Zenworks Removal

To remove Zenworks Via SCCM, Use the ZCM Agent Cleanup Utility. Annoyingly, there is a different utility for each version of the Zen Client.

The Command line however is the same.

 AgentCleanup.exe -logpath="c:\windows\ccm\logs\ZENremove.log" -silent -vanish -casa -restoregina  

 We created a single application, with a deployment for each Version of Zen in the environment. Each deployment pointed to the appropriate Cleanup utility version - which was simply located in a different sub folder .






We set a version requirement for each of the deployments based on a custom requirement.

 The Requirement was configured as a global Condition  using the zenworks version registry value from the key:
HKLM\SOFTWARE\Novell\ZCM\version

Report on Groupwise Archive Location

One of the Main Issues with Dealing with a Groupwise migration is finding the locations of the Archive files. This is not a huge issue if your Users only have a single Archive file, however some users like to split off archives every year, and file them in places. The following scripts will report back the location of a groupwise log. these scripts were deployed to run on the desktop aproximatley 5 minutes after logon. If groupwise was running, they work silently, Otherwise they prompt. First for X86

 On Error resume next  
 'HKEY_LOCAL_MACHINE\Software\Microsoft\PCHealth\ErrorReporting\DW  
 'DWORD DWReportee 0 (Default) 1 Disable  
 Const HKEY_LOCAL_MACHINE = &H80000002  
 strComputer = "."  
 Set StdOut = WScript.StdOut  
 Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_   
 strComputer & "\root\default:StdRegProv")  
 strKeyPath = "SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW"  
 strValueName = "DWReportee"  
 dwValue = 1  
 oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue  
 strKeyPath = "SOFTWARE\Microsoft\PCHealth\ErrorReporting\ExclusionList"  
 strValueName = "cscript.exe"  
 dwValue = 1  
 oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue  
 strKeyPath = "SOFTWARE\Microsoft\PCHealth\ErrorReporting"  
 strValueName = "ShowUI"  
 dwValue = 0  
 oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue  
 strKeyPath = "SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug"  
 strValueName = "Auto"  
 strValue = "1"  
 oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,strValue  
 strValueName = "Debugger"  
 strValue = "drwtsn32 -p %ld -e %ld -g"  
 oReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,strValue  
 Set oFSO = CreateObject("Scripting.FileSystemObject")  
 Set oSH = CreateObject("wScript.Shell")  
 'intJnk = oSH.Run("drwtsn32.exe -i",8,True)  
 strComputerName = OSH.ExpandEnvironmentStrings( "%COMPUTERNAME%" )  
 strudomain = OSH.ExpandEnvironmentStrings( "%userdomain%" )  
 struName = OSH.ExpandEnvironmentStrings( "%username%" )  
 struprofile = OSH.ExpandEnvironmentStrings( "%userprofile%" )  
 strLogFldr = "\\FS10C1\Logs$\ArchiveLogs\"  
 strLogPath = strLogFldr & struName & ".txt"  
 strLogLocPath = "C:\Windows\CCM\Logs\GWArchivePath.log"  
 dim GWApp   
 Set GWApp = CreateObject("NovellGroupWareSession")   
 dim GWAccount   
 Set GWAccount = GWApp.login()  
 Set oFolder = oFSO.GetFolder(GWAccount.PathToArchive)  
 ifolder=oFolder&"\"&"of"& GWAccount.AccountProperty(9) &"arc\"  
 archivesize=oFolder.Size  
 archivesize=archivesize\1024  
 if oFSO.folderexists(strLogFldr) Then   
   Set usrLog = oFSO.OpenTextFile(strLogPath, 8, True)  
   'usrLog.WriteLine ("UID: " & GWAccount.AccountUID &", ArchivePath: " & ifolder &", SIZE (KB): " & archivesize &", ")  
   usrLog.WriteLine ("UID: " & GWAccount.AccountUID &", ArchivePath: " & ifolder &", SIZE (KB): " & archivesize &", " & "Computer: " & strComputerName )  
   Set usrLocLog = oFSO.OpenTextFile(strLogLocPath, 8, True)  
   'usrLocLog.WriteLine ("UID: " & GWAccount.AccountUID &", ArchivePath: " & ifolder &", SIZE (KB): " & archivesize &", ")  
   usrLocLog.WriteLine ("UID: " & GWAccount.AccountUID &", ArchivePath: " & ifolder &", SIZE (KB): " & archivesize &", " & "Computer: " & strComputerName )  
 End if  
 'GWApp.quit()  
 'Cleanup  
 Set StdOut = Nothing  
 Set oReg = Nothing  
 Set oFSO = Nothing  
 Set oSH = Nothing  
 Set GWApp = Nothing  
 Set GWAccount = Nothing  
 Set oFolder = Nothing  
 Set theFolder = Nothing  
 Set usrLog = Nothing  
 Set usrLocLog = Nothing  
 WScript.Quit  

Then For X64

 On Error resume next  
 'HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Windows Error Reporting  
 'DWORD Disabled 0 - Enabled (default) 1 - Disabled  
 'DWORD DontShowUI 0 - UI (default) 1 - No UI  
 const HKEY_LOCAL_MACHINE = &H80000002  
 strComputer = "."  
 Set StdOut = WScript.StdOut  
 Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_   
 strComputer & "\root\default:StdRegProv")  
 strKeyPath = "SOFTWARE\Microsoft\Windows\Windows Error Reporting"  
 'strValueName = "Disabled"  
 'dwValue = 1  
 'oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue  
 strValueName = "DontShowUI"  
 dwValue = 1  
 oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue  
 Set oFSO = CreateObject("Scripting.FileSystemObject")  
 Set oSH = CreateObject("wScript.Shell")  
 Set oFS = CreateObject("Scripting.FileSystemObject")  
 strOldWSH = oSH.ExpandEnvironmentStrings("%SYSTEMROOT%\SysWOW64\wscript.exe")  
 If oFS.FileExists(strOldWSH) Then  
   If Not UCase(WScript.FullName) = UCase(strOldWSH) Then  
     oSH.Run """" & strOldWSH & """ """ & WScript.ScriptFullName & """", 1, False  
     WScript.Quit  
   End If  
 End If  
 strComputerName = OSH.ExpandEnvironmentStrings( "%COMPUTERNAME%" )  
 struDomain = OSH.ExpandEnvironmentStrings( "%userdomain%" )  
 struName = OSH.ExpandEnvironmentStrings( "%username%" )  
 struprofile = OSH.ExpandEnvironmentStrings( "%userprofile%" )  
 strLogFldr = "\\FS10C1\Logs$\ArchiveLogs\"  
 strLogPath = strLogFldr & struName & ".txt"  
 strLogLocPath = "C:\Windows\CCM\Logs\GWArchivePath.log"  
 dim GWApp   
 Set GWApp = CreateObject("NovellGroupWareSession")   
 dim GWAccount   
 Set GWAccount = GWApp.login()  
 Set oFolder = oFSO.GetFolder(GWAccount.PathToArchive)  
 ifolder=oFolder&"\"&"of"& GWAccount.AccountProperty(9) &"arc\"  
 'gwapp.quit()  
 archivesize=oFolder.Size  
 archivesize=archivesize\1024  
 if oFSO.folderexists(strLogFldr) Then   
   Set usrLog = oFSO.OpenTextFile(strLogPath, 8, True)  
   usrLog.WriteLine ("UID: " & GWAccount.AccountUID &", ArchivePath: " & ifolder &", SIZE (KB): " & archivesize &", " & "Computer: " & strComputerName )  
   Set usrLocLog = oFSO.OpenTextFile(strLogLocPath, 8, True)  
   usrLocLog.WriteLine ("UID: " & GWAccount.AccountUID &", ArchivePath: " & ifolder &", SIZE (KB): " & archivesize &", " & "Computer: " & strComputerName)  
 End If  
 'Cleanup  
 WERR_Normal  
 Set StdOut = Nothing  
 Set oReg = Nothing  
 Set oFSO = Nothing  
 Set oSH = Nothing  
 Set oFS = Nothing  
 Set GWApp = Nothing  
 Set GWAccount = Nothing  
 Set oFolder = Nothing  
 Set usrLog = Nothing  
 WScript.Quit  
 '+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++  
 Sub WERR_Normal  
 const HKEY_LOCAL_MACHINE = &H80000002  
 strComputer = "."  
 Set objReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_   
 strComputer & "\root\default:StdRegProv")  
 strKeyPath = "SOFTWARE\Microsoft\Windows\Windows Error Reporting"  
 strDWORDValueName = "DontShowUI"  
 objReg.DeleteValue HKEY_LOCAL_MACHINE,strKeyPath,strDWORDValueName  
 'Cleanup  
 Set objReg = Nothing  
 End Sub  
 '+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++  

Remove Novell Client

This script will remove Novell Clients for workstations. It was meant to be deployed via SCCM

 'RemoveNovell.vbs - Checks for OS  
 'Removes Novell client depending on OS version (XPx86, 7x64)  
 On Error Resume Next  
 If Win7 = True Then  
      'WScript.Echo "Win7x64"  
      Novellon7x64   
      Else  
      'WScript.Echo "WinXP"  
      NovellonXP  
 End If  
 '==========================================================================  
 Function Win7()   
   Win7 = False   
   Dim colOS : Set colOS = GetObject("WinMGMTS://").ExecQuery("SELECT Version FROM Win32_OperatingSystem",, 48)   
   Dim objOS   
   For Each objOS In colOS   
     If objOS.Version >= "6.1.7600" Then Win7 = True   
   Next   
 End Function  
 '==========================================================================  
 Function Os64Bit()   
   Os64Bit = False   
   Dim colOS : Set colOS = GetObject("WinMGMTS://").ExecQuery("SELECT AddressWidth FROM Win32_Processor",, 48)   
   Dim objOS   
   For Each objOS In colOS   
     If objOS.AddressWidth = 64 Then Os64Bit = True   
   Next   
 End Function  
 '==========================================================================  
 Sub Novellon7x64  
 'WScript.Echo "Sub Novellon7x64"  
 Set WSHShell = WScript.CreateObject("WScript.Shell")  
 Set WSHExec = CreateObject("Shell.Application")  
 ' used For executing a command line command   
 ' %SystemRoot%\System32\rundll32 "C:\Program Files\Novell\Client\ncsetup.dll" NWUninstallClient  
 strProgFilesx86 = WSHShell.ExpandEnvironmentStrings("%ProgramFiles(x86)%")  
 strProgFiles = WSHShell.ExpandEnvironmentStrings("%ProgramFiles%")  
 'Determine Novell Version for Error Handling   
 strRoot = "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Novell Client for Windows\"  
 strName = "DisplayName"  
 strValue = WSHShell.RegRead(strRoot & strName)  
 If IsNull(strValue) Then  
   'WScript.Echo "Novell is not installed"  
   Logit "RemoveNovellcleanup"  
 Else  
      strSetupCS = WSHShell.ExpandEnvironmentStrings("%COMSPEC%") ' & " /c | " & WSHShell.ExpandEnvironmentStrings("%SystemRoot%") & "\System32\rundll32.exe " & WSHShell.ExpandEnvironmentStrings("%ProgramFiles%") & """\Novell\Client\ncsetup.dll"" /s"  
      strSetupNC = "/c " & WSHShell.ExpandEnvironmentStrings("%SystemRoot%") & "\System32\rundll32.exe """ & WSHShell.ExpandEnvironmentStrings("%ProgramFiles%") & "\Novell\Client\ncsetup.dll"" NWUninstallClient /s"  
      strNICI = WSHShell.ExpandEnvironmentStrings("%WINDIR%") & "\system32\MsiExec.exe /X{559D2B32-5066-4762-A2F2-52831AC6F67B} /qn"  
   Msgbox "Removing Novell Client, UnInstaller will automatically REBOOT your PC when it is done. PLEASE Ensure all your data files are saved and closed before clicking OK!",48,"Novell Client Removal"  
      jnk = WsHExec.ShellExecute (strSetupCS,strSetupNC,"","runas",1) ' runas, Elevated  
      '*** PC will likely now Reboot and remaining checks will not be run ***  
      '*** Future launches of script will find no Novell client during initial check ***  
   'Verify Novell Version has been removed and Log results   
   strValue2 = WshShell.RegRead(strRoot & strName)  
      If IsNull(strValue2) Then  
           'WScript.Echo "Novell is not installed"  
           Logit "RemoveNovellcleanup"  
   End If  
 End If  
 'Cleanup  
 Set WshShell = Nothing  
 WScript.Quit  
 End Sub  
 '==========================================================================  
 Sub NovellonXP  
 Const HKLM=&H80000002 'HKEY_LOCAL_MACHINE   
 Set objReg=GetObject("winmgmts:!root/default:StdRegProv")   
 ' Registry access   
 Set WshShell = WScript.CreateObject("WScript.Shell")   
 ' used For executing a command line command   
 'Determine Novell Version for Error Handling   
 Key = HKLM   
 SubKey = "SOFTWARE\Novell"  
 ValueName = "CurrentVersion"  
 KeyType = REG_SZ   
 objReg.GetStringValue Key, SubKey, ValueName, Value   
 'WScript.Echo "Novell found - version = " & Value   
 If IsNull(Value) Then  
   'WScript.Echo "Novell is not installed"  
      Logit "RemoveNovellcleanup"  
 Else   
   'WScript.Echo "Removing Novell Client, please wait."  
   Msgbox "Removing Novell Client, UnInstaller will automatically REBOOT your PC when it is done. PLEASE Ensure all your data files are saved and closed before clicking OK!",48,"Novell Client Removal"  
      WshShell.Run "%WINDIR%\system32\NetWare\Nwmigw2k\setupw2k.exe /u ms_nwspx", 0, True ' 0 minimized, True wait for completion   
   WshShell.Run "%WINDIR%\system32\NetWare\Nwmigw2k\setupw2k.exe /u ms_nwnb", 0, True  
   WshShell.Run "%WINDIR%\system32\NetWare\Nwmigw2k\setupw2k.exe /u ms_nwipx", 0, True  
   WshShell.Run "%WINDIR%\system32\NetWare\Nwmigw2k\setupw2k.exe /u nw_wm", 0, True  
   WshShell.Run "%WINDIR%\system32\NetWare\Nwmigw2k\setupw2k.exe /u nw_ndps", 0, True  
   WshShell.Run "%WINDIR%\system32\NetWare\Nwmigw2k\setupw2k.exe /u nw_nwfs", 0, True  
   'WScript.Echo "Novell Client removal process has completed, please restart Windows to ensure all uneeded systems are stopped."     
   'Verify Novell Version has been removed and Log results   
   objReg.GetStringValue Key, SubKey, ValueName, Value2   
   If Value = Value2 Then  
     Logit "RemoveNovellcleanup"  
   Else  
     Logit "RemoveNovellcleanup"  
   End If  
 End If  
 'restart, wait 5 seconds, force running apps to close  
 WshShell.Run "%comspec% /c shutdown /r /t 5 /f", , TRUE  
 'Cleanup  
 Set objReg = Nothing  
 Set WshShell = Nothing  
 WScript.Quit  
 End Sub  
 '==========================================================================  
 Sub Logit (strFlag)  
 strComputer = "."  
 Set objShell = WScript.CreateObject("WScript.Shell")  
 Set objFSO = CreateObject("Scripting.FileSystemObject")  
 strcwindows = objShell.ExpandEnvironmentStrings("%systemroot%")  
 strLogPath = strcwindows & "\CCM\Logs\"  
 Set objNetwork = CreateObject("Wscript.Network")  
 strUserName = ucase((objNetwork.UserName))  
 strcomputername = ucase((objNetwork.ComputerName))  
 Set usrLog = objFSO.OpenTextFile(strLogPath & strFlag &".log", 8, True)  
 usrLog.WriteLine (Now & ";" & strUserName & ";" & strcomputername & strFlag)  
 Set objShell = Nothing  
 Set objNetwork = Nothing  
 Set usrLog = Nothing  
 Set objFSO = Nothing  
 End Sub  
 '==========================================================================  

Remove Novell IPrint

this script makes use of the nipp-su.exe iprint client uninstaller from Novel.

 'RemoveIPrint.vbs - Checks for OS  
 'Removes IPrint client depending on OS version (XP, 7)  
 On Error Resume Next  
 DeliPrinters 'remove iprint devices  
 If Win7 = True Then  
           'WScript.Echo "Win7x64"  
           Novellon7x64   
           Else  
           'WScript.Echo "WinXP"  
           NovellonXP  
 End If  
 '==========================================================================  
 Function Win7()   
   Win7 = False   
   Dim colOS : Set colOS = GetObject("WinMGMTS://").ExecQuery("SELECT Version FROM Win32_OperatingSystem",, 48)   
   Dim objOS   
   For Each objOS In colOS   
     If objOS.Version >= "6.1.7600" Then Win7 = True   
   Next   
 End Function  
 '==========================================================================  
 Sub Novellon7x64  
 'WScript.Echo "Sub Novellon7x64"  
 Set WshShell = WScript.CreateObject("WScript.Shell")  
 Set WsHExec = CreateObject("Shell.Application")  
 strProgFilesx86 = WSHShell.ExpandEnvironmentStrings("%ProgramFiles(x86)%")  
 strProgFiles = WSHShell.ExpandEnvironmentStrings("%ProgramFiles%")  
 'Determine Novell Version for Error Handling   
 strRoot = "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Novell iPrint Client\"  
 strName = "DisplayName"  
 strValue = WshShell.RegRead(strRoot & strName)  
 strSetupCS = WSHShell.ExpandEnvironmentStrings("%COMSPEC%") ' & " /c | " & scriptDir & "\System32\rundll32.exe ""C:\Program Files\Novell\Client\ncsetup.dll"" /s"  
 strSetupNC = "/c " & scriptDir & "\win-7\nipp-su.exe"  
 If IsNull(Value) Then  
   'WScript.Echo "IPrint is not installed"  
   Logit "RemoveIprint"  
 Else   
   'Msgbox "Removing IPrint Client, Please Click OK to Continue"  
      WshShell.Run scriptDir & "\win-7\nipp-su.exe", 0, True ' 0 minimized, True wait for completion   
   'Verify IPrint Version has been removed and Log results   
   strValue2 = WshShell.RegRead(strRoot & strName)  
   If strValue = strValue2 Then  
     Logit "RemoveIPrintFAILED"  
   Else  
     Logit "RemoveIPrint"  
   End If  
 End If  
 'Cleanup  
 Set WshShell = Nothing  
 WScript.Quit  
 End Sub  
 '==========================================================================  
 Sub NovellonXP  
 Const HKLM=&H80000002 'HKEY_LOCAL_MACHINE   
 Set objReg=GetObject("winmgmts:!root/default:StdRegProv")   
 ' Registry access   
 Set WshShell = WScript.CreateObject("WScript.Shell")   
 ' used For executing a command line command   
 'Determine Novell Version for Error Handling   
 Key = HKLM   
 SubKey = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Novell iPrint Client\"  
 ValueName = "DisplayName"  
 KeyType = REG_SZ   
 objReg.GetStringValue Key, SubKey, ValueName, Value   
 'WScript.Echo "IPrint found - version = " & Value   
 If IsNull(Value) Then  
   'WScript.Echo "IPrint is not installed"  
 Else   
   'Msgbox "Removing IPrint Client, Please Click OK to Continue"  
      WshShell.Run scriptDir & "\win-xp\nipp-su.exe", 0, True ' 0 minimized, True wait for completion   
   'WScript.Echo "IPrint Client removal process has completed."     
   'Verify IPrint Version has been removed and Log results   
   objReg.GetStringValue Key, SubKey, ValueName, Value2   
   If Value = Value2 Then  
     Logit "RemoveIPrintFAILED"  
   Else  
     Logit "RemoveIPrint"  
   End If  
 End If  
 'Cleanup  
 Set objReg = Nothing  
 Set WshShell = Nothing  
 WScript.Quit  
 End Sub  
 '==========================================================================  
 Sub DeliPrinters()  
 strComputer = "."  
 strOldSrv="PMAN"  
 strOldSrv5="//province_of_ns"  
 Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")  
 Set colInstalledPrinters = objWMIService.ExecQuery ("Select * from Win32_Printer")  
 Set objNetwork = CreateObject("Wscript.Network")  
 For Each objPrinter in colInstalledPrinters  
      strPName = objPrinter.Name  
      pSwitch = InStr(objPrinter.Name, strOldSrv) or InStr(objPrinter.Name, strOldSrv5)  
      If pSwitch <> 0 Then  
           objPrinter.Delete_  
      End If       
 Next  
 'Cleanup  
 Set objNetwork = Nothing  
 Set objWMIService = Nothing  
 Set colInstalledPrinters = Nothing  
 End Sub  
 '==========================================================================  
 Sub Logit (strFlag)  
 strComputer = "."  
 Set objShell = WScript.CreateObject("WScript.Shell")  
 Set objFSO = CreateObject("Scripting.FileSystemObject")  
 strcwindows = objShell.ExpandEnvironmentStrings("%systemroot%")  
 strLogPath = strcwindows & "\CCM\Logs\"  
 Set objNetwork = CreateObject("Wscript.Network")  
 strUserName = ucase((objNetwork.UserName))  
 strcomputername = ucase((objNetwork.ComputerName))  
 Set usrLog = objFSO.OpenTextFile(strLogPath & strFlag &".log", 8, True)  
 usrLog.WriteLine (Now & ";" & strUserName & ";" & strcomputername & strFlag)  
 Set objShell = Nothing  
 Set objNetwork = Nothing  
 Set usrLog = Nothing  
 Set objFSO = Nothing  
 End Sub  
 '==========================================================================  
 'Function ScriptDir determines the Folderpath this script is in  
 Function ScriptDir  
      ScriptDir = Left(WScript.ScriptFullName,Len(WScript.ScriptFullName) - Len(WScript.ScriptName) -1)  
 End Function  
 '==========================================================================  

Remove stale PC's from AD and SCCM

This script allow you to cleanup stale computers from AD and SCCM. This is seup as a 2 part process, but there is no reason why you couldnt string it all togeather.

The first portion reports on machines where no one has logged on in 60 days, and the Password on the computer account has not changed in 120. This is a good indicator that the machine is not actively in use. We export this to a CSV file.

 #Get-QADComputer -NotLoggedOnFor 60 -PasswordNotChangedFor 120 -searchroot yourdomain/OU |select-object Name, ParentContainer, DN | export-csv c:\tempoutdated.csv  

The second block remove the affected devices from AD and SCCM. Note the CSV file has a header line line above the column lines that should be removed.

 Foreach($x in Import-CSV “C:\tempoutdated.csv”){  
 $x.name  
 remove-cmdevice -devicename $x.name –force –confirm:$false  
 remove-qadobject $x.DN –force –confirm:$false  
 }  

You can also do it as a oneliner where the txt file contains a list of only PC Names.

Foreach($x in Import-CSV “C:\zzz.txt”){$x;remove-cmdevice -devicename $x –force –confirm:$false;get-qadComputer $x|remove-qadobject –force –confirm:$false} 

Script to make current logged in user local admin

this script Adds the nt interactive user to the local administrators group on a pc. this has the effect of allowing the local logged on user to have local admin rights, with out granting local admin to a domain group.

 Option Explicit  
 Dim strComputer  
 Dim objNetwork, objLocalGroup  
 ' create network object for the local computer  
 Set objNetwork = CreateObject("Wscript.Network")  
 ' get the name of the local computer  
 strComputer = objNetwork.ComputerName  
 ' bind to the group  
 Set objLocalGroup = GetObject("WinNT://" & strComputer & "/Administrators,group")  
 ' add NT Authority\Interactive to the group  
 On Error Resume Next ' suppress error in case it is already a member  
 objLocalGroup.Add("WinNT://NT Authority/Interactive")  
 On Error Goto 0  
 Set objNetwork = Nothing  
 Set objLocalGroup = Nothing  
 WScript.Quit  

Introductory Notes - Powershell Profile.

All Scripts assume Quest (Dell) AD Powershell Cmdlets and SCCM 2012R2 PS module.


I use the following Powershell Profile. This is a File called profile.ps1, located in %userprofile%\documents and preconfigures my environment.

The first line adds the  Quest (Dell) AD Powershell Cmdlets to my console.
The Second line Imports the SCCM2012 Powershell Module.
The third line changes my PS-drive to the SCCM Module.
Finally the last lines configure query limits to be higher then default.

 Add-PSSnapin quest.activeroles.admanagement  
 import-module ($Env:SMS_ADMIN_UI_PATH.Substring(0,$Env:SMS_ADMIN_UI_PATH.Length-5) + '\ConfigurationManager.psd1')  
 cd <SccmHierarchyName>:  
 set-qadpssnapinsettings -defaultsizelimit 0  
 set-cmqueryresultmaximum 50000  

Powershell SCCM Device Collections by Physical Location (IP Subnet)

This Script generates device collections by Physical location based on IP Subnet.

 ForEach ($x in Import-csv "C:\subnetcol.csv"){  
 $z=$x.Coll  
 $z  
 $rule="IP Subnet Like"+$x.subnet  
 $query= "select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where SMS_R_System.IPSubnets like '"+$x.subnet+"'"  
 $Schedule = New-CMSchedule –RecurInterval Days –RecurCount 1  
 New-CMDeviceCollection –Name $z –LimitingCollectionName "All Systems" –RefreshSchedule $Schedule -RefreshType "periodic"  
 Add-CMDeviceCollectionQueryMembershipRule -RuleName $rule -Collectionname $z -QueryExpression $query  
 }  

the input CSV should be formatted with one line per subnet and its associated location. the code is sloppy and when run, will error if a collection already exists, but will add the additional subnets to it.

 Subnet,coll  
 10.2.230.0,New_york-2575_Hwy_206                                                              ,  
 10.2.202.0,Chicago-626_College_Rd                                                              ,  
 10.1.137.0,Ottawa-291_Peeter_Douglas_Rd  

SCCM 2012 Automated Collections in Powershell

The following code generates device collections of XP Systems from  a series of All System - dept name collections. (IE all XP machines in finance dept, All XP machines in Sales)

 foreach($x in get-cmdevicecollection -name "All Systems -*"){  
 $u=$x.Name  
 $z=$x.Name.insert(3," XP ")  
 $u  
 $z  
 $rule="WinXP"  
 $Find="Microsoft Windows NT Workstation 5.1"  
 $query= "select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where SMS_R_System.OperatingSystemNameandVersion like '"+$find+"'"  
 $Schedule = New-CMSchedule –RecurInterval Days –RecurCount 1  
 New-CMDeviceCollection –Name $z –LimitingCollectionName $u –RefreshSchedule $Schedule -RefreshType "periodic"  
 Add-CMDeviceCollectionQueryMembershipRule -RuleName $rule -Collectionname $z -QueryExpression $query  
 }