Solved

SCCM - deploy using AD groups that have machine names

Posted on 2016-09-20
8
44 Views
Last Modified: 2016-10-09
Created a deployment application in SCCM and if I just create a deployment and ad some machine names it, it will deploy the software. However, I am trying to set it up so the helpdesk people only have to add a machine name into an AD group and the software will deploy
Running SCCM 2012. Configuration of deployment is as follows:

Administration – Discovery methods
      Active Directory Group Discovery
            Checked – enable active directory group discovery
            Scopes – domain/users – location – yes – Site Server
                  Polling schedule – enable delta – 5 mins
                  Options – checked – only discover computers that have logged in since 90 days
                        Checked – discover the membership of distribution groups
      Active Directory User Discovery
            Checked – Enable Active Directory User Discovery
            Path: LDAP://DC=domainname,DC=local
            Checked – Recursive search
            Polling schedule – checked – enable delta – set to 5 mins

Assets and Compliance
      Device collections
            SCCM – Office 2016 – member count 0, members visible on site 0 Referenced collections o
                  General
                        Name – SCCM – office 2016
                        Limiting collection – all systems
                        Type – device
                  Membership Rules -       
                        SCCM – Office 2016
                              Name – SCCM – Office 2016
                              System Resource
                  select
      SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where SMS_R_System.SystemGroupName = "users\\SCCM - Office 2016"
                  Power management
                        Do not specify
                        Deployments
                              Microsoft office Professions 2016 – application – Required – Install
                        Maintenance window – none specified
                        Collection variables – none specified
                        Out of band management – noe specified
                        Distribution point groups – none specified
                        Security – my account RMDRM
                        Alerts – none

Applications properties
      General Information
            Name: Microsoft Office Professional Plus 2016
            Administrator Comments: Deploy Office 2016
            Publisher – Microsoft
            Software version – 32 BIT
      Application catalog
            Language – English
            Localized description – Deploying office 2016
      References
            Nothing applied
      Distribution Settings
            Distribution priority – Medium
            Automatically download content when packages are assigned to distro point
      Deployment Types
            General
Microsoft Office Professional Plus 2016 - Windows Installer (*.msi file)
            Content
                  \\sccm\source\software\msoffice2016Plus\
                  Allow clients to share content with other clients on same subnet
                  Slow – do not download
            Programs
                  Setup.exe
                  Uninstall - msiexec /x {90160000-0011-0000-0000-0000000FF1CE} /q
            Detection method – windows installer - {90160000-0011-0000-0000-0000000FF1CE} – this msi must exist
            User experience
                  Install for system
                  Whether or not a user is logged in
                  Hidden
                  Max run time – 185
                  Estimated installation – 102
                  Determine behavior based on return codes
            Requirements
                  None listed
            Return codes – 0,1707,3010,1641,1618
            Dependencies – none listed
      Content locations
            \\sccm.domain.local – distribution point
      Supersedence
            None listed

Deployment Config –
      Content – SCCM Server (Distribution Point)
      Deployment settings:
            Action – Install
            Purpose – required
            Check – Pre-Deploy software to the user’s primary device
      Scheduling
            As soon as possible after the available time
      User experience
            Display in software center and show all notifications
            Check – software installation
            Check – System restart (if required)
            Check – Commit changes at deadline
      Alerts
            None set

Like I mentioned - the application does deploy if I create a deployment and just pick a few machines names, so I think the application part is OK, it is more likely in the device collection or some other system setting.

I did go to the client and went into control panel and Configuration Manager and manually ran all of the actions, then I let it bake overnight. Still nothing.
0
Comment
Question by:fcbc
  • 5
  • 3
8 Comments
 
LVL 10

Expert Comment

by:Muhammad Mulla
ID: 41806764
Have you created a dynamic collection based on a security group?

The method for creating one is detailed: https://blog.thesysadmins.co.uk/sccm-2012-creating-device-collections.html
0
 

Author Comment

by:fcbc
ID: 41806935
I do, and it is documented above. The only difference in my query is I have

SMS_R_System.SystemGroupName
and your documentation uses:
SMS_R_System.SecurityGroupName

Not sure if that makes a difference. I will change it and give it a try.
0
 

Author Comment

by:fcbc
ID: 41807242
That did not make a difference, count is still 0
0
 
LVL 10

Expert Comment

by:Muhammad Mulla
ID: 41807267
Has AD system group discovery been configured for the correct OUs? I would manually run a discovery as well
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:fcbc
ID: 41807291
If I create a collection manually and add the machine name in there, the deployment works.
0
 
LVL 10

Expert Comment

by:Muhammad Mulla
ID: 41807404
Yes. It should. The problem seems to be with your dynamic collection.
0
 

Accepted Solution

by:
fcbc earned 0 total points
ID: 41807411
FOUND IT! In the device collection my query was referencing our\groupnmane and it should have been referencing domain\groupname
1
 

Author Closing Comment

by:fcbc
ID: 41835712
Found the typo
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Installing a printer using group policy preferences is not that hard let’s take a look at it. First lets open up your group policy console and edit the policy you want to add it to. I recommend creating a new policy for each printer makes it a l…
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

929 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now