SCCM Configmgr How to implement Jason Sandys Client Startup Script to achieve good client success rate

Recently ,I worked on on a SCCM project and as initial step ,it was mandatory to bring all the desktops and servers (where ever it was missing) into SCCM with Client installed.

Though ,there are different client installation methods available to install SCCM Client , one of the  most widely used client installation method is Client startup script deployed via group policy.

Jason Sandys (MVP) created nice Client Startup Script (group policy) that install configmgr client agent during the system initial boot up.

If you want to achieve good client success rate ,would strongly recommend to look into script and get it implemented .

You can download the script from his blog post http://blog.configmgrftw.com/configmgr-client-startup-script/ .It has pdf document with all the instructions ,how to edit the xml file to make necessary changes.

image

In this blog post, I will show you, how to implement Jason Sandys client start script in your environment starting from creation of SCCM client folder ,creation of group policy ,deploying the group policy and tracking the results incase of any failures. Hope this blog can help to start with.

1. Login to your SCCM server ,create a folder called SCCMClient in D:drive( any other)

image

2. Copy the SCCM Client installation source files from your SCCM installed directory to above created folder (SCCMClient).

image

Copy the client installation files to SCCMClient folder

image

3.Create folder called hotfix in SCCMClient folder to place the hotfixes if at all any. (If you do not have any hotfixes to install ,you can simply ignore this step) .This step is needed to install the hotfixes along with SCCM client . If you are running on configmgr R2 SP1 CU3, then you need copy CU3 hotfix files into it.

image

4. Since am running on SCCM 2012 R2 SP1 CU3 (KB3135680) ,go to your hotfix folder (D:\Program Files\Microsoft Configuration Manager\hotfix\KB3135680\Client) ,identify the correct KB (latest cumulative update) ,client folder, copy the folder into hotfix folder.

image

Copy above 2 folders into hotfix folder

image

5. Now we need to share this folder so that ,it can be accessed during the client install at system boot up time.

Right click on the folder properties ,Go to sharing tab ,advance sharing

image

Client on Permissions ,give full control to every one

image

Click Ok ,Ok ,Ok

Note the share folder path which is need to input into the control file (xml) later.

image

6. Now ,we will create another folder inside the SCCMClient to store the error logs for the client that fail for some reason so we can investigate at later times.

Create a folder called Errorlogs

image

7. With this ,we have finished with folder creation and copied all necessary files . Now lets edit the start up script file and move onto group policy creation.

Go to the downloaded script folder ,edit ConfigMgrStartup.xml using notepad and make necessary changes as said in the PDF document .

This xml file is used supply the input parameters need for vbscript during the client installation.

You are required to make couple of changes as listed below (mandatory).

Parameters to edit are:

AgentVersion—Client with less than this version will initiate SCCM client install

ClientLocation—Client installation folder what we created above initiate ccmsetup from specified.

ErrorLocation –to store the error logs (computername.log) incase of any SCCM client failure

AutoHotfix –if you have any hotfix to install ,will added to the ccmsetup.exe command line else ,you can ignore this .

SMSMP---Management Point

For all the location paths, I would recommend to use FQDN instead of hostname.

My xml file looks like this:

<?xml version="1.0"?>
<Startup>
<Option Name="LocalAdmin" >eskonr/localadmin</Option>
<Option Name="SiteCode" >P01</Option>
<Option Name="CacheSize">10120</Option>
<Option Name="AgentVersion">5.00.8239.1403</Option>
<Option Name="MinimumInterval">0</Option>
<Option Name="ClientLocation">\\SGCM01.apac.eskonr.com\SCCMClient</Option>
<Option Name="MaxLogFile">2048</Option>
<Option Name="ErrorLocation">\\SGCM01.apac.eskonr.com\SCCMClient\Errorlogs</Option>
<Option Name="AutoHotfix">\\SGCM01.apac.eskonr.com\SCCMClient\Hotfix</Option>
<Option Name="Delay" >5</Option>
<InstallProperty Name="FSP">SGCM01.apac.eskonr.com</InstallProperty>
<InstallProperty Name="SMSMP">SGCM01.apac.eskonr.com</InstallProperty>
<CCMSetupParameter Name="BITSPriority">HIGH</CCMSetupParameter>
<CCMSetupParameter Name="noservice" />
<ServiceCheck Name="BITS" State="Running" StartMode="Auto" Enforce="True" />
<ServiceCheck Name="winmgmt" State="Running" StartMode="Auto" Enforce="True" />
<ServiceCheck Name="wuauserv" State="Running" StartMode="Auto" Enforce="True" />
<ServiceCheck Name="lanmanserver" State="Running" StartMode="Auto" Enforce="True" />
<ServiceCheck Name="RpcSs" State="Running" StartMode="Auto" Enforce="True" />
<RegistryValueCheck Key="HKLM\SOFTWARE\Microsoft\Ole" Value="EnableDCOM" Expected="Y" Enforce="True" Type="REG_SZ"/>
<RegistryValueCheck Key="HKLM\SOFTWARE\Microsoft\Ole" Value="EnableRemoteConnect" Expected="Y" Enforce="False" Type="REG_SZ"/>
<RegistryValueCheck Key="HKLM\SOFTWARE\Microsoft\Ole" Value="LegacyAuthenticationLevel" Expected="2" Enforce="False" Type="REG_DWORD"/>
<RegistryValueCheck Key="HKLM\SOFTWARE\Microsoft\Ole" Value="LegacyImpersonationLevel" Expected="2" Enforce="False" Type="REG_DWORD"/>
</Startup>

save the xml file .

we are now ready to implement the client start up script using Group policy.

if you are not authorized/permission issues to create group policy ,take the below scripts and handover to Active Directory guy to create start up script for you.

image

8.Login to the domain controller ,Go to Group Policy Management console ,create new Group policy and called it ‘Install Configmgr Client 2012’

image

image

Right on the GPO you created above and click on edit

image

Drill down to Policies –windows settings –scripts (startup/ Shutdown) ,double click on startup

image

Click on Show files

image

Now we need to place the vbscript and xml file in the startup folder

image

image

If you have issues with access denied when trying to place the files, you may have to open the actual folder (C:\windows etc) on your domain controller to place the files.

Go back to the startup script properties and click add and browse to select vb script

image

select ConfigMgrStartup1.75.vbs

image

image

In the script parameters ,type in /Config:ConfigMgrStartup.xml

image

Click ok

image

Click ok and close the Group Policy Management Editor .

we are now ready to link the GPO to any OU that you want the computers receive Configmgr client during the system boot up.

For troubleshooting ,script will create log file with name Scriptfilename.log (ConfigMgrStartup1.75.vbs.log) in C:\windows\temp folder and for some reason ,the client did not install ,it will copy the log file to errorlog location with computer name as log file.

Hope it helps.

Leave a Reply