For those of you that have tried to implement my previous Roles Wizard solution into your SCCM/MDT deployment, I would like to apologize it is a bit messy. :) Luckily I have trimmed down most everything that is no longer needed and simplied the process to add it to your deployment via SCCM!
You will still need the two wizard files that launch the Roles Wizard as included here in the zip. These have not changed from my last Roles Wizard update. You will also need the SQL file or custom SQL code to create the roles view for you to query against, this is also included in the zip.
Download SCCMRolesWizard.zip Here
Copy Files to the MDT Files Source Folder
- Copy ZTERolesWiz_Scripts.vbs and ZTERolesWiz_Definition_ENU.xml files to the folder that is currently containing your MDT Files Package that you initially setup when you created your task sequence or MDT Files Package.
Update Customsettings.ini
- Open the customsettings.ini file found in the source of your MDT Settings package. This location and file should've already been created from creating an MDT Task Sequence as well.
- On the Priority list you will need to add the following two options:
- SetShowRole
- SelectableRoles
- On the Properties list you will need to add the following two options:
- ShowRole
- SelectableRole(*)
- Add the following two sections to your customsettings.ini file
- [SelectableRoles]
SQLServer=MYSERVER
Database=BDDADMINDB
Netlib=DBNMPNTW
Table=SelectableRoles
Parameters=ShowRole
SQLShare=MDT_LOGS
- P.S. Update the Database, SQLServer and SQLShare to values that correctly match your environment.
Note: Your customsettings.ini should already be configured with your database queries as well.
Create Custom Roles View in SQL
In order for the [SelectableRoles] section from the customsettings.ini (as shown above) to work we need to create the view in our MDT database within SQL. You can either open the .sql file included in the zip and execute it within SQL Management Studio or simply copy and paste the code below into a new query window and execute it.
- Open SQL Server Management Studio Console
- Copy and Paste the following code into a new query window and execute it. (Making sure that bddadmindb is set to your corresponding MDT database.
IF EXISTS (select * from dbo.sysobjects where id = object_id(N'[dbo].[SelectableRoles]') and OBJECTPROPERTY(id, N'IsView') = 1)
DROP VIEW [dbo].[SelectableRoles]
Go
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
CREATE VIEW [dbo].[SelectableRoles]
AS
SELECT Role AS SelectableRole, 1 AS ShowRole
FROM dbo.RoleIdentity
GO
Edit Task Sequence
- Next you need to add a task to the task sequence in the "New Computers only" folder within the "Preinstall" phase.
- mshta.exe "%SCRIPTROOT%\Wizard.hta" /definition:ZTERolesWiz_Definition_ENU.xml
-
- You will also need to follow this task up with a new Gather task using CustomSettings.ini as your rules. This is required in order to process the Roles you have selected.
Note: Any Properties that you had already defined directly in the customsettings.ini or through an automated database query (such as Make/Model) will not be overwritten with the Roles Wizard selection. So make sure the properties you want to set via the Roles have not previously been set somewhere in the process.
Update distribution Points
- Right click and select "Update Distribution Points" on both your MDT Files Package and your MDT Settings Package so the new changes get copied to your distribution Points.
Done!
That's it, it should be done. The Roles Wizard will prompt on the New Computer scenario only and display all Roles defined in the MDT Database. If you want to get fancy you can modify the custom Roles View to maybe even only show certain roles or such, the rest is up to you.
Troubleshooting
If you are having troubles getting the roles to show up in the wizard or having the wizard show up at all you can Press F8 while in WinPE to open your command prompt (assuming you have this option enabled in your boot media) and open the C:\_SMSTaskSequence\Logs\bdd.log file for troubleshooting. Also you can always email me for questions.
I just wanted to blog this down real quick since it was fresh in memory.
Troubleshooting a deployment issue from the SMS Email distribution list; we were attempting to solve why an SCCM/MDT deployment was not installing the packages as listed in the task Install Software in the task sequence, with the base variable of PACKAGES.
Well come to find out, the package's programs in SCCM were not configured to allow them to be used in the task sequence without the use of an advertisement. You can find and enable this feature within the programs properties as shown here:
If you do not enable this feature and attempt to install packages from SCCM via the Install Software task you may see something like this error in your SMSTS.LOG file
Thanks to Todd Hemsell for sharing the error code and Michael Niehaus for pointing out the potential problem based on this error code!
P.S See Michael's post here for a more in-depth look at this process and a script for changing all your existing programs to have this feature enabled:
http://blogs.technet.com/mniehaus/archive/2008/05/08/using-the-configmgr-2007-install-software-step-to-install-a-dynamic-list-of-packages.aspx
Here is a blurb I actually found on the Microsoft TechNet forums as I was searching for answers to my Windows 2008/SCCM SP1 RC Lab issues and I thought it was worth repeating again here for those in the same boat.
Here is the blurb from the help information that will be in the RTM release of SP1.
Topics referencing Configuration Manager 2007 SP1 and Configuration Manager 2007 R2 are pre-release documentation and are subject to change in future releases. Blank topics are included as placeholders.
Topic last updated—March 2008
Microsoft System Center Configuration Manager 2007 requires the WebDAV component to be installed and enabled on the management points and BITS-enabled distribution points. The WebDAV component is not included in Windows Server 2008 operating system.
Note
The information in this topic applies only to Configuration Manager 2007 SP1.
You must download, install, and configure WebDAV manually on management points and BITS-enabled distribution points running Windows Server 2008. On BITS-enabled distribution points, you might also have to edit the requestFiltering section of the applicationHost.config file if your packages contain extensions that are blocked.
Important
Enabling WebDAV and modifying the requestFiltering section for the Web site increases the attack surface of the computer. Enable WebDAV only when required for management points and BITS-enabled distribution points. If you enable WebDAV on the default Web site, it is enabled for all applications using the default Web site. If you modify the requestFiltering section, it is modified for all Web sites on that server. The security best practice is to run Configuration Manager 2007 on a dedicated Web server. If you must run other applications on the Web server, use a custom Web site for Configuration Manager 2007.
Site servers and branch distribution points require Remote Differential Compression (RDC) to generate package signatures and perform signature comparison. RDC is not installed by default on computers running Windows Server 2008.
Reporting points running Windows Server 2008 require ASP.NET with Windows Authentication to be enabled.
To install and configure WebDAV for BITS-enabled distribution points and management points
- In Server Manager, on the Features node, start the Add Features Wizard.
- On the Select Features page, select BITS Server Extensions.
- When prompted, click Add Required Role Services to add the dependent components, including the Web Server (IIS) role.
- On the Select Features page, select Remote Differential Compression, and then click Next.
- On the Web Server (IIS) page, click Next.
- On the Select Role Services page, under IIS 6 Management Compatibility, select IIS 6 WMI Compatibility.
- Under Application Development, select ASP.NET and, when prompted, click Add Required Role Services to add the dependent components.
- Under Security, select Windows Authentication, and then click Next.
- On the Confirmation page, click Install, and then complete the rest of the wizard.
- Download the x86 or x64 version of WebDAV at http://go.microsoft.com/fwlink/?LinkId=108052.
- Run either webdav_x86_golive.msi or webdav_x64_golive.msi, depending on your processor.
- Enable WebDAV and create an Authoring Rule, as follows:
- Open Internet Information Services (IIS) Manager.
- In the Connections pane, expand the Sites node in the tree, and then click SMSWEB if you are using a custom Web site or click Default Web Site if you are using the default Web site for the site system.
- In the Features View, double-click WebDAV Authoring Rules.
- When the WebDAV Authoring Rules page is displayed, in the Actions pane, click Enable WebDAV.
- After WebDAV has been enabled, in the Actions pane, click Add Authoring Rule.
- In the Add Authoring Rule dialog box, under Allow access to, click All content.
- Under Allow access to this content to, click All users.
- Under Permissions, click Read, and then click OK.
- Change the property behavior as follows:
- In the WebDAV Authoring Rules page, in the Actions pane, click WebDAV Settings.
- In the WebDAV Settings page, under Property Behavior, set Allow anonymous property queries to True.
- Set Allow Custom Properties to False.
- Set Allow property queries with infinite depth to True.
- If this is a BITS-enabled distribution point, under WebDAV Behavior, set Allow access to hidden files to True.
Important
Allow access to hidden files is not required for management points and should not be configured.
- In the Action pane, click Apply.
- Close Internet Information Services (IIS) Manager.
- Verify that there are no error messages for the distribution point or management point role, as follows:
- In the Configuration Manager console, navigate to System Center Configuration Manager / System Status / Site Status / <site code> - <site server> / Site System Status.
- Check the status of the management point and distribution point roles.
- If you see any errors, right-click the role, click Show Messages, and then click All to see more detail.
To modify the requestFiltering section on BITS-enabled distribution points
- On the BITS-enabled distribution points, open %windir%\System32\inetsrv\config\applicationHost.config.
- Search for the <requestFiltering> section.
- Determine the file extensions that you will have in the packages on that distribution point. For each file extension that you require, change allowed to true.
- For example, if your package will contain a file with an .mdb extension, change the line <add fileExtension=".mdb" allowed="false" /> to <add fileExtension=".mdb" allowed="true" />.
Important
Allow only the file extensions required for your packages.
- Save and close applicationHost.config.
To add Remote Differential Compression to site servers and branch distribution points
- In Server Manager, on the Features node, start the Add Features Wizard.
- On the Select Features page, select Remote Differential Compression, and then click Next.
- Complete the rest of the wizard.
To enable ASP.NET and Windows Authentication on the reporting point
- In Server Manager, on the Roles node, start the Add Roles Wizard.
- On the Select Server Roles page, select Web Server (IIS).
- When prompted, click Add Required Role Services to add the dependent components.
- On the Select Server Roles page, click Next.
- Under Application Development, select ASP.NET and, when prompted, click Add Required Role Services to add the dependent components.
- Under Security, select Windows Authentication, and then click Next.
- On the Confirmation page, click Install, and then complete the rest of the wizard.
I don't know if anyone else has ran into issues setting up the PSP on your SCCM box or WDS box but I can tell you it is very touchy to failure if not done right. On our WDS server I already had went in through the WDS console to configure WDS. Well most people may tell you that is a no no when it comes to setting up PSP on that server. Needless to say I was getting all kinds of different event errors about WDS service not starting, PXE service not starting, pxemsi installer not seeming to finish according to the pxeMSI.log file.
After all said and done here are the steps I followed after encountering issues:
- Remove PXE Service Point from WDS Server
- Remove WDS Installation from Server (via Add/Remove Components)
- Reboot
- Install WDS Component (via Add/Remove Components)
- Reboot
- Do NOT attempt to open or configure WDS from the installed WDS Administrative Tool.
- Add PXE Service Point as a role via the ConfigMgr console to the WDS Server.
- Watch the logs and see success.
This seemed to have cleared things up for me and hopefully may help someone else out there that is having troubles playing with the PSP Role and WDS.
Those of you that are using the Enhanced System Discovery Tool are already familiar with this procedure. But what if you don't have ESD but do indeed have SCCM deployed? You can still pull this attribute into ConfigMgr and then use it throughout your queries and collections.
The first thing you will need to do is modify your AD System Discovery properties to include the whenChanged attribute. This can be found under the Active Directory attribute.
Once you have added this attribute you will want to select the Polling Schedule tab and checkbox the Run discovery as soon as possible if you want the new data for the whenChanged attribute to start showing up right away. Keep in mind this will increase system activity during this activity.
And to verify that it is indeed collecting it you can click on properties on a resource in the All Systems collection and browse through the data discovery data to see the new whenChanged property as well as its value as shown to the right. The values may take awhile as your System Discovery runs and you may also discovery many Null values as well.
Now that you have your new whenChanged property being populated into ConfigMgr you will simply need to create a query to utilize this data for your own benefit. Here is an example of a query that displays all machines that have an AD Activity Greater than 28 Days (Using whenChanged property):
select SMS_R_SYSTEM.ResourceID, SMS_R_SYSTEM.ResourceType, SMS_R_SYSTEM.Name, SMS_R_SYSTEM.SMSUniqueIdentifier, SMS_R_SYSTEM.ResourceDomainORWorkgroup, SMS_R_SYSTEM.Client from SMS_R_System where (DateDiff(day, whenChanged, GetDate()) > 28)
Now simply add that query into one of your collections and you can use the collection as a targeting or clean collection or how ever you prefer to use it.
P.S. Once you paste this query statement into the query language window you will not be able to go back to the Show Query Design window as the DateDiff function is not supported in that view. It has no effect on the query or results though.
If you have played with the MDT & SCCM integration then you may have noticed that SCCM uses its own USMT package and settings for the State Migration node in the task sequence. This may get complicated for you if you are used to using the USMTMigFiles and the USMTConfigFile properties in your BDD/MDT rules previous to SCCM as SCCM does not use these values anymore. In fact it doesn't support a Config File at all, only the mig files. You can achieve the same result of the USMTMigFiles property by setting the variable OSDMigrateConfigFiles to a comma-seperated list of the file names that should be used (Thanks to Michael Niehaus for that tip).
Now here's where the logs may confuse you if you are following along in a test environment. The BDD.log will indeed show it using the USMTConfigFile and USMTMigFiles variables and running USMT command. Don't be alarmed, this is *only* to run an estimate step in the sequence to determine space required and location to store them, the same step that was in BDD before SCCM so nothing new there.
So whats the catch? Well since the estimation step is using your old variables and the actual State Migration step is using the OSDMigrateConfigFiles variable you'll want to sync these variables up. Why? Take this for example: If you have your USMTMigFiles assigned to a value of test.xml and in that xml you were testing the migration of MP3s and photos and videos even then the estimation will actually calculate those into concideration when it runs it estimate size. So in this example lets say the estimate returned that it requires 20GB of space for migration and the machine only has 10GB of available space. It will now tell the sequence to not use the local storage for State Migration because there is not enough space. Now if your OSDMigrateConfigFiles is assigned the value of UserData.xml and only contains a very small subset of what your Test.xml contained, then it may only need 1-2GB of space to migrate or even less, but will still not use the local storage to store this data because the estimate step told it not to based on its findings using test.xml.
You can see where this *may* become an issue or moreso of wasted resources when they are not in sync. So it seems currently that it would be a best method to make sure your USMTMigFiles variable has the same values as the OSDMigrateConfigFiles and that the USMTConfigFile variable is not used at all to make sure the estimate and the true migration data match up, and I'll provide a quick example here.
(CustomSettings.ini)
USMTMigFiles1=CustomData.xml
USMTMigFiles2=AppsData.xml
OSDMigrateConfigFiles=CustomData.xml,AppsData.xml
So for the last couple days I have been trying to get this to work and finally it hit me what I was doing wrong. If you want to set this up all you need to do is first use an MDT imported Task Sequence into SCCM so it takes advatange of the MDT scripts and settings. This will setup a task in your task sequence called Install Software and the settings should already be set to the Install Multiple Applications option with the Base property being PACKAGES (Which we all know is the property BDD/MDT uses to assign SMS packages). Second is you can simply follow the documentation in the Deployment Customization Desktop Samples doc that is included in the Microsoft Deployment Tools install. The section is called Deploying Applications Based on Previous Application Versions on page 39.
What is the trouble you ask? Well if you are like me and have never set this or even referenced a SMS package and program combo via BDD or MDT before then you'll probably just follow the documentation word for word. And here is the key problem! The documentation gives the following example for putting a package into your PackageMapping table:
INSERT INTO [PackageMapping] (ARPName, Packages) VALUES('Office8.0', 'XXX0000F-Install Office 2003 Professional')
Those that are familiar with referencing SMS packages in their customsettings.ini or their BDD database will instantly spot the flaw with this syntax. They are mapping to the Office 2003 Profession install using the [PACKAGEXXX-Program] format (notice the dash) when in fact it is suppose to be a colon such as [PACKAGEXXX:Program]! So the correct example should look like this:
INSERT INTO [PackageMapping] (ARPName, Packages) VALUES('Office8.0', 'XXX0000F:Install Office 2003 Professional')
Simple mistake yet I should've noticed this right away since this is the format displayed in the BDD console you when use the Add Package option in the database section.
The documentation references the same syntax error again in the same section as noted below. Just keep in mind it should be a colon and not a dash and you will be in good shape.
(XXX0000F-Install Office 2003 Profession). This indicates that package XXX0000F-Install Office 2003 Professional will be installed by the ZTI process during the State Restore Phase.
Have you tried to impliment one of the HTA wizards into your ZTI deployment only to find out that it is not launching or showing up at all? Well besides the configuration required to get the script running in the first place, there is some requirements for WinPE that enables it to successfully launch HTA's.
If you do a windiff on your ZTI$\Boot\Source folder and the Original WinPE 2005 download, you may find that the ZTI source is missing MSHTML.DLL file. The reason this may be is because you may be using Windows Server 2003 SP1 and Windows PE 2005 to create your boot image from the BDD workbench. The problem has to do with the BuildOptionalComponents.vbs script that is used to create your image. It looks for the following files, mshtml.dl_, iepeers.dl_, plugin.oc_, in your Windows 2003 SP1 source media. Unfortunately these are already extracted to the full names in the Windows 2003 SP1 source media, therefore the script never finds the file, and therefore was never able to copy it over to the ZTI\Boot\Source correctly before building it.
You will either need to modify the script to look for both file names, extracted and non-extracted, or you will need to manually copy the files (at least MSHTML.DLL) over to your ZTI\Boot\Source folder in order to get HTA windows to launch at all.
Another person that had this same problem stated that he did the following as a workaround for getting it to work as well:
"As a workaround, since I didn’t want to edit any scripts, I found those 3 files in Windows XP and copied those to the source location in Server 2003."
Hopefully this should help others out there running into the same issue.
I wrote this script to automate the part of removing those pesky Unknown Devices that show up when lets say you are creating your reference or master XP image. All this script does is queries WMI for any pnp devices that have a status of Error and uses devcon to remove them. This is perfect for placing right before the sysprep step in your BDD automation.
http://myitforum.com/cs2/blogs/jscheffelmaer/BDD/Remove%20Unknown%20Devices%20XP.zip
P.S. This script only detects unknown devices that have already been marked as 'Error'. Therefore devices that are prompting the wizard for drivers may not be detected with this script. Luckily it seems that BDD unattended install of XP marks all the unknowns as Error's right away so it should work.
I had to make a simple update to the steps of implimenting the Roles Wizard as posted in my earlier blog. The steps missing didn't allow the Wizard to show up under a CD boot (New Computer) scenario, though it worked fine from the Refresh/Share scenario. All I did was add the necessary files to a folder structure that gets copied to the bootdisk during update/compile. That way the UserExit.vbs and other files are available when it tries to call them in bootstrap.ini.
Feel free to keep adding feedback! THanks!
*Updated June 2nd 2008 for SCCM - Here: http://myitforum.com/cs2/blogs/jscheffelmaer/archive/2008/06/02/sccm-and-roles-wizard-via-mdt-database.aspx
I finally got around to updating this procedure. This new procedure was completely rewritten from the old one. It is called from the bootstrap.ini so it is displayed before any ztigather runs on the normal customsettings.ini or the database. The Role Wizard pane will be displayed to the tech and will contain all roles defined in the database.
*Plus* This wizard also has a computer name wizard with it, mainly only useful for ZTI deployments since LTI already has a computer name wizard. Simply remove it from the ZTERolesWiz_Definition_ENU.xml if you don't want the computer name being displayed twice in LTI deployments.
Please feel free to contact me with any questions, comments, concerns, changes, feedback or issues you may have implimenting this mod. It isn't too bad once you understand the changes. Follow the Select Roles Wizard.doc file in the included zip. The ZIP also contains file references from the doc that you will be changing.
http://myitforum.com/cs2/blogs/jscheffelmaer/BDD/RolesWizard.zip
P.S. Use the LAB Shell CD for deployment when testing. If you are not seeing the wizard come up, make sure that your HTA component is working in your PE build. You can see in the logs where it attempts to launch the Wizard.HTA file, and can manually copy/paste that line in your LAB shell cmd window to test MSHTA. I had this problem with my PE build.
*UPDATE*
Recently I found an issue with the doc and steps for it to show up under LiteTouch boot cd. Try a refresh scenario (run litetouch from the share) and see if it works just to verify.
Missing doc steps:
As well as than using the folders I specified above, add all 4 of these files to a .\ExtraFiles\Deploy\Scripts folder that I created per the Geeks Guide docs Johan created. These then are added to the PE extra files section of the deployment. These files now get copied to the .\Deploy\Scripts folder on the boot media when the PE ISO and WIM file gets created and now the Roles Wizard is coming up as expected for CD.
So I went and purchased the Windows PowerShell In Action book by Bruce Payette and so far I've enjoyed it. It eases you in nicely to powershell and then goes right into the depths of creating scriptbocks and advanced functions. I think it helps quite a bit to be a knowledgeable scripter before hand. This book seems to target admins that already know how to script-manage their environment and instead teaches them how to use that knowledge in powershell instead.
I, on the other hand, still have lots to learn using PowerShell. 
Well I figured I would upload my current "Deployment Roles" document that describes how to modify your current BDD 2007 scripts to include the ability to configure and manage roles on a database table to make them selectable on the LiteTouch wizard.
This article is for advanced BDD users or those comfortable in editing their own BDD scripts. If you are to follow this document, then make a backup of every file that is to be modified. This allows you to put the original code back once a BDD update comes out, as well as if anything breaks after you impliment it.
I am working on an updated procedure that should be a much cleaner approach and will also work with ZTI as Ben Hunter has hinted about doing in his blog of using LTI wizards in ZTI. But if you want to know, yes we are using this current procedure in production now with no issues. The main downside to it is to manage the rolegroups requires you to use another method (such as SQL Management Studio) other than the workbench to update the deploymentgroup table since the current BDD Workbench doesn't support or even acknowledge this table exists because it is custom with the procedure.
BDD LiteTouch Deployment Roles Modification
EDIT: See the newer article for an updated process: http://myitforum.com/cs2/blogs/jscheffelmaer/archive/2007/05/02/new-bdd-roles-select-wizard-lti-zti-mod.aspx
Rod set me up with my blog spot on myITforum so I can finally start rambling to whoever doesn't want to listen. ;) I am guessing most of my blogs are going to be focused around BDD, VBScripts, Powershell, & SMS.
So I noticed Michael Niehaus's blog from Saturday talking about using BDD & Powershell together. He posted a great example on using Powershell to query the drivers in BDD and create groups based on each drivers manufacterer and add the drivers to the groups. I thought this was a perfect example to get minds thinking of the possibilities of scripting or automating BDD workbench.
So I started playing around with a few of the commands just for testing. It really helps having the BDD Source code on hand to look into the source for available functions and such. The one I initially wanted to play with was the databaseconnection object. This allowed me to do direct queries to the database utilizing the Microsoft.BDD.ConfigManager.dll. Here is a poor example of a powershell query that returns roles assigned to specific data set at the top of the script. You can see how this could create a nice report.
# Initialization
$MycompAssetTag = "4330-9718-9298-1100-7864-6575-19"
$MyGateway = "10.20.30.1"
$MyMake = "IBM"
$MyModel = "T43"
[System.Reflection.Assembly]::LoadFile("C:\Program Files\BDD 2007\bin\Microsoft.BDD.ConfigManager.dll")
$manager = [Microsoft.BDD.ConfigManager.Manager]
write-host ""
write-host "The following roles apply to your computer:"
# Get ComputerSettings (Need computer AssetTag, UUID, SerialNumber, MacAddress)
foreach ($computerItem in $manager::databaseConnection.Table("ComputerIdentity"))
{
If ($computerItem["AssetTag"] -eq $MycompAssetTag)
{
$compID = $computerItem["ID"]
}
}
# Get Locations (Need computer AssetTag, UUID, SerialNumber, MacAddress)
foreach ($defaultGateway in $manager::databaseConnection.Table("LocationIdentity_DefaultGateway"))
{
If ($defaultGateway["DefaultGateway"] -eq $MyGateway)
{
$GatewayID = $defaultGateway["ID"]
}
}
# Get Locations (Need computer AssetTag, UUID, SerialNumber, MacAddress)
foreach ($MakeModel in $manager::databaseConnection.Table("MakeModelIdentity"))
{
If ($MakeModel["Make"] -eq $MyMake)
{
If ($MakeModel["Model"] -eq $MyModel)
{
$MakeModelID = $MakeModel["ID"]
}
}
}
# Get Computer Roles
foreach ($computerRole in $manager::databaseConnection.Table("ComputerRoles"))
{
If ($computerRole["ID"] -eq $CompID)
{
write-host - $computerRole["Role"]
}
}
# Get Location Roles
foreach ($LocationRole in $manager::databaseConnection.Table("LocationRoles"))
{
If ($LocationRole["ID"] -eq $GatewayID)
{
write-host - $LocationRole["Role"]
}
}
# Get Make/Model Roles
foreach ($MakeModelRole in $manager::databaseConnection.Table("MakeModelRoles"))
{
If ($MakeModelRole["ID"] -eq $MakeModelID)
{
write-host = - $MakeModelRole["Role"]
}
}