Solved

SCCM - deploy using AD groups that have machine names

Posted on 2016-09-20
8
176 Views
Last Modified: 2016-10-09
Created a deployment application in SCCM and if I just create a deployment and ad some machine names it, it will deploy the software. However, I am trying to set it up so the helpdesk people only have to add a machine name into an AD group and the software will deploy
Running SCCM 2012. Configuration of deployment is as follows:

Administration – Discovery methods
      Active Directory Group Discovery
            Checked – enable active directory group discovery
            Scopes – domain/users – location – yes – Site Server
                  Polling schedule – enable delta – 5 mins
                  Options – checked – only discover computers that have logged in since 90 days
                        Checked – discover the membership of distribution groups
      Active Directory User Discovery
            Checked – Enable Active Directory User Discovery
            Path: LDAP://DC=domainname,DC=local
            Checked – Recursive search
            Polling schedule – checked – enable delta – set to 5 mins

Assets and Compliance
      Device collections
            SCCM – Office 2016 – member count 0, members visible on site 0 Referenced collections o
                  General
                        Name – SCCM – office 2016
                        Limiting collection – all systems
                        Type – device
                  Membership Rules -       
                        SCCM – Office 2016
                              Name – SCCM – Office 2016
                              System Resource
                  select
      SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where SMS_R_System.SystemGroupName = "users\\SCCM - Office 2016"
                  Power management
                        Do not specify
                        Deployments
                              Microsoft office Professions 2016 – application – Required – Install
                        Maintenance window – none specified
                        Collection variables – none specified
                        Out of band management – noe specified
                        Distribution point groups – none specified
                        Security – my account RMDRM
                        Alerts – none

Applications properties
      General Information
            Name: Microsoft Office Professional Plus 2016
            Administrator Comments: Deploy Office 2016
            Publisher – Microsoft
            Software version – 32 BIT
      Application catalog
            Language – English
            Localized description – Deploying office 2016
      References
            Nothing applied
      Distribution Settings
            Distribution priority – Medium
            Automatically download content when packages are assigned to distro point
      Deployment Types
            General
Microsoft Office Professional Plus 2016 - Windows Installer (*.msi file)
            Content
                  \\sccm\source\software\msoffice2016Plus\
                  Allow clients to share content with other clients on same subnet
                  Slow – do not download
            Programs
                  Setup.exe
                  Uninstall - msiexec /x {90160000-0011-0000-0000-0000000FF1CE} /q
            Detection method – windows installer - {90160000-0011-0000-0000-0000000FF1CE} – this msi must exist
            User experience
                  Install for system
                  Whether or not a user is logged in
                  Hidden
                  Max run time – 185
                  Estimated installation – 102
                  Determine behavior based on return codes
            Requirements
                  None listed
            Return codes – 0,1707,3010,1641,1618
            Dependencies – none listed
      Content locations
            \\sccm.domain.local – distribution point
      Supersedence
            None listed

Deployment Config –
      Content – SCCM Server (Distribution Point)
      Deployment settings:
            Action – Install
            Purpose – required
            Check – Pre-Deploy software to the user’s primary device
      Scheduling
            As soon as possible after the available time
      User experience
            Display in software center and show all notifications
            Check – software installation
            Check – System restart (if required)
            Check – Commit changes at deadline
      Alerts
            None set

Like I mentioned - the application does deploy if I create a deployment and just pick a few machines names, so I think the application part is OK, it is more likely in the device collection or some other system setting.

I did go to the client and went into control panel and Configuration Manager and manually ran all of the actions, then I let it bake overnight. Still nothing.
0
Comment
Question by:fcbc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
8 Comments
 
LVL 10

Expert Comment

by:Muhammad Mulla
ID: 41806764
Have you created a dynamic collection based on a security group?

The method for creating one is detailed: https://blog.thesysadmins.co.uk/sccm-2012-creating-device-collections.html
0
 

Author Comment

by:fcbc
ID: 41806935
I do, and it is documented above. The only difference in my query is I have

SMS_R_System.SystemGroupName
and your documentation uses:
SMS_R_System.SecurityGroupName

Not sure if that makes a difference. I will change it and give it a try.
0
 

Author Comment

by:fcbc
ID: 41807242
That did not make a difference, count is still 0
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 10

Expert Comment

by:Muhammad Mulla
ID: 41807267
Has AD system group discovery been configured for the correct OUs? I would manually run a discovery as well
0
 

Author Comment

by:fcbc
ID: 41807291
If I create a collection manually and add the machine name in there, the deployment works.
0
 
LVL 10

Expert Comment

by:Muhammad Mulla
ID: 41807404
Yes. It should. The problem seems to be with your dynamic collection.
0
 

Accepted Solution

by:
fcbc earned 0 total points
ID: 41807411
FOUND IT! In the device collection my query was referencing our\groupnmane and it should have been referencing domain\groupname
1
 

Author Closing Comment

by:fcbc
ID: 41835712
Found the typo
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
Let's recap what we learned from yesterday's Skyport Systems webinar.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question