One of My Customer recently migrated from SMS 2003 to SCCM. They had this unique requirement based on the current setup that all the Distribution point should have read access for the SYSTEM / NETWORK /INTERACTIVE Accounts on the Package share in order for the Application to work correctly. SCCM has a strict check for DOMAIN\USER format in the input, which was probably not enforced in SMS 2003

 

So when they tried to specify an account they would obviously get the error “The Windows User Account Name you entered is not valid. Please enter a user name of the form: Domain\User”

 

 

Finally we had to come out with a custom script to get this thing working, once the script ran it added the account to the Package Access Properties.

 '***********************************
' Update usernames for PkgAccess
' Adding user accounts which donot meet domain\user criteria
' Author jeevanb@microsoft.com
' Note: This is not an official Microsoft too/script and just something that I created for my own personal use.
' As such, Microsoft makes no warranties or guarantee's regarding the applicability of this utility
' nor does Microsoft support the use of this tool in any way. This is just one of those 'use at your
' own risk' type of things that hopefully you'll find helpful.
'***********************************

 

Option explicit

Dim objectSWbemLocator

Dim objectSWbemServices

Dim ProviderLoc

Dim Location

Dim PackageID

Dim NewUser

Dim Path

Dim Args

Dim SiteCOde

 

Set args = WScript.Arguments

 

if (args.Count>0) then

 

 

PackageID = args.Item(0)

 

' Locate the Site Code from SMS Provider

Set objectSWbemLocator = CreateObject("WbemScripting.SWbemLocator")

Set objectSWbemServices= objectSWbemLocator.ConnectServer(".", "root\sms")

Set ProviderLoc = objectSWbemServices.InstancesOf("SMS_ProviderLocation")

 

 

'Connect to the Site Provider

For Each Location In ProviderLoc

 If Location.ProviderForLocalSite = True Then 

 Set objectSWbemServices = objectSWbemLocator.ConnectServer(Location.Machine, "root\sms\site_" + Location.SiteCode)

 SiteCOde=Location.SiteCode

 End If

  Next

 

'Add instances to the SMS_PackageAccessByUsers class for Interactive\SYSTEM\Network users

 

Set Newuser= objectSWbemServices.Get("SMS_PackageAccessByUsers").SpawnInstance_()

'"101" - readonly

'"511" - FullAcess

 

 

 

Newuser.Access = "101"

Newuser.username = "[""Display=\Interactive"",""AccountType=user""]MSWNET:[""SMS_SITE=" & SiteCode & """]user=\Interactive\"

Newuser.PackageID=PackageID

Path=Newuser.Put_

 

Newuser.Access = "101"

Newuser.username = "[""Display=\SYSTEM"",""AccountType=user""]MSWNET:[""SMS_SITE=" &  SiteCode & """]user=\SYSTEM\"

Newuser.PackageID=PackageID

Path=Newuser.Put_

 

 

Newuser.Access = "101"

Newuser.username = "[""Display=\NETWORK"",""AccountType=user""]MSWNET:[""SMS_SITE=" & SiteCode & """]user=\NETWORK\"

Newuser.PackageID=PackageID

Path=Newuser.Put_

 

 

Wscript.Echo "Modified Access for " + packageID + " on Site " + sitecode

SET Newuser=Nothing

 

else

 

Wscript.echo "Usage is :::   drive:\>cscript  ACLModify.vbs <PACKAGEID>"

 

end if

 

'*** end of script 

 Script is attached for the reference.

Note: This is not an official Microsoft tool/script and just something that I created for my own personal use.  As such, Microsoft makes no warranties or guarantee's regarding the applicability of this utility, nor does Microsoft support the use of this tool in any way. This is just one of those 'use at your own risk' type of things that hopefully you'll find helpful.

 

Jeevan Bisht | Support Escalation Engineer