I recognize that this comes a bit late, since most of us are preparing to migrate to Configuration Manager 2012, but it’s a fun exercise nonetheless. A basic understanding of SMS Web Reporting is assumed.
Customers always want functionality that isn’t included with Configuration Manager 2007 by default. There are many example scripts for interacting with Configuration Manager, and with a little tweaking they can leverage the SMS Reporting Point role to add new features quickly and easily. Check out the Configuration Manager SDK to see what types of actions are available.
The first thing you’ll need to do is configure a dedicated user account to perform most of the actions. At a minimum, this account will need to be a member of your SMS Admins and Distributed COM Users groups on the primary server where reports are configured. Next, create the following subfolder on the SMS Reporting Point server: C:\inetpub\wwwroot\SMSReporting_YYY\Actions\, where YYY is the site code. To keep things simple, we’ll configure permissions on the subfolder so that ASP files are automatically run as the dedicated user account.
Open IIS Manager and browse to the new subfolder under <server_name>, Sites, Default Web Site, SMSReporting001, Actions. Make sure you click on Actions, so Supplemental/Actions Home is the title in the features pane. Double-click Authentication in the IIS section to look at the permissions.
Right-click Anonymous Authentication and select Enable. Right-click Anonymous Authentication again and select Edit… Check Specific User and click Set… to open the Set Credentials wizard. Supply the dedicated account name and password and click OK to close.
You’re now ready to start building applications.
Creating a new action:
We’ll start with the most common request, which allows a designated group to add computers to a collection. We use the SMS_CollectionRuleDirect class to drive this action. Create a new text file named AddComp.asp in the Actions subfolder you created above, with the following code, and note that it does not include any error checking or security. Watch out for word wrap as well.
<title>Add computer to Collection</title>
<h1>Adding to collection, please wait.</h1>
<h2>View the "List of computers in a collection" report to verify that the computer has been added.</h2>
‘ GET VARIABLES PASSED IN LINK
strSite = Request.QueryString(“Site”)
strServer = Request.QueryString(“Server”)
strName = Request.QueryString(“Name”)
strResourceID = Request.QueryString(“ResourceID”)
strCollectionID = Request.QueryString(“CollectionID”)
set SWbemServices = SWbemLocator.ConnectServer(strServer,”root\SMS\site_”& strSite)
collectionquery = “SMS_Collection.CollectionID=’” & strCollectionID & “‘”
Set oCollection = SWbemServices.Get(collectionquery)
Set newDirectRule = SWbemServices.Get(“SMS_CollectionRuleDirect”).SpawnInstance_
newDirectRule.ResourceClassName = “SMS_R_System”
newDirectRule.ResourceID = strResourceID
Set oCollectionRule = newDirectRule
Creating a report to drive the action:
Within the Configuration Manager Console, start the New Report Wizard. Your SQL statement will look like this:
+ ‘ ‘
+ [GCS].[Model0] AS “Hardware”,
@CollectionID AS “Collection”
FROM [v_R_SYSTEM] [SYS]
LEFT JOIN [V_GS_PC_BIOS] [PCB]
ON [SYS].[ResourceID] = [PCB].[ResourceID]
LEFT JOIN [v_R_User] [USR]
ON [SYS].[User_Name0] = [USR].[User_Name0]
LEFT JOIN [v_GS_COMPUTER_SYSTEM] [GCS]
ON [SYS].[ResourceID] = [GCS].[ResourceID]
WHERE [SYS].[NetBios_Name0] LIKE @ComputerName
Add the following prompts:
ComputerName: SELECT Netbios_Name0 FROM v_R_System
CollectionID: SELECT CollectionID,Name,Comment FROM v_Collection
Add this link, where YYY is the site code and ZZZZ is the server name: supplemental/Actions/addcomp.asp?Site=YYY&Server=ZZZZ&Name=<2>&ResourceID=<6>&CollectionID=<7>
Using the report:
Run the report like any other. Select a computer and a collection and click the Display button. Validate that the computer on the next page is indeed the one you wanted to hit, and click the button to the left. This is where the magic happens. The AddComp.asp file takes the input from the link you created, and creates a direct collection rule.
For more fun:
Add your own error checking, security, and a method to refresh the machine policy on the target computer. Post your sample code and results below for others to plagiarize.