Import SCCM Computer Information and MAC Addresses programmatically from Active Directory

To run a bare metal OS deployment in SCCM, the respective computer/MAC address information need to be available in the SCCM database. A possible solution to populate the SCCM database with this computer/MAC address information could be to use Active Directory. When using Active Directory as a source, the idea is to to pre-stage the computer account in ADS, while maintaining also the “netbootGUID” attribute.

Creating the computer account and adding the netbootGUID attribute can be done manually via the ADUC console and the attribute editor, or programmatically using PowerShell. The netbootGUID attribute in Active Directory contains data of the type octed string, whereas the MAC address value must be converted accordingly before it can be used:

Convert a MAC address into a GUID and then into an octed string

## Create a GUID based of the MAC address, then build an octet string from the GUID, which can be used in the LDAP search filter
$macAddress = "<MACADDRESS_WITHOUT_SEPARATORS>";
$octetNetbootGUID = "";
[GUID]$objNetBootGUID = "00000000-0000-0000-0000-$macAddress"
($objNetBootGUID.ToByteArray() | foreach { $octetNetbootGUID = $octetNetbootGUID + '\' + $_.ToString('x2') }) -join '';
$octetNetbootGUID;

Once the computer account has been created in Active Directory, a scheduled task can take care to search Active Directory and import new computers to the SCCM database periodcally:

Search Active Directoy to find new computers with a netbootGUID value

## Search ADS to find computers having set a value for the netbootGUID attribute and have been changed recently
$domainController = "<DC>";
$todaystamp = get-date -uformat 20%y%m%d;
$todaystamp = $todaystamp + "000000.0Z";
$ldapRoot =[string]"LDAP://$domainController:389/DC=domain,DC=TLD";
$directoryEntry = New-Object System.DirectoryServices.DirectoryEntry($ldapRoot);
$searcher = New-Object DirectoryServices.DirectorySearcher($directoryEntry);
$searcher.PageSize = 1000;
$searcher.filter = "(& (|(netbootGUID=*) (whenchanged>= "+ $todaystamp + "))";
$results = $searcher.findall();
foreach ($item in $results){
    $netBIOSName = $item.properties.name;
    $netBIOSName = [STRING]$netBIOSName;
    $netBIOSName;
}

Convert the byte array value of the netbootGUID attribute into a string

$objAdComputer = Get-ADComputer -Filter {(name -eq "COMPUTERNAME"); 
$byarrNetBootGUID = $objAdComputer.netbootguid;
$netBootGUID = [STRING]$byarrNetBootGUID ;
$arrNetBootGUID = $netBootGUID.Split();
$macAddressRaw = [Convert]::ToString( $arrNetBootGUID[10 ],16) + ":" + [Convert]:: ToString($arrNetBootGUID[ 11],16 ) + ":" + [Convert]:: ToString($arrNetBootGUID[ 12],16 ) + ":" + [Convert]:: ToString($arrNetBootGUID[ 13],16 ) + ":" + [Convert]:: ToString($arrNetBootGUID[ 14],16 ) + ":" + [Convert]:: ToString($arrNetBootGUID[ 15],16 );

## Verify raw MAC address, adding a leading "0" where it has been skipped
$arrMacAddress = $macAddressRaw.Split(":" );
$macAddress = "" ;
for ( $i=0 ; $i -le $arrMacAddress.length- 1; $i ++){
       if ( $arrMacAddress[$i].length -ne 2){
              $arrMacAddress[$i] = "0" + $arrMacAddress[$i ];
       }
}
$macAddress = $arrMacAddress [0] + ":" + $arrMacAddress[1] + ":" + $arrMacAddress[2 ] + ":" + $arrMacAddress [3] + ":" + $arrMacAddress[ 4] + ":" + $arrMacAddress[5 ];
$macAddress = $macAddress.ToUpper();

Query the SCCM database for a computer with a specific NetBIOS name and get the MAC address

## Query SCCM database for a record with a specific netbios name and return the MAC address
$cmSiteCode = "CCM";
$netBIOSName = "<NETBIOSNAME>";
$objComputer = Get-WmiObject -query "SELECT NetbiosName, MACAddresses FROM SMS_R_SYSTEM WHERE NETBIOSNAME LIKE '%$netBIOSName%'" -Namespace "ROOT\SMS\site_$cmSiteCode";
$arrMacAddressesCCM = $objComputer.MACAddresses;
$macAddressesCCM = [STRING]$arrMacAddressesCCM;

Create a computer with a specific name and MAC address in SCCM and add the computer to a specific collection

Since SCCM 2012, this step can be completed using only one PowerShell command:

Import-CMComputerInformation -Computername $netBIOSName -MacAddress $macAddress -CollectionName "All Computers";

Due to the lack of the pretty PowerShell CMD-lets from SCCM 2012, the code to be used in SCCM 2007 is a little bit more:

## VARIABLES
$cmSiteServer = "." ;
$cmSiteCode = "CCM" ;
$cmWmiNameSpace = "\\" + $cmSiteServer + "\ROOT\SMS\site_" + $cmSiteCode ;
$cmCollectionID = "CCM00001" ;
$macAddress = "11:22:33:AA:BB:CC" ;
$netBIOSName = "COMPUTERNAME" ;

## Create and configure a SCCM "Site" object
$cmWmiClass = "SMS_Site" ;
$objCmSite = [ WmiClass]( "$($cmWmiNameSpace ):$cmWmiClass ");

## Create and configure a SCCM "Collection" object from the target collection
$cmWmiClass = "SMS_Collection" ;
$collectionFilter = "CollectionID = ' $cmCollectionID'";
$objCmCollection = Get-WmiObject $cmWmiClass -Computer $cmSiteServer -Namespace "ROOT\SMS\site_$cmSiteCode" -filter $CollectionFilter;

## Add computer to SCCM
$objSiteInParams = $objCmSite .PSBase. GetMethodParameters("ImportMachineEntry");
$objSiteInParams. MACAddress = $macAddress;
$objSiteInParams. NetbiosName = $netBIOSName;
$objSiteInParams. OverwriteExistingRecord = $true;
$objCmComputer = $objCmSite .PSBase. InvokeMethod("ImportMachineEntry", $objSiteInParams, $Null);

## Create and configure a SCCM "CollectionRuleDirect" object
$cmWmiClass = "SMS_CollectionRuleDirect" ;
$objCmCollectionRuleDirect = [ WmiClass]( "$($cmWmiNameSpace ):$cmWmiClass ");
$objCmCollectionRuleDirect. PSBase.properties ["ResourceClassName"]. value = "SMS_R_System";
$objCmCollectionRuleDirect. PSBase.Properties ["ResourceID"]. Value = $objCmComputer.ResourceID;

## Add Computer to SCCM collection
$objCollectionInParams = $objCmCollection.PSBase .GetMethodParameters("AddMembershipRule" );
$objCollectionInParams. CollectionRule = $objCmCollectionRuleDirect;
$objCmCollection.PSBase .InvokeMethod("AddMembershipRule" , $objCollectionInParams , $Null );
Advertisements
This entry was posted in System Center Configuration Manager. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s