0

Starting to write powershell scripts (very new) because SCCM tends to respond better to them (both client and server) So with the above stated here is my first script:

#Changes the 'ProvisioningMode' Key in the registry to False
$ProvisiongMode = New-ItemProperty -Path Registry::HKLM\SOFTWARE\Microsoft\CCM\CcmExec -Name ProvisioningMode -Value False -Force
#Clears or 'nulls' the SystemTaskExcludes key in the registry
$SystemTaskExludes = New-ItemProperty -Path Registry::HKLM\SOFTRWARE\Microsoft\CCM\CcmExec -Name SystemTaskExcludes - Value "" - Force
#----------------------------------------------------------------------------------------------
$Success = "C:\Path\to.log"
$Failure = "C:\Path\to.log"
$Computers = Import-Csv "C:\Path\to.csv"
$SearchStr = Get-ItemProperty -Path Registry::HKLM\SOFTWARE\Microsoft\CCM\CcmExec | select-object ProvisioningMode
$Online = Test-Conntection -Computername $ComputerName -Count 1 -Quiet

ForEach ($ComputerName in $Computers)
if ($Online -eq 'False')
{
    Write-Output $ComputerName`t'Connection Failed'  >> $Failure
}
Else
{
    if ($SearchStr -eq True)
     {
        $ProvisioningMode
        $SystemTaskExcludes 
     }

}

#Second Check
if ($SearchStr -eq 'False')
{
    Write-Output $ComputerName`t'Registry has been changed' >> $Success
}

The issue in question is the $Online variable. I would like to see if a computer is responsive to ping, if true then proceed to run $ProvisioningMode and $SystemTaskExclude. Then the other issue is querying that key to see if it changed. The issue with that one is $SearchStr = Get-ItemProperty -Path Registry::HKLM\SOFTWARE\Microsoft\CCM\CcmExec | select-object ProvisioningMode returns 

 ProvisionMode
 -----------------
 False

And I cant grab just the false data. Like I stated; very new at powershell and writing something that I will use helps me learn.

Edit: What I Have tried is

ForEach ($Name in $Computers) 
{
Test-Connection -BufferSize 2 -Computername $Name.ComputerName -Count 1 -Quiet | Write-Output $Online
}

if ($Online -eq 'True') {Write-Output $Name`t'Computer is online' >> C:\Online.txt}

And many variations of the same thing. 

 Test-Connection -BufferSize 2 -Computername $Name.ComputerName -Count 1 -Quiet

Returns Data, which is what I want, but I need to input that into an If statement and still retain the $Name for the $StringStr and log files.

Those of you wondering, this takes the client out of provisioning mode when running an OSD. It fixes the 'No Self-Signed Certificate' issue.

Improve this question
2
  • Read the description of the "embedded"-tag Commented Jul 20, 2015 at 21:32
  • haha umm it was suppose to be 'embedded if statements'. My bad, Olaf. Commented Jul 20, 2015 at 21:56

1 Answer 1

Reset to default
3

Even though the string representations of boolean values in PowerShell are True and False, the correct way to compare againt such a value is with the $true and $false variables.

Furthermore, assign the result of Test-Connection to $Online with =:

$Online = Test-Connection -BufferSize 2 -Computername $Name.ComputerName -Count 1 -Quiet

if($Online -eq $true){
    # Machine responds to ping, do stuff!
}

But the comparison is actually unnecessary. If $Online already equals $frue or $false, you can use it on its own inside the if statement:

if($Online){
    # Machine responds to ping, do stuff!
}

I assume that $ProvisionMode, $SystemTaskExcludes and $SearchStr are all statements that you want to execute on the remote machine, not on the SCCM server itself.

To do so, you will need to connect to the machine and instruct it to execute the *-ItemProperty statements. 

# Enclosing statements in {} creates a ScriptBlock - a piece of code that can be invoked later!
$ProvisionMode = { 
    #Changes the 'ProvisioningMode' Key in the registry to False
    New-ItemProperty  -Path Registry::HKLM\SOFTWARE\Microsoft\CCM\CcmExec -Name ProvisioningMode -Value False -Force 
}

$SystemTaskExludes = { 
    #Clears or 'nulls' the SystemTaskExcludes key in the registry
    New-ItemProperty -Path Registry::HKLM\SOFTRWARE\Microsoft\CCM\CcmExec -Name SystemTaskExcludes - Value "" - Force 
}

$SearchStr = { 
    Get-ItemProperty -Path Registry::HKLM\SOFTWARE\Microsoft\CCM\CcmExec | Select-Object -ExpandProperty ProvisioningMode
}

#----------------------------------------------------------------------------------------------
$LogFilePath = "C:\Path\to.log"

$Computers = Import-Csv "C:\Path\to.csv"


foreach($Computer in $Computers){

    $Online = Test-Connection -Computername $Computer.Name -Count 1 -Quiet

    if(-not $Online)
    {
        "$ComputerName`t'Connection Failed'" | Out-File -FilePath $LogFilePath -Append
    }
    else
    {
        $SearchResult = Invoke-Command -ComputerName $Computer.Name -ScriptBlock $SearchStr
        if ($SearchResult)
        {
            # The call operator (&) invokes the scriptblock
            Invoke-Command -ComputerName $Computer.Name -ScriptBlock $ProvisionMode
            Invoke-Command -ComputerName $Computer.Name -ScriptBlock $SystemTaskExludes
        }
        else # SearchStr must be $false, or non-existing
        {
            "$ComputerName`t'Registry has been changed'" | Out-File -FilePath $LogFilePath -Append
        }
    }
}

For simplicity, I've used Invoke-Command with the -ComputerName parameter, but in a real world situation, I would set up a PSSession with New-PSSession, and reuse that for the connection with Invoke-Command -Session

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

So the script blocks allow for remote execution on the PCs (and yes, NOT the server), Oh and I see what you're doing with the $SearchResult. If its true then run the blocks else do nothing (Intended result is 'False'). Took me a minute to decypher but I understand it now. That's a lot simpler than I expected. Thank you Mathias!! Why did you opt for Out-File instead of Write-Output?
Write-Output is implied, and it also probably doesn't mean what you think. It doesn't write to a file or a variable, but takes one or more objects and sends them on through the pipeline
ScriptBlocks are just "portable code", you could have used & $ProvisionMode to invoke it locally as well, but yes, they are well suited for remote execution

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.