanted to use
 
        .PARAMETER Operator
            Operator used to validate the rule. Accepted values are Equals,NotEquals,GreaterThan,LessThan,Between,GreaterEquals,LessEquals,BeginsWith,NotBeginsWith,EndsWith,NotEndsWith,Contains,NotContains,AllOf,OneOf,NoneOf,SetEquals,Existential (Custom),NotExistential (Custom)
            
        .PARAMETER Value
            Value on which the rule should check. Use MB when data value is needed

        .PARAMETER SettingSourceType
           Default value is CIM if type is of other value please type this value. Possible values:
  Registry, IisMetabase, SqlQuery, WqlQuery, Script, XPathQuery, ADQuery, Complex, SoftwareUpdate, File, 
  Folder, RegistryKey, Assembly, Uri, Expression, CIM, ParameterizedSetting, PlistKey, MSI, MacDetection
  
 
        .EXAMPLE
            Create-SCCMGlobalConditionsRule . "TotalPhysicalMemory" "GreaterEquals" 524288000 "CIM"
             
            Creates a rule where Total Phyiscal memory is greater than or equals to 500 MB
 
        .EXAMPLE
            
            Create-SCCMGlobalConditionsRule . "CPU" "GreaterThan" 10000 "CIM"
            
            Creates a rule where the cpu speed is greater than 1 GHZ
 
 #>
Function Create-SCCMGlobalConditionsRule($siteServerName, $GlobalCondition, $Operator, $Value, $SettingSourceType)
{
	if ($GlobalCondition.ModelName -eq $null)
	{
		$GlobalCondition = Get-SCCMGlobalCondition $GlobalCondition $siteServerName
	}
	
	if ($GlobalCondition -eq $null)
	{
		Write-Error "Global condition not found"
		return
	}
	
	$gcTmp = $GlobalCondition.ModelName.Split("/")
	$gcScope = $gcTmp[0]
	$gcLogicalName = $gcTmp[1]
	$gcDataType = $GlobalCondition.DataType
	$gcExpressionDataType = [Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Expressions.DataType]::GetDataTypeFromTypeName($gcDataType)
	
	if ($operator.ToLower() -eq "notexistential" -OR $operator.ToLower() -eq "existential")
	{
		$gcExpressionDataType = [Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Expressions.DataType]::Int64
	}
	#Retrieving logical name of setting 
	$settingsxml = [xml] ([wmi]$GlobalCondition.__PATH).SDMPackageXML
	if ($settingsxml.DesiredConfigurationDigest.GlobalSettings.AuthoringScopeId -eq "GLOBAL")
	{
		$global = $true
		$SettingLogicalName = "$($gcLogicalName)_Setting_LogicalName"
	}
	else
	{
		$SettingLogicalName = $settingsxml.DesiredConfigurationDigest.GlobalSettings.Settings.FirstChild.FirstChild.LogicalName
	}
	if (!($SettingLogicalName))
	{
		$SettingLogicalName = $settingsxml.DesiredConfigurationDigest.GlobalExpression.LogicalName
	}
	
	#Checking for ConfigurationItemSetting 
	
	if ($SettingSourceType -ne $null -AND $SettingSourceType -ne "")
	{
		$CISettingSourceType = [Microsoft.ConfigurationManagement.DesiredConfigurationManagement.ConfigurationItemSettingSourceType]::$SettingSourceType
	}
	else
	{
		$CISettingSourceType = [Microsoft.ConfigurationManagement.DesiredConfigurationManagement.ConfigurationItemSettingSourceType]::CIM
	}
	
	#if ($global){
	$arg = @($gcScope,
		$gcLogicalName
		$gcExpressionDataType,
		$SettingLogicalName,
		$CISettingSourceType
	)
	$reqSetting = new-object  Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Expressions.GlobalSettingReference -ArgumentList $arg
	
	
	#custom properties Existential
	if ($operator.ToLower() -eq "notexistential")
	{
		$operator = "Equals"
		$Value = 0
		$reqSetting.MethodType = "Count"
	}
	if ($operator.ToLower() -eq "existential")
	{
		$operator = "NotEquals"
		$Value = 0
		$reqSetting.MethodType = "Count"
		
		
	}
	
	$arg = @($value,
		$gcExpressionDataType
	)
	$reqValue = new-object Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Expressions.ConstantValue -ArgumentList $arg
	
	$operands = new-object "Microsoft.ConfigurationManagement.DesiredConfigurationManagement.CustomCollection``1[[Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Expressions.ExpressionBase]]"
	$operands.Add($reqSetting) | Out-Null
	$operands.Add($reqValue) | Out-Null
	
	#Changing Equals to IsEquals 
	if ($operator.ToLower() -eq "equals") { $operator = "IsEquals" }
	$Expoperator = Invoke-Expression [Microsoft.ConfigurationManagement.DesiredConfigurationManagement.ExpressionOperators.ExpressionOperator]::$operator
	
	
	
	
	if ($GlobalCondition.DataType -eq "OperatingSystem")
	{
		
		$operands = new-object "Microsoft.ConfigurationManagement.DesiredConfigurationManagement.CustomCollection``1[[Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Expressions.RuleExpression]]"
		foreach ($os in $value)
		{
			$operands.Add($os)
		}
		$arg = @($Expoperator,
			$operands
		)
		$expression = new-object Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Expressions.OperatingSystemExpression -ArgumentList $arg
		
	}
	else
	{
		$arg = @($Expoperator,
			$operands
		)
		$expression = new-object Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Expressions.Expression -ArgumentList $arg
		
	}
	
	
	$anno = new-object Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Rules.Annotation
	$annodisplay = "$($GlobalCondition.LocalizedDisplayName) $operator $value"
	$arg = @(
		"DisplayName",
		$annodisplay,
		$null
	)
	$anno.DisplayName = new-object Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Rules.LocalizableString -ArgumentList $arg
	
	$arg = @(
		("Rule_" + [Guid]::NewGuid().ToString()),
		[Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Rules.NoncomplianceSeverity]::None,
		$anno,
		$expression
	)
	$rule = new-object "Microsoft.SystemsManagementServer.DesiredConfigurationManagement.Rules.Rule" -ArgumentList $arg
	
	
	return $rule
}

$Primary = 'CM01.lab.local'
$SiteCode = "PRI"

Connect-SCCM -SiteCode $SiteCode -Primary $Primary

$applicationname = 'Igor Pavlov 7-Zip 18.05 (x64 edition) 18.05.00.0 V1'
$GC = "Is user is logged on"
$DTName = '_Interactive'

set-location "$($SiteCode):"

$rule = Create-SCCMGlobalConditionsRule -GlobalCondition $gc -Operator "IsEquals" -Value "True" -siteServerName $Primary -SettingSourceType 'WqlQuery'

Set-CMDeploymentType -ApplicationName $applicationname -DeploymentTypeName $DTName -AddRequirement $rule -verbose

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×