none
הרצת Run Command Line עם משתמש ספציפי ב-SCCM TS RRS feed

  • שאלה

  • שלום חברים,

    יש לי MDT TS ב-SCCM 2012 R2 שלי (שודרג מ-2012) עם MDT 2013.
    אני מנסה להרציץ סקריפט שמכניס את המחשב לקבוצה מסויימת ב-AD והוא צריך לרוץ עם Account מסויים שהגדרתי לו ב-Task.
    הבעיה היא שבלוגים אני מקבל Access is denied והתחנה לא מצטרפת לקבוצה שרציתי.
    הקוד עובד כמו שצריך ואין בעיה איתו, לפני השדרוג של השרת זה עבד לי ועכשיו לא. ובשביל שוב לוודא שאין בעיה עם הקוד הרצתי אותו עם אותם הרשאות שהוא צריך אחרי ההפצה וזה עבד לי.

    יש למישהו איזה רעיון? 

    יום שני 07 יולי 2014 07:43

תשובות

  • הנה הסקריפט.

    בסופו של דבר מצאתי פתרון עקיף, השתמשתי ב-Orchestrator וה-Task Sequence מריץ לי את ה-Runbook שמכניס את המחשב לקבוצה שרציתי.
    אגב לסקריפט צריך להכניס Argument שבו מופיע שם הקבוצה שאני רוצה להכניס את המחשב.

    Const ADS_PROPERTY_APPEND = 3
    
    
    Set WshShell = WScript.CreateObject("WScript.Shell")
    
    '----Get Computer DN------
    Set objADSysInfo = CreateObject("ADSystemInfo")
    ComputerDN = objADSysInfo.ComputerName
    strcomputerdn = "LDAP://" & computerDN
    Set objADSysInfo = Nothing
    
    '----Connect AD-----
      Set oRoot = GetObject("LDAP://rootDSE")  
      strDomainPath = oRoot.Get("defaultNamingContext")  
      Set oConnection = CreateObject("ADODB.Connection")  
      oConnection.Provider = "ADsDSOObject"  
      oConnection.Open "Active Directory Provider"  
    
    '-----Read commandline---
    Set args = WScript.Arguments
    
    For i = 0 To Args.Count - 1
    'wscript.echo Args.Item( i )
    addgroup Args.Item( i )
    next
    
    
    Function Addgroup(groupname)
    '----Get Group DN------
    
      Set oRs = oConnection.Execute("SELECT adspath FROM 'LDAP://" & strDomainPath & "'" & "WHERE objectCategory='group' AND " & "Name='" & GroupName & "'")  
      If Not oRs.EOF Then   
      strAdsPath = oRs("adspath")   
      End If
    
    Set objGroup = GetObject (stradspath)
    Set objComputer = GetObject (strComputerDN)
    
    If (objGroup.IsMember(objComputer.AdsPath) = False) Then
     objGroup.PutEx ADS_PROPERTY_APPEND, "member", Array(computerdn)
     objGroup.SetInfo
    End If
    
    End Function


    יום ראשון 13 יולי 2014 12:00

כל התגובות

  • נשמח לראות לוגים. תוכל לקבץ ולעלות?


    If my answer helped, please vote or mark as correct :) Regards, Ori Husyt System Center Cloud and Datacenter Management MVP

    יום שני 07 יולי 2014 09:31
  • איך מעלים לפה את קובץ שהוא לא תמונה?
    יום שני 07 יולי 2014 10:06
  • CLibSMSMessageWinHttpTransport::Send: URL: SCCM.DOMAIN.COM:80  CCM_POST /ccm_system/request    TSManager    06/07/2014 17:16:52    1712 (0x06B0)
    Request was successful.    TSManager    06/07/2014 17:16:52    1712 (0x06B0)
    Updated security on object C:\_SMSTaskSequence.    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    Set a global environment variable _SMSTSNextInstructionPointer=103    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    Set a TS execution environment variable _SMSTSNextInstructionPointer=103    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    Set a global environment variable _SMSTSInstructionStackString=0 92 102    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    Set a TS execution environment variable _SMSTSInstructionStackString=0 92 102    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    Save the current environment block    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    Successfully save execution state and environment to local hard disk    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    Start executing an instruction. Instruction name: Add Computer to "Library Computers" Group. Instruction pointer: 103    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    Set a global environment variable _SMSTSCurrentActionName=Add Computer to "Library Computers" Group    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    Set a global environment variable _SMSTSNextInstructionPointer=103    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    Set a local default variable SMSTSDisableWow64Redirection    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    Set a local default variable _SMSTSRunCommandLineAsUser    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    Set a local default variable SMSTSRunCommandLineUserName    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    Set a local default variable SMSTSRunCommandLineUserPassword    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    Set a global environment variable _SMSTSLogPath=C:\Windows\CCM\Logs\SMSTSLog    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    Expand a string: smsswd.exe /run: cscript.exe "%deployroot%\scripts\AD_ADD_Group.vbs" "Library Computers"    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    Expand a string:     TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    Command line for extension .exe is "%1" %*    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    Set command line: smsswd.exe /run: cscript.exe "%deployroot%\scripts\AD_ADD_Group.vbs" "Library Computers"    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    Start executing the command line: smsswd.exe /run: cscript.exe "%deployroot%\scripts\AD_ADD_Group.vbs" "Library Computers"    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    !--------------------------------------------------------------------------------------------!    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    Expand a string: WinPEandFullOS    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    Executing command line: smsswd.exe /run: cscript.exe "%deployroot%\scripts\AD_ADD_Group.vbs" "Library Computers"    TSManager    06/07/2014 17:16:53    1712 (0x06B0)
    [ smsswd.exe ]    InstallSoftware    06/07/2014 17:16:53    3164 (0x0C5C)
    PackageID = ''    InstallSoftware    06/07/2014 17:16:53    3164 (0x0C5C)
    BaseVar = '', ContinueOnError=''    InstallSoftware    06/07/2014 17:16:53    3164 (0x0C5C)
    ProgramName = 'cscript.exe "C:\_SMSTaskSequence\WDPackage\scripts\AD_ADD_Group.vbs" "Library Computers"'    InstallSoftware    06/07/2014 17:16:53    3164 (0x0C5C)
    SwdAction = '0001'    InstallSoftware    06/07/2014 17:16:53    3164 (0x0C5C)
    Getting linked token    InstallSoftware    06/07/2014 17:16:53    3164 (0x0C5C)
    Get RunAs private desktop SMSTS-81572\SMSTSDesktop    InstallSoftware    06/07/2014 17:16:54    3164 (0x0C5C)
    Run command line under a user account    InstallSoftware    06/07/2014 17:16:54    3164 (0x0C5C)
    Command line for extension .exe is "%1" %*    InstallSoftware    06/07/2014 17:16:54    3164 (0x0C5C)
    Set command line: Run command line    InstallSoftware    06/07/2014 17:16:54    3164 (0x0C5C)
    Working dir 'not set'    InstallSoftware    06/07/2014 17:16:54    3164 (0x0C5C)
    Executing command line: Run command line    InstallSoftware    06/07/2014 17:16:54    3164 (0x0C5C)
    Create a process under given user token    InstallSoftware    06/07/2014 17:16:54    3164 (0x0C5C)
    Process completed with exit code 1    InstallSoftware    06/07/2014 17:16:54    3164 (0x0C5C)
    Microsoft (R) Windows Script Host Version 5.8    InstallSoftware    06/07/2014 17:16:54    3164 (0x0C5C)
    Copyright (C) Microsoft Corporation. All rights reserved.    InstallSoftware    06/07/2014 17:16:54    3164 (0x0C5C)
    InstallSoftware    06/07/2014 17:16:54    3164 (0x0C5C)
    CScript Error: Loading script "C:\_SMSTaskSequence\WDPackage\scripts\AD_ADD_Group.vbs" failed (Access is denied. ).    InstallSoftware    06/07/2014 17:16:54    3164 (0x0C5C)
    Command line returned 1    InstallSoftware    06/07/2014 17:16:54    3164 (0x0C5C)
    Process completed with exit code 1    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    !--------------------------------------------------------------------------------------------!    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Failed to run the action: Add Computer to "Library Computers" Group.
    Incorrect function. (Error: 00000001; Source: Windows)    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    MP server http://SCCM.DOMAIN.COM. Ports 80,443. CRL=false.    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Setting authenticator    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Set authenticator in transport    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Sending StatusMessage    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Setting message signatures.    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Setting the authenticator.    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    CLibSMSMessageWinHttpTransport::Send: URL: SCCM.DOMAIN.COM:80  CCM_POST /ccm_system/request    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Request was successful.    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Set a global environment variable _SMSTSLastActionRetCode=1    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Set a global environment variable _SMSTSLastActionSucceeded=false    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Clear local default environment    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    The execution engine ignored the failure of the action (Add Computer to "Library Computers" Group) and continues execution    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    MP server http://SCCM.DOMAIN.COM. Ports 80,443. CRL=false.    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Setting authenticator    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Set authenticator in transport    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Sending StatusMessage    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Setting message signatures.    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Setting the authenticator.    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    CLibSMSMessageWinHttpTransport::Send: URL: SCCM.DOMAIN.COM:80  CCM_POST /ccm_system/request    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Request was successful.    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Updated security on object C:\_SMSTaskSequence.    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Set a global environment variable _SMSTSNextInstructionPointer=104    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Set a TS execution environment variable _SMSTSNextInstructionPointer=104    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Set a global environment variable _SMSTSInstructionStackString=0 92 102    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Set a TS execution environment variable _SMSTSInstructionStackString=0 92 102    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Save the current environment block    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Successfully save execution state and environment to local hard disk    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Start executing an instruction. Instruction name: Change Power Plan to High Performance. Instruction pointer: 104    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Set a global environment variable _SMSTSCurrentActionName=Change Power Plan to High Performance    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Set a global environment variable _SMSTSNextInstructionPointer=104    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Set a local default variable SMSTSDisableWow64Redirection    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Set a local default variable _SMSTSRunCommandLineAsUser    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Set a global environment variable _SMSTSLogPath=C:\Windows\CCM\Logs\SMSTSLog    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Expand a string: smsswd.exe /run: powercfg -setactive 8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Expand a string:     TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Command line for extension .exe is "%1" %*    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Set command line: smsswd.exe /run: powercfg -setactive 8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Start executing the command line: smsswd.exe /run: powercfg -setactive 8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    !--------------------------------------------------------------------------------------------!    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Expand a string: WinPEandFullOS    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    Executing command line: smsswd.exe /run: powercfg -setactive 8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c    TSManager    06/07/2014 17:16:55    1712 (0x06B0)
    [ smsswd.exe ]    InstallSoftware    06/07/2014 17:16:55    3288 (0x0CD8)
    PackageID = ''    InstallSoftware    06/07/2014 17:16:55    3288 (0x0CD8)
    BaseVar = '', ContinueOnError=''    InstallSoftware    06/07/2014 17:16:55    3288 (0x0CD8)
    ProgramName = 'powercfg -setactive 8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c'    InstallSoftware    06/07/2014 17:16:55    3288 (0x0CD8)
    SwdAction = '0001'    InstallSoftware    06/07/2014 17:16:55    3288 (0x0CD8)
    Set command line: Run command line    InstallSoftware    06/07/2014 17:16:55    3288 (0x0CD8)
    Working dir 'not set'    InstallSoftware    06/07/2014 17:16:55    3288 (0x0CD8)
    Executing command line: Run command line    InstallSoftware    06/07/2014 17:16:55    3288 (0x0CD8)
    Process completed with exit code 0    InstallSoftware    06/07/2014 17:16:56    3288 (0x0CD8)
    Command line returned 0    InstallSoftware    06/07/2014 17:16:56    3288 (0x0CD8)
    Process completed with exit code 0    TSManager    06/07/2014 17:16:56    1712 (0x06B0)
    !--------------------------------------------------------------------------------------------!    TSManager    06/07/2014 17:16:56    1712 (0x06B0)
    Successfully completed the action (Change Power Plan to High Performance) with the exit win32 code 0    TSManager    06/07/2014 17:16:56    1712 (0x06B0)
    MP server http://SCCM.DOMAIN.COM. Ports 80,443. CRL=false.    TSManager    06/07/2014 17:16:56    1712 (0x06B0)
    Setting authenticator    TSManager    06/07/2014 17:16:56    1712 (0x06B0)
    Set authenticator in transport    TSManager    06/07/2014 17:16:56    1712 (0x06B0)
    Sending StatusMessage    TSManager    06/07/2014 17:16:56    1712 (0x06B0)
    Setting message signatures.    TSManager    06/07/2014 17:16:56    1712 (0x06B0)
    Setting the authenticator.    TSManager    06/07/2014 17:16:56    1712 (0x06B0)
    CLibSMSMessageWinHttpTransport::Send: URL: SCCM.DOMAIN.COM:80  CCM_POST /ccm_system/request    TSManager    06/07/2014 17:16:56    1712 (0x06B0)
    Request was successful.    TSManager    06/07/2014 17:16:56    1712 (0x06B0)



    • נערך על-ידי Eran Sharvit יום שני 07 יולי 2014 11:00 edit
    • נערך על-ידי Tzahi_Sh יום ראשון 13 יולי 2014 12:21
    יום שני 07 יולי 2014 10:09
  • העתקתי מה-Cmtrace את מה שנראה לי רלוונטי.
    מקווה שיעזור.

    יום שני 07 יולי 2014 10:10
  • נראה שהAccess Denied מגיע מהסקריפט. תוכל לצרף את הסקריפט?

    If my answer helped, please vote or mark as correct :) Regards, Ori Husyt System Center Cloud and Datacenter Management MVP

    יום ראשון 13 יולי 2014 11:56
  • הנה הסקריפט.

    בסופו של דבר מצאתי פתרון עקיף, השתמשתי ב-Orchestrator וה-Task Sequence מריץ לי את ה-Runbook שמכניס את המחשב לקבוצה שרציתי.
    אגב לסקריפט צריך להכניס Argument שבו מופיע שם הקבוצה שאני רוצה להכניס את המחשב.

    Const ADS_PROPERTY_APPEND = 3
    
    
    Set WshShell = WScript.CreateObject("WScript.Shell")
    
    '----Get Computer DN------
    Set objADSysInfo = CreateObject("ADSystemInfo")
    ComputerDN = objADSysInfo.ComputerName
    strcomputerdn = "LDAP://" & computerDN
    Set objADSysInfo = Nothing
    
    '----Connect AD-----
      Set oRoot = GetObject("LDAP://rootDSE")  
      strDomainPath = oRoot.Get("defaultNamingContext")  
      Set oConnection = CreateObject("ADODB.Connection")  
      oConnection.Provider = "ADsDSOObject"  
      oConnection.Open "Active Directory Provider"  
    
    '-----Read commandline---
    Set args = WScript.Arguments
    
    For i = 0 To Args.Count - 1
    'wscript.echo Args.Item( i )
    addgroup Args.Item( i )
    next
    
    
    Function Addgroup(groupname)
    '----Get Group DN------
    
      Set oRs = oConnection.Execute("SELECT adspath FROM 'LDAP://" & strDomainPath & "'" & "WHERE objectCategory='group' AND " & "Name='" & GroupName & "'")  
      If Not oRs.EOF Then   
      strAdsPath = oRs("adspath")   
      End If
    
    Set objGroup = GetObject (stradspath)
    Set objComputer = GetObject (strComputerDN)
    
    If (objGroup.IsMember(objComputer.AdsPath) = False) Then
     objGroup.PutEx ADS_PROPERTY_APPEND, "member", Array(computerdn)
     objGroup.SetInfo
    End If
    
    End Function


    יום ראשון 13 יולי 2014 12:00