We use SCCM 2016 to install Microsoft updates and have multiple deployments with deadlines of past dates. I'd like to be able to push those deadlines to a future date using a script, as manually changing per deployment with the GUI is time consuming.
This command shows me the deployments of interest:
Get-CMDeployment | Select-Object -Property * | Where-Object {`
$_.SoftwareName -like '*SecurityUpdates*' -and $_.CollectionName -like '*Servers*'
}
My research shows I should use Set-CMSoftwareUpdateDeployment to modify the deadline of existing deployments. However this is where I'm stuck. According to the following thread, the parameters I should use to define a new deadline are DeploymentExpireDay and DeploymentExpireTime, as well as make sure the deployment is set to required:
https://social.technet.microsoft.com/Forums/ie/en-US/11f977f4-09d1-4127-b8ce-7cdb19c88d1b/update-deployment-installation-deadlines-via-powershell?forum=configmanagersecurity
Unsure how to construct a working command, I consulted the cmdlet's MS documentation: https://learn.microsoft.com/en-us/powershell/module/configurationmanager/set-cmsoftwareupdatedeployment?view=sccm-ps
Looking at the doco, DeploymentExpireDay and DeploymentExpireTime aren't listed in the parameters list. Only DeploymentExpireDateTime is in the list. However, to add to the confusion, those two parameters are included in the examples whereas DeploymentExpireDateTime is not.
I connect to SCCM like this:
#Load Configuration Manager PowerShell Module
Import-module ($Env:SMS_ADMIN_UI_PATH.Substring(0,$Env:SMS_ADMIN_UI_PATH.Length-5) + '\ConfigurationManager.psd1')
#Get SiteCode and set Powershell Drive
$SiteCode = (Get-PSDrive -PSProvider CMSITE).Name
Push-Location "$($SiteCode):\"
I tried this:
$DeadlineDay = Get-Date -Month 11 -Day 08 -Year 2018
$DeadlineTime = Get-Date -Hour 16 -Minute 0 -Second 0
Set-CMSoftwareUpdateDeployment `
-DeploymentName "Deployment Name" `
-DeploymentType Required `
-DeploymentExpireDay $DeadlineDay `
-DeploymentExpireTime $DeadlineTime
But I get this:
Set-CMSoftwareUpdateDeployment : A parameter cannot be found that matches parameter name 'DeploymentExpireDay'.
At line:1 char:104
+ ... ment Name" -DeploymentType Required -DeploymentExpireDay $Deadli ...
+ ~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Set-CMSoftwareUpdateDeployment], ParameterBindingException
+ FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.ConfigurationManagement.Cmdlets.Deployments.Commands.SetSoftwareUpdateDeploymentCommand
So I tried this:
$date = (Get-Date).AddDays(20)
Set-CMSoftwareUpdateDeployment `
-DeploymentName "Deployment Name" `
-DeploymentType Required `
-DeploymentExpireDateTime $date
But I get this:
cmdlet Set-CMSoftwareUpdateDeployment at command pipeline position 1
Supply values for the following parameters:
InputObject:
PS SCM:\>
Can anyone direct me as to what I'm doing wrong? Thanks in advance!
You probably need more information than just the DeploymentName to make this recognizable. Try Specifying The parameter -SoftwareUpdateGroupName as well was as -DeploymentName so
$date = (Get-Date).AddDays(20)
Set-CMSoftwareUpdateDeployment `
-DeploymentName "Deployment Name" `
-SoftwareUpdateGroupName "Software Update Group Name" `
-DeploymentType Required `
-DeploymentExpireDateTime $date
If you don't know the software update group name I would go a totally different route.
First get the deployments with
Get-CMSoftwareUpdateDeployment
I think in your case you will just want all of them anyway but if not you probably have to filter with "where" because the -Name parameter seems to be broken.
Then use the objects you get as InputObject for Set-CMSoftwareUpdateDeployment ingoring the name and modifying the time:
Get-CMSoftwareUpdateDeployment | where {$_.AssignmentName -eq "Deployment Name"}
| Set-CMSoftwareUpdateDeployment -DeploymentExpireDateTime (Get-Date).AddDays(20)
Related
I would need your help with the use of New-AdGroup command.
The goal of my script is to verify if an Active Directory group exists and if it doesn't exist the script create the group and add the member of the group in a specific OU.
But my problem is when I use the script with a combination of OU and one of them contains some spaces in its name (ex : "OU=Servers of Files"), the script returns an error.
Example: I need to add the group in "OU=Fileserver1" which is a sub OU of "OU=Servers of Files" which is a sub OU of "OU=Groupes".
When I call New-AdGroup with a path's value : "Ou=ServerFile1,OU=Servers of Files,OU=Groupes,DC=Contoso,DC=lan", I get the following error.
New-ADGroup : Objet de l’annuaire non trouvé At line:29 char:5
+ New-ADGroup -Name "$DLGroupName" -Path "$Orga" -GroupCategory "Se ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (CN=G_GROUP1...ONTOSO,DC=lan:String) [New-ADGroup],
ADIdentityNotFoundException
+ FullyQualifiedErrorId : Objet de l’annuaire non trouvé,Microsoft.ActiveDirectory.Management.Commands.NewADGroup
The problem is caused by "OU=Servers of Files" because I tried with an OU without spaces and it was working.
Please find a part of the script below, let me know how I can manage spaces under a path :
#Variable
$CurrentDomain = Get-ADDomain | Select -Property DistinguishedName
$TargetOU = "OU=FileServer1,OU=Servers of Files,OU=Groupes" #
$OrganizationalUnitDN = $TargetOU+","+ $CurrentDomain.DistinguishedName
$Orga = $OrganizationalUnitDN
$DLGroupName = "DL_FileServer1_TEST"
$Description = "\\FileServer1\Share\Test"
New-ADGroup -Name "$DLGroupName" -Path "$Orga" -GroupCategory "Security" -GroupScope "Global" -Description "$Description" -PassThru
Note : $Orga = Ou=ServerFile1,OU=Servers of Files,OU=Groupes,DC=Contoso,DC=lan
When we encounter weird bugs like this, a good first test is to manually run the command with no variables to find the root cause of the error. Doing this shows us that we don't need to escape spaces with a \ or \20 sequence and that route won't help us.
Because I can run your command with no errors when I manually expand the variables like so:
New-ADGroup -Name "DL_FileServer1_TEST" -Path "OU=Servers Of Files,DC=FoxDeploy,DC=local" `
-GroupCategory "Security" -GroupScope "Global" -Description "Test" -PassThru
DistinguishedName : CN=DL_FileServer1_TEST1,OU=Servers Of Files,DC=FoxDeploy,DC=local
GroupCategory : Security
GroupScope : Global
Name : DL_FileServer1_TEST1
ObjectClass : group
ObjectGUID : 5889f8ea-9d80-4609-ad47-92e50a574088
SamAccountName : DL_FileServer1_TEST1
SID : S-1-5-21-3818945699-900446794-3716848007-32100
Now that I know this works, I know I can then store the values in variables to make it cleaner to read, like this:
$params = #{
Name = "DL_FileServer1_TEST1";
Path = "OU=Servers Of Files,DC=FoxDeploy,DC=local";
GroupCategory = "Security";
GroupScope = "Global";
Description = "My Test Group"
PassThru = $true
}
New-ADGroup #params
If I had to guess, I bet that you need to run the entire script to populate all of the variables, and instead you are rerunning the last command over and over but one of the variables is $null.
If that doesn't work...
If not that, then are we sure the container of Ou=ServerFile1 actually exists too?
I need to set OOF message for around 80 users in O365.
I found a cmdlet Set-MailboxAutoReplyConfiguration which I can use to automate the procedure,
and it's looks fine but I'am probably missing something.
Here is the code:
$usersfile = import-csv "C:\Users\Out Of office bulk\Users.csv"
$setmailbox = #{
'Identity' = $usersfile.UserPrincipalName
'AutoReplyState' = 'Scheduled'
'externalaudience' = 'all'
'InternalMessage' = 'I am not here'
'ExternalMessage' = 'I am not here'
'StartTime' = '01/02/2020 01:00:00'
'EndTime' = '02/02/2020 23:00:00'
}
Set-MailboxAutoReplyConfiguration #setmailbox
my issue is with the Identity parameter,
when I run the $setmailbox
I can see that it showing the right UPN from the csv file:
Name Value
---- -----
AutoReplyState Scheduled
externalaudience all
Identity {blah#blah.com, blah2#blah.com}
StartTime 01/02/2020 01:00:00
EndTime 02/02/2020 23:00:00
InternalMessage I am not here
ExternalMessage I am not here
But when I run the script, i'am getting this error:
Cannot process argument transformation on parameter 'Identity'. Cannot convert the "System.Collections.ArrayList" value of type "System.Collections.ArrayList" to type "Microsoft.Exchange.Configuration.Tasks.MailboxLocationIdParameter".
+ CategoryInfo : InvalidData: (:) [Set-MailboxAutoReplyConfiguration], ParameterBindin...mationException
+ FullyQualifiedErrorId : ParameterArgumentTransformationError,Set-MailboxAutoReplyConfiguration
+ PSComputerName : outlook.office365.com
I've tried to change this:
'Identity' = $usersfile.UserPrincipalName
to almost any thing, and it didn't work.
Thanks a lot for your help.
PS:
I know that I can do something like that:
Import-Csv 'C:\Users.csv' | ForEach-Object {
$user = $_."UserPrincipalName"
Set-MailboxAutoReplyConfiguration `
-Identity $user -AutoReplyState Scheduled -StartTime "07/10/2018 01:00:00" `
-EndTime "7/15/2018 23:00:00" -InternalMessage "I am not here" -ExternalMessage "I am not here."
}
but for practice purposes I prefer to do it with the hash table in order to understand it better.
Solution:
thanks to #Lee_Dailey, I didn't noticed that the identity parameter accepts only one user each time, so the solution for multi user is to use the foreach-object.
I'm trying to make a report that lists a server name, vm name, and notes section from the vm but I cannot seem to get this code to run, it always gives me this error:
Select-Object : Cannot convert 'System.Object[]' to the type
'System.String' required by parameter 'ExpandProperty'. not supported.
At C:\Cooper\Jobs\Get-VmNotes - Copy.ps1:32 char:48 + get-vm -server
FA0150 | Select -expandproperty $server, Name, Notes +
~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidArgument:
(:) [Select-Object], ParameterBindingException +
FullyQualifiedErrorId :
CannotConvertArgument,Microsoft.PowerShell.Commands.SelectObjectCommand
I can get the vmname and notes to output together but I just want to have a column that lists the vcenter server it is associated with.
Expand property is like the same as saying (Get-VM -Server FA0150).Name. It expands the property name you are selecting. You were trying to expand 3 properties (System.Object[]), but it is looking for just a string name of the property you want to expand. Use -Property instead.
get-vm -server FA0150 | Select-Object -Property Name,Notes
get-vm -server FA0150 | Select-Object -Property Name,Notes | Format-Table -Autosize
To also include the server name I made it into a script form since it can no longer be a one-liner:
[CmdletBinding()]
Param ( $Server )
$VMs = Get-VM -Server $Server
$VMs | Select-Object -Properties #(
#{ Label = 'Server';Expression = { $Server } }
'Name'
'Notes'
)
I found a solution to my problem using New-ViProperty. The only problem is now it creates four separate csv files and I want to combine them all into one based on the filename, keeping the same format, and delete the four others based on their filename. Is there an easy way to do this?
I'm writing a PowerShell script to create a new Active Directory group and automatically put it in the correct OU, depending on what department the user is in. The script gets the department from the user in Active Directory and then needs to use that as the name of the OU in active directory. When I don't use the variable in the AD path, this script works.
[string]$department = Get-ADUser -identity johndoe -properties department | Select department
New-ADGroup -Name NewADGroup -GroupScope Global -path “OU=($department),OU=SubDepartment,OU=MainDepartment,DC=OrgName”
However, when I try to use the variable $department as above, I get the following error:
New-ADGroup : The object name has bad syntax
At C:\Users\JohnDoe\Desktop\CreateNewGroup.ps1:7 char:1
+ New-ADGroup -Name NewADGroup -GroupScope Global -path
"OU=($department ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (CN=NewADGroup,DC=OrgName
:String) [New-ADGroup], ADException
+ FullyQualifiedErrorId : ActiveDirectoryServer:8335,Microsoft.ActiveDirec
tory.Management.Commands.NewADGroup
How can I call that variable inside the Active Directory path?
You actually have 2 issues here that are common pitfalls.
$department is not a string per se but a string representation of an object with a deparment property. You need to break the string out. That is what -ExpandProperty was for. If you looked at your department now you would see something like #{Department="IT"}
You are also having issues with variable expansion in strings.
[string]$department = Get-ADUser -identity johndoe -properties department | Select -Expandproperty department
New-ADGroup -Name NewADGroup -GroupScope Global -path "OU=$department,OU=SubDepartment,OU=MainDepartment,DC=OrgName"
If you are not calling properties or complex object then removing the brackets is sufficient. Else you can just use a sub expression "OU=$($department),OU=SubDepartment,OU=MainDepartment,DC=OrgName". Without the $ sign the brackets were considered part of the string.
try a dollar sign in front of the opening parenthesis like this:
"OU=$($department)..."
I am completely new to powershell, I have never touched this scripting language before. However, I have some backgrounds in perl and bash scripting. I am trying to implement a small script that will obtain the list of DG in Exchange server, filters the results to get only the groups that have a certain string, corresponding to the current year.
Example: check the year, in this case 2011.
Filter Name Contains 'P11'
Return only the last DG name and parse the first 7 characters.
How could I do this using powershell from an exchange server? Here is what I got:
add-pssnapin Microsoft.Exchange.Management.PowerShell.E2010
# Retrieve all DGs
$temp = Get-DistributionGroup -ResultSize Unlimited |
foreach($group in $temp)
{
write-output "GroupName:$group "
Write-output "GroupMembers:"
Get-DistributionGroupMember $group |ft displayname,alias,primarysmtpaddress
write-output ‘ ‘
}
this results in the following error:
Unexpected token 'in' in expression or statement. At
C:\Users\jfb\Desktop\NewGroupProject.ps1:7 char:18
+ foreach($group in <<<< $temp)
+ CategoryInfo : ParserError: (in:String) [],
ParseException
+ FullyQualifiedErrorId : UnexpectedToken
Remove the trailing | in the line $temp = Get-DistributionGroup -ResultSize Unlimited | and it should work fine.
What is happening is that since you had the | it is treating the foreach as a foreach-object
Try this (not tested). Create a date object,using Get-Date, and format the date to include the last two digits of the year enclosed in asterisks. This would be the wildcard for the Get-DistributionGroup cmdlet. Select the last DG object and expand its name.
$name = Get-Date -Format *Pyy*
$group = Get-DistributionGroup $name | Select-Object -Last 1 -ExpandProperty Name
if($group)
{
$group.Substring(0,7)
}