Five valuable things ConfigMgr should just inventory by default…

By Nash Pherson  -

I have helped numerous school districts, universities, public agencies, and private companies implement ConfigMgr 2012, and at each one we have spent time customizing hardware inventory in order to be able to solve common systems management problems.

It seems like the ConfigMgr product team does a good job setting most things up to fit 80% of the organizations that use the product. Yes, everyone has their personal favorite exceptions to this (“Well… this doesn’t work well outsourcing my Application creation to a team in India”), but those are usually limited-use things that the product team really shouldn’t be focusing on. I am OK with that, but sometimes the product team still needs a little help getting info from the field about what is most beneficial to most organizations running ConfigMgr.

It seems like the single most beneficial change to ConfigMgr’s inventory features would be to rename “Software Inventory” to “File Inventory” since it is such a common point of confusion. Additionally, they could even consider changing the name of “Hardware Inventory” to “System Inventory”. When every help desk staffer, desktop support technician, and IT manager can get valuable inventory data from ConfigMgr, it means that a lot of people end up getting confused by the current misleading names.

I also think there are a lot of easy, subtle changes that would make ConfigMgr’s inventory features more valuable out-of-the-box. I believe these 5 changes to the default way Hardware Inventory works would be beneficial to the 80%:

1. Inventory the Win32_OperatingSystem.OSArchitecture Property by Default

Windows XP didn’t support it, but once it becomes ‘unsupported’ this April, the Win32_OperatingSystem.OSArchitecture Property this should be the primary way you target Deployment Types based on the architecture (32-bit, 64-bit, etc) of the operating system. This is a common reporting question and, when enabled, a common part of collection query rules. A bunch of the attributes from the Win32_OperatingSystem class are already inventoried by default, so why start including the OSArchitecture property?

2. Inventory the SMS_InstalledSoftware Class by Default

Yes, it is leveraged by Asset Intelligence, but you don’t have to have an AI Sync point to inventory this class. Lots of people get confused by the Installed Applications and Installed Applications (64) split. Or, worse yet, they don’t realize they are only looking at half of their inventory data when building collection queries and  reports. The coalesced view for Installed Software should just plain be on by default so people have 1 place to look for all the data they need about what’s installed.

3. Create and Inventory a Class for PowerShell Version

Sherry has a custom MOF edit for picking this stuff up and Enhansoft even has a free report for displaying the data, but the PowerShell version information should just be baked-in by default. Grabbing everything from the $psversiontable would be great. This will help take one of the hurdles to PowerShell adoption out of the equation for ConfigMgr shops.

4. Create and Inventory a Class for Internet Explorer Version

There are lots of examples for custom MOF edits for the Version and svcVersion values from the HKLM\Software\Microsoft\Internet Explorer\ registry key. The ConfigMgr client should add this info to WMI (unless its already there and I just haven’t found it yet) and hardware inventory should grab it by default. ConfigMgr could even have a lookup table with the friendly names (“Internet Explorer 11”) for building queries/reports. The release cadence for IE keeps accelerating, and this change will make it easier for systems managers to keep up.

5. Create and Inventory a Class for Local Group Members

Sherry’s custom MOF edit for inventorying the members of local Groups is one of the most common MOF edits used. This helps organizations audit the membership of the local Administrators group which is incredibly important. Whether following NIST, NSA, or SANS guidance, auditing these permissions is near the top of the list as ‘most critical things to do’ for security. The ConfigMgr client should create/update this class and inventory it by default. Yeah, the Windows team should have done this for us, but we all know the ConfigMgr product team is wayyyy cooler than them, right?

The product team uses feedback submitted through Microsoft Connect to help prioritize the work they are doing.  If you help vote up these issues, it would make it more likely that the feedback will be implemented.  Every vote (and comment and “I can too”) helps! If you think this article is missing something really important, write it up and post it to Microsoft Connect, then put a link in this article’s comment. If you’ve already registered on Connect and joined the Configuration Manager feedback group, you can vote up the suggestion here:

If you have never given product feedback before, take a look at this article for information about how and why:

Thank you for your help,


PS: Thank you to the North American Inventory Experts that gave feedback on the article:  Garth Jones, Sherry Kissinger, and Jason Sandys.  And thank you to the European Rock-Star Consultants Kent Agerlund, Gerry Johann Arwidmark, and Gerry Hampson for looking it over, too!


Written by , Posted .

Leave a Comment

You must be logged in to post a comment.