As I am working with the 2012 Configuration Manager SP1 (and CU1) PowerShell CMDLETs, the potential for automation around both the management and deployment spaces of Configuration Manager are expanding. That said, I have run against a few automation solution requirements that could not be met using the native PowerShell CMLETs. No worries though – WMI can still pull through when needed.

In my most current project I’ve had the need to determine wither or not a particular Distribution Point is already a member of a particular distribution point group. While we have been provided with a handful of CMDLETs that had looked promising (Get-CMDistributionPoint and Get-CMDistributionPointGroup), neither of these appear to provide the data I need. In this quick blog posting I will be sharing the PowerShell script I am using to determine DP group membership.

Backstory:

Before sharing the script, here is the backstory for context sake. I am working on a series of Orchestrator Runbooks that will fully deploy a Configuration Manager distribution point. When creating Orchestrator Runbook solutions, I make every effort to included Runbook resiliency. That is, before performing any automated action I want to ensure that this action has not already been performed. In this case, before adding a Distribution Point to a Distribution Point Group, I want to ensure that it is not already a member of this group- simple as that. Building in this type of control adds quite a bit of benefit to Runbook automation such as

  • Potential reduction in error due to repeated work.
  • Potential reduction in need for error control.
  • Most importantly if a Runbook solution is restarted for any reason mid-way, this resiliency will ensure that all completed automation will not be re-run or duplicated, while any non-completed automation is then completed.

Script:

This script was thrown together pretty quickly and could probably stand some scrubbing, but works great as is. Also to note, the Get-WmiObject CMDLET supports the use of a -Credential parameter. This can be used when needing to supply alternate credentials.

$DP = "<Enter DP Name>"
$DPGroup = "<Enter DP Group Name>"
$SiteCode = "<Enter Site Code>"
$PrimarySS = "<Enter Primary Site Server Name>"

$NS = "root\sms\site_" + $SiteCode

$wmi = Get-WmiObject -Class SMS_DPGroupInfo -Filter "Name = '$DPGroup'" -ComputerName $PrimarySS -Namespace $NS
$gid = $wmi.GroupID
$NAL = Get-WmiObject -Class "SMS_DPGroupMembers" -Filter "GroupID= '$gid'" -ComputerName $PrimarySS -Namespace $NS | Select DPNALPath

foreach ($item in $NAL) {

    If ($item -like "*" + $DP + "*") {
    $result = "True"
    }

}

 Orchestrator Use:

So, to use in Orchestrator, the script has been dropped into a Run .NET activity, the $result variable is specified as published data, and then this published data is used in link logic. So if the value of $result is “True” the runbook as pictured below completes after the "Check DP Group for DP" activity. If the value is not “True” then the activity to add the Distribution Point to the Distribution Point Group is run.

Script as used in Run .NET Activity. Notice here that I have included the use of alternate credentials.

Example of Published Data:

Example of Link Logic:

Closing:

Quick post here! I hope that you find this script to be helpful when approaching your own Configuration Manager infrastructural automation projects.