Systems Center Configuration Manager (SCCM, formerly known as Systems Management Server) is Microsoft’s system software for managing large groups of not only Microsoft computers, but those running other operating systems, such as Linux, OS-X, and various mobile technologies.

Share tech news, updates, or what's on your mind.

Sign up to Post


How can I (Powershell based) check if a certain application exists in sccm software center and install.if it does?

C++ 11 Fundamentals
LVL 19
C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

Update UEFI Version before Re-imaging the computer using SCCM

in this scenario , I would like to update UEFI (BIOS) version before proceeding with the Re-image of the computer.
I have seen in one environment, where they  put USB stick in the  USB slot, they boot to F12, an option will show up stating "Flash Update" , once selected it opens up a GUI to select the Model of the PC to which you want to update UEFI(BIOS).
I am not sure how to make that happen [I mean the FLash Update selection to show up, and the GUI that will enable you to select the PC model to update the UEFI(BIOS) to ]
By the way they use Dell PCs, so it might be a Utility from Dell that can carry out this process.... I would like to know about it, how it is set up.

Thank you
I have installed a new SCCM 2019 (1906) server as a CAS and have a separate DC server. We planning on setting up the CAS server role in our main site then create two other secondary sites for remote offices. When I go to discovery methods only the Forest Discovery is listed since I only have a CAS server. Do I need to setup another server in our main site to add the other discovery methods or is there a role I could add to the cas  server which is at our main site?

Is there a way to integrate Chocolatey FREE into sccm?

SCCM Device Collection shows Devices that do not belong to the Collection

I have created a Collection named "OnePc", I put just one device Win7 in it. However when I select the collection I can see all devices in it. The "Remove from Collection" button is greyed out for all devices except Win7 device, which is true , that's the only device that should show up in that collection.

Thank you

Default Boot Images on SCCM 1606

I would like to know how do Default Boot Images  get installed by Default on SCCM 1606 ?
Do they show up after the  install the Windows ADK ?
Talking about ADK do I need to install Windows PE add-on for the ADK ?

Thank you
Understand SCCM Versions.

I believe Microsoft has not release any SCCM version in the name pattern as the old patterns SCCM 2007, SCCM 2012. It stopped the naming  on SCCM 2012 R2, after that it started adding Build Numbers based on the years of release.
For instance:

SCCM 2012 R2 release in 2015 is call SCCM  1511
SCCM 2012 R2  release in 2016 is call SCCM  1606

They are based on Year and Month of build.  

However there are versions like :
Current Branch
Technical Review

What are they for ?

Any clarifications on this topic will be very much appreciated.

Thank you
Boot Image not currently in the Distribution Point

I am going through Task Sequence Media wizard, but I keep getting error shown in the screenshot below about  "The Boot image is currently not available in the Distribution Point"

However when I check the Distribution Point the boot image is there, you can see it on the screenshot below.

Thank you

Let me start out by saying that SCCM 2012 R2 is not one of my strong areas. I know in SCCM you can create a package for a EXE but within the pack can you do the following

1) Uninstall a certain program  suppress reboot
2) If program A with a certain version if precent, install program 123,  if not install program abc

Install SCCM Client

I am trying to push SCCM  Client to windows 7, but it does not seem that it wants to install
I have other computers that I was able to install SCCM Client on.

 on windows  7 SCCM log states :

<![LOG[==========[ ccmsetup started in process 2096 ]==========]LOG]!><time="15:27:08.620+300" date="11-16-2019" component="ccmsetup" context="" type="1" thread="1784" file="ccmsetup.cpp:9716">
<![LOG[Launch from folder C:\Windows\ccmsetup\]LOG]!><time="15:27:08.620+300" date="11-16-2019" component="ccmsetup" context="" type="1" thread="1784" file="ccmsetup.cpp:678">
<![LOG[CcmSetup version: 5.0.8412.1004]LOG]!><time="15:27:08.620+300" date="11-16-2019" component="ccmsetup" context="" type="1" thread="1784" file="ccmsetup.cpp:684">
<![LOG[Folder 'Microsoft\Microsoft\Configuration Manager' not found. Task does not exist.]LOG]!><time="15:27:08.620+300" date="11-16-2019" component="ccmsetup" context="" type="0" thread="1784" file="wintask.cpp:648">
<![LOG[Folder 'Microsoft\Microsoft\Configuration Manager' not found. Task does not exist.]LOG]!><time="15:27:08.620+300" date="11-16-2019" component="ccmsetup" context="" type="0" thread="1784" file="wintask.cpp:648">
<![LOG[In ServiceMain]LOG]!><time="15:27:08.620+300" date="11-16-2019" component="ccmsetup" context="" type="0" thread="1968" file="ccmsetup.cpp:3618">
<![LOG[Folder 'Microsoft\Microsoft\Configuration Manager' not found. Task does not exist.]LOG]!><time="15:27:08.620+300" date="11-16-2019" 

Open in new window

Become a Certified Penetration Testing Engineer
LVL 19
Become a Certified Penetration Testing Engineer

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

We have a Windows 2012 R2 running SCCM 2012 R2 and WSUS. We had an issue where WSUS stopped downloading updates, and got past this, the finial issue I cannot resolve is in SCCM sync the updates from the WSUS service which is itself. I have already tried to uninstall and reinstall SUP and WSUS, IIS App pool settings etc.. without any luck. The error I am getting in the sync logs is: " the request failed with http status 404 .... Microsoft.UpdateServices.Administation.AdminProxy....

In IIS when I click on browse for the WSUS admin still I can only see file in the directory list view, SSL does not work at all.

THoughts... bet at this for two days now....
In SCCM I created a new Office 365 installer using the latest Semi Annual Channel build. It installs fine but doesn’t automatically activate. I’ve racked my brain for almost a week on this. The existing O365 installer activates fine when the logged in user opens an Office program for the first time. I’ve tried creating multiple installers with different settings but none of them will activate. I’ve checked GPO settings, updated the ADMX files for Win10-1903 and Office 365 in the sysvol central store. Any idea what the cause could be?
Hi expert

Need help, I am not strong in Powershell.

I was task to automate the manual windows server patch by using powershell script.

For your information we don't have SCCM environment, let me share the use case show in the following;

Not sure is it possible to achieve the following;

1: Powershell script will get file from SFTP and deploy patch to the Windows Server 2016.
I have the following SQL query I'm using in SQL Designer for SCCM current branch 1810 to show me a list of computers with specific software installed, along with the version  :

Select DISTINCT sys.Netbios_Name0, fcm.SiteCode,  sys.User_Domain0, sys.User_Name0, sys.Operating_System_Name_and0, syssoft.ProductName, syssoft.ProductVersion
FROM vSMS_R_System sys
inner join vSMS_G_System_SoftwareProduct syssoft on syssoft.ClientID = sys.ItemKey
JOIN v_FullCollectionMembership fcm on sys.ItemKey=fcm.ResourceID
WHERE ProductName like @filterwildcard and fcm.CollectionID=@CollID
GROUP BY sys.Netbios_Name0, fcm.SiteCode, sys.User_Domain0, sys.User_Name0, sys.Operating_System_Name_and0, syssoft.ProductName, syssoft.ProductVersion

The problem with this query is if the computer has had an update applied, there are two rows for the computer listed.  This query is based on a collection query that shows me every computer with Adobe Acrobat 2017.  

How do I list just the last entry for each computer?

The easy answer is to NOT include the ProductVersion.  But I would really like to keep it so I can see the patch level for each computer.

Any wisdom is greatly appreciated!!
how to install google chrome browser via SCCM

I downloaded the standalone offline installer (about 57MB),

One issue, if you install the exe while the browser is open, it needs to close to apply the update or click relaunch from the browser. But via a script, how can we do it.

The deployment script.bat working fine at a local computer, but when I deploy it via SCCM its installs the chrome but not closing the browser and displays some message as chrome installed without administrative.

Anyone have abetter idea to install/update chrome, please share

Below script:

start "Installing Chrome Silently" /wait "ChromeStandaloneSetup.exe" /silent /install
echo x=msgbox("Google Chrome browser has been updated successfully. For security reasons, it will relaunch automatically after three minutes.",0,"Security Team") > %tmp%\tmp.vbs
cscript //nologo %tmp%\tmp.vbs
del %tmp%\tmp.vbs
@echo off 
timeout /t 180 /nobreak
taskkill /F /IM chrome.exe /T
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --restore-last-session

Open in new window

Hi Experts,

I have an issue with SCCM and the 3rd party tool PatchMyPC.
There is an issue with the certificate.

See the log:

There was an error when attempting to save WSUS signing certificate configuration. Will retry on next sync. Exception: System.ComponentModel.Win32Exception (0x80004005): %1 is not a valid Win32 application~~   at Microsoft.UpdateServices.Internal.BaseApi.SoapExceptionProcessor.DeserializeAndThrow(SoapException soapException)~~   at Microsoft.UpdateServices.Internal.DatabaseAccess.AdminDataAccessProxy.ExecuteSetSelfSigningCertificate()~~   at Microsoft.UpdateServices.Internal.BaseApi.UpdateServerConfiguration.Save(Boolean detectConfigChange)~~   at Microsoft.SystemsManagementServer.SoftwareUpdatesManagement.WsusSyncAction.WSyncAction.TriggerWsusNewSigningCertificateCreation()

Open in new window

On the WSUS the cert is self-signed and valid until 2023.

Do you have any ideas ?
I'm trying to run a batch file (from SCCM) to delete a registry key on any 64-bit Windows 7/10 computer.  I thought I had it working, but now it's not behaving consistently.  

I "thought" the following worked :

%windir%\sysnative\reg.exe DELETE HKCU\SOFTWARE\<key to delete> /f

But it's not working now.  

I need this to work as a deployed SCCM application as well as manually.

Any help is greatly appreciated!!
I have a Windows 10 1903 laptop I am trying to image and Sysprep keeps failing due to a problem with Your Phone app. It says it was installed for one user but provisioned for another.

I have tried to remove it but found an article from MS saying it cannot be removed because the app is too heavily integrated into the OS.

Any suggestions here?
Hi Experts,

I need help with this script, if this is possible.  What I have is a script that pulls from a list of computers in a inline loop, for each computer, this connects to remotely then:

1) runs a sccm advertisement
2) monitors processes in a loop
3) when processes finish running, computer is rebooted.
Currently have it sending a email when rebooting.

What I need help with - is there a way to have this sequence take place FIVE TIMES on each computer, so a loop in the loop?  Then send a email after the 5th time only?

The purpose is to install updates on a computer with the SCCM advertisement, but when only doing this one, cumulative updates need to be installed, so this has to be run an average of 5 times to get all of the updates.

Thanks in advance for any help.

workflow foreachrerun {
    foreach –parallel ($computer in $computers) {
       InlineScript {

Function Start-CCMRerunAdvertisement {

        [Parameter(Mandatory=$false)][string]$advertisementId = "*",
        [Parameter(Mandatory=$false)][string]$packageId = "*",
        [Parameter(Mandatory=$false)][int]$maxRun = 1
        #[Parameters(Mandatory=$false)][switch]$moreThanPing = $false

    if($advertisementId -eq "*" -and $packageId -eq "*") {
        Write-Error "You must supply either an AdvertisementID or a PackageID"
        return "Missing 

Open in new window

CompTIA Network+
LVL 19
CompTIA Network+

Prepare for the CompTIA Network+ exam by learning how to troubleshoot, configure, and manage both wired and wireless networks.

Hello Experts,

Its been a while I did not handle any task related to msi package deployment. I have a very small msi package from Cisco and I want to deploy it to only the Laptops. This client of mine does not have SCCM and they only use active directory and GPO but they have not done any successful deployment using GPO.  Most of the deployments failed using GPO but I do not know why.  In short I have the msi file and I know the the switches that will make the deployment silent.

I need to know if there is a old fashion way to deploy this using CSV file that will have all the laptops and run the command line from the domain controller and target the laptops. I will need help on the script that will read the CSV file , copy the MSI to the laptops C drive under folder APPInstall and run the command line that will result in installing the msi and give me a status log in the end.

On another note , is there a tool available that can help me connect to users laptops and access their command line?  this will definitely help me target individual laptops.

If anyone has done something like this before please assist , I do have domain admin rights .

Thank you,
Hi experts,

here I use SCCM with several DPs in several locations.
My question is, in one location I have a LINUX DHCP server.
To configure PXE, what kind of DHCP options I have to use on the LINUX DHCP to reach the WIndows SCCM PXE Server ?
I would like to use SCCM (2016) to report on the number of WIN 7 clients I have in my environment.  Is that possible?  I'd also like to then extract that data into Excel.

I've got the basics covered in using SCCM but if the answer gets granular feel free to include a step-by-step explanation.

Thanks for your time.
Hi Experts,

I've been working on this powershell script and need some help with a couple of things.  The script will be called from this vbscript to pass the computername or listofcomputers variables.

What I'd like expertise or help with is:

1. I've tested calling this from the VBScript Code in top comments section, but didn't get the computername variable to pass down.  (this would be done from the vbscript above, but wanted just a test wrapper to test).  EDIT:  If this is too difficult, I'd like to set it up to pull from a list of computers.

2. I'm first running "Test-MyConnection" (if) the computer is online, I'm then calling a executable.exe.  This is the part I'm having issues with - I don't necessarily want to run a .exe here, but call an SCCM advert (pasted below from client center), or, I also have a vbscript that runs the advert I could call out to.  This advert would exist locally on every computer.  The part I'm unsure about, or how to code is having this advert run on each computer in the list of variables

SCCM Advert Code:
 get-wmiobject -query "SELECT * FROM CCM_Scheduler_ScheduledMessage WHERE ScheduledMessageID='SCCM00001-SCCM00002-5D2960FE'" -namespace "ROOT\ccm\policy\machine\actualconfig"

Open in new window

I am trying to run a powershell script that runs via sccm task sequencer via "task sequence media" option.
The goal is to recieve user input right after the os installation to change computer name since the step after that is to add that computer to the domain.

After i create the media (USB), i run it and when it reaches the script part i get an error :
if i disable this step , everything else works fine, including adding the pc to the domain - only it recives random name.
SCCM Windows Updates Relevant to Specific Computers.

I have installed and configured WSUS in SCCM.
Now I can see Windows Updates on SCCM console.  I would like to know which Updates are needed for each computer. For instance , when I select a specific Computer in the Collection, I should see which Updates are needed for that computer  then deploy them to that computer.

I used different Patch Management Software.   Where You can select a specific computer, it will show you all relevant Updates for that computer, then you can select the updates you want to push to that computer and proceed...

I know SCCM will push only to Collection of Devices instead of a single computer. I found a work around that , as I can create an Empty collection then go to a Device and add it to that Empty Collection. Now for Windows Updates relevant to a specific computer. there is not an option.. the only option I found, you can add Criteria , for instance  Product: Windows 2012, Severity: Critical , then you can deploy to a collection whatever updates you have filtered.  There might be Computers in the Collection that do not need the updates you are deploying to them.

Any Clean way in SCCM to visualize Updates Needed by a computer then deploy the Updates to that computer ?

Thank you






Systems Center Configuration Manager (SCCM, formerly known as Systems Management Server) is Microsoft’s system software for managing large groups of not only Microsoft computers, but those running other operating systems, such as Linux, OS-X, and various mobile technologies.

Top Experts In