Return SCCM User Device Affinity results to Orchestrator runbook?

Hi Guys

We're trying to implement software metering in our organization.

It's set up in SCCM, with collections created for computers that meet the critera (eg. MS Visio not used in 180 days)

I need to write a runbook that gets the members of that collection, grabs the user associated to it, and then logs a service request to allow us to integrate some review activities and what not before the software is uninstalled.

My problem is getting orchestrator to see the user attached to the device in SCCM. I can do it remotely via powershell, but i cant find any way to return that data to orchestrator. 

i've tried a few things without success, but the gist of the script is like this:

$Session=New-PSSession -ComputerName "(servername)"
$Result = Invoke-Command -Session $session -ScriptBlock {
Import-Module 'D:\Microsoft Configuration Manager\AdminConsole\bin\ConfigurationManager.psd1'
$PSD = Get-PSDrive -PSProvider CMSite
CD "$($PSD):"
get-cmuserdeviceaffinity -devicename (devicename) | format-wide UniqueUserName
}
$result
Remove-PSSession $Session

the idea being to publish the $result variable to the runbook workflow. However it does not return anything, i suspect because it's running a number of commands to get there. If i remove 'invoke-command' from the equation and type all that manually into a remote pssession, it gives me the data i need (but only in the remote session of course). The most i've been able to manage is if i output the results to a text file instead of trying to store it in a variable, that works - but that's a bit messy and i think if the collection returned a lot of computers, that would get painful fast.

any ideas?

June 26th, 2015 3:01am

The PowerShell to get the primary users for a device is the following.

This will list the primary uses for the device name you specify. Try running right on your SCCM server with a device you know as a primary user assign and look at the results.

Get-CMUserDeviceAffinity -DeviceName "PCNAME" |where {$_.types -like "1"}

This is a little thing i made that will split and remove the domain from the user name.

$users = Get-CMUserDeviceAffinity -DeviceName "PCNAME" |where {$_.types -like "1"}
foreach ($user in $users)
{
   $username = $user.UniqueUserName -split "\\"
   write-host $username[1]
}

Hope this help


Free Windows Admin Tool Kit Click here and download it now
June 26th, 2015 8:01am

The PowerShell to get the primary users for a device is the following.

This will list the primary uses for the device name you specify. Try running right on your SCCM server with a device you know as a primary user assign and look at the results.

Get-CMUserDeviceAffinity -DeviceName "PCNAME" |where {$_.types -like "1"}

This is a little thing i made that will split and remove the domain from the user name.

$users = Get-CMUserDeviceAffinity -DeviceName "PCNAME" |where {$_.types -like "1"}
foreach ($user in $users)
{
   $username = $user.UniqueUserName -split "\\"
   write-host $username[1]
}

Hope this help


June 26th, 2015 12:00pm

Hi Frederick

Thanks for taking the time to reply

The problem i have, is that i need to run the powershell command in a remote session. I use pssession to invoke a session on our SCCM server (the script is running on a seperate, orchestrator, server that does not have SCCM cmdlets available). I can get the result in the remote session, but passing it back is where i'm having issues. According to some articles i've found on the net, setting a variable using the invoke-command cmdlet *should* do this. However, for me, it's not. In all the examples i've found they are returning fairly simple data, i think because i have to load the cmdlets and then set the psdrive it is messing with the results.

tl;dr - the powershell has to run on a remote server and pass the info back to the local one so i can get it into orchestrator.

or if there is another easier method for finding the user that goes with a device in orchestrator, that would be good to :)

Cheers
Kai

Free Windows Admin Tool Kit Click here and download it now
June 27th, 2015 12:03am

Here you go you could do something simple like this to bring back the result to your server.

$sess = New-PSSession -ComputerName computername -ConfigurationName Microsoft.PowerShell32

Invoke-Command -Session $sess -ScriptBlock {

    Import-module "C:\Program Files (x86)\Microsoft Configuration Manager\AdminConsole\bin\ConfigurationManager.psd1"

    cd (sccm site):\

    $users = Get-CMUserDeviceAffinity -DeviceName "PCNAME" |where {$_.types -like "1"}
    foreach ($user in $users)
    {
        $username = $user.UniqueUserName -split "\\"
        #write-host $username[1]
    }
}
$localResult = Invoke-Command -session $sess -ScriptBlock {$username}
write-host $localResult

You could also do something like this that and the create custom object

$sess = New-PSSession -ComputerName SCCMSERVER -ConfigurationName Microsoft.PowerShell32

$results = Invoke-Command -session $session -ScriptBlock {
    Import-module "C:\Program Files (x86)\Microsoft Configuration Manager\AdminConsole\bin\ConfigurationManager.psd1"

    cd (SCCM SITE):\

    $users = Get-CMUserDeviceAffinity -DeviceName "PCNAME" |where {$_.types -like "1"}
    foreach ($user in $users)
    {
        $username = $user.UniqueUserName -split "\\"
        write-host $username[1]
    }
    new-object pscustomobject property @{
    usager = $username[1]
    pc = $env:computername
    domain = $env:userdomain
    }
}
write-host "The computer name is " $results.pc " in the following domain " $domain " and the user is " $results.usager

June 27th, 2015 12:15pm

Here you go you could do something simple like this to bring back the result to your server.

$sess = New-PSSession -ComputerName computername -ConfigurationName Microsoft.PowerShell32

Invoke-Command -Session $sess -ScriptBlock {

    Import-module "C:\Program Files (x86)\Microsoft Configuration Manager\AdminConsole\bin\ConfigurationManager.psd1"

    cd (sccm site):\

    $users = Get-CMUserDeviceAffinity -DeviceName "PCNAME" |where {$_.types -like "1"}
    foreach ($user in $users)
    {
        $username = $user.UniqueUserName -split "\\"
        #write-host $username[1]
    }
}
$localResult = Invoke-Command -session $sess -ScriptBlock {$username}
write-host $localResult

You could also do something like this that and the create custom object

$sess = New-PSSession -ComputerName SCCMSERVER -ConfigurationName Microsoft.PowerShell32

$results = Invoke-Command -session $session -ScriptBlock {
    Import-module "C:\Program Files (x86)\Microsoft Configuration Manager\AdminConsole\bin\ConfigurationManager.psd1"

    cd (SCCM SITE):\

    $users = Get-CMUserDeviceAffinity -DeviceName "PCNAME" |where {$_.types -like "1"}
    foreach ($user in $users)
    {
        $username = $user.UniqueUserName -split "\\"
        write-host $username[1]
    }
    new-object pscustomobject property @{
    usager = $username[1]
    pc = $env:computername
    domain = $env:userdomain
    }
}
write-host "The computer name is " $results.pc " in the following domain " $domain " and the user is " $results.usager

Free Windows Admin Tool Kit Click here and download it now
June 27th, 2015 4:14pm

Here you go you could do something simple like this to bring back the result to your server.

$sess = New-PSSession -ComputerName computername -ConfigurationName Microsoft.PowerShell32

Invoke-Command -Session $sess -ScriptBlock {

    Import-module "C:\Program Files (x86)\Microsoft Configuration Manager\AdminConsole\bin\ConfigurationManager.psd1"

    cd (sccm site):\

    $users = Get-CMUserDeviceAffinity -DeviceName "PCNAME" |where {$_.types -like "1"}
    foreach ($user in $users)
    {
        $username = $user.UniqueUserName -split "\\"
        #write-host $username[1]
    }
}
$localResult = Invoke-Command -session $sess -ScriptBlock {$username}
write-host $localResult

You could also do something like this that and the create custom object

$sess = New-PSSession -ComputerName SCCMSERVER -ConfigurationName Microsoft.PowerShell32

$results = Invoke-Command -session $session -ScriptBlock {
    Import-module "C:\Program Files (x86)\Microsoft Configuration Manager\AdminConsole\bin\ConfigurationManager.psd1"

    cd (SCCM SITE):\

    $users = Get-CMUserDeviceAffinity -DeviceName "PCNAME" |where {$_.types -like "1"}
    foreach ($user in $users)
    {
        $username = $user.UniqueUserName -split "\\"
        write-host $username[1]
    }
    new-object pscustomobject property @{
    usager = $username[1]
    pc = $env:computername
    domain = $env:userdomain
    }
}
write-host "The computer name is " $results.pc " in the following domain " $domain " and the user is " $results.usager

June 27th, 2015 4:14pm

You are the man Frederick. That fixed it. This is the script i ended up with in orchestrator

$sess = New-PSSession -ComputerName (sccm server) -ConfigurationName Microsoft.PowerShell32

Invoke-Command -Session $sess -ScriptBlock {

    Import-module "d:\Microsoft Configuration Manager\AdminConsole\bin\ConfigurationManager.psd1"

    cd (cmsite):

    $users = Get-CMUserDeviceAffinity -DeviceName "(membername from get collection members)" |where {$_.types -like "1"}
    foreach ($user in $users)
    {
        $username = $user.UniqueUserName -split "\\"
        $samaccount = $username[1]
      #write-host $username[1]
    }
}
$localResult = Invoke-Command -session $sess -ScriptBlock {$samaccount}

Remove-PSSession $sess

That publishes the localresult variable, from which i can use a 'get user' to retrieve the AD object and off it goes.

Thanks again

Free Windows Admin Tool Kit Click here and download it now
June 29th, 2015 12:33am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics