Recently ,I worked on on a SCCM project and as initial step ,it was mandatory to bring all the desktops and servers (where ever it was missing) into SCCM with Client installed.
Though ,there are different client installation methods available to install SCCM Client , one of the most widely used client installation method is Client startup script deployed via group policy.
Jason Sandys (MVP) created nice Client Startup Script (group policy) that install configmgr client agent during the system initial boot up.
If you want to achieve good client success rate ,would strongly recommend to look into script and get it implemented .
You can download the script from his blog post https://home.configmgrftw.com/configmgr-client-startup-script/ .It has pdf document with all the instructions ,how to edit the xml file to make necessary changes.
In this blog post, I will show you, how to implement Jason Sandys client start script in your environment starting from creation of SCCM client folder ,creation of group policy ,deploying the group policy and tracking the results incase of any failures. Hope this blog can help to start with.
1. Login to your SCCM server ,create a folder called SCCMClient in D:drive( any other)
2. Copy the SCCM Client installation source files from your SCCM installed directory to above created folder (SCCMClient).
Copy the client installation files to SCCMClient folder
3.Create folder called hotfix in SCCMClient folder to place the hotfixes if at all any. (If you do not have any hotfixes to install ,you can simply ignore this step) .This step is needed to install the hotfixes along with SCCM client . If you are running on configmgr R2 SP1 CU3, then you need copy CU3 hotfix files into it.
4. Since am running on SCCM 2012 R2 SP1 CU3 (KB3135680) ,go to your hotfix folder (D:\Program Files\Microsoft Configuration Manager\hotfix\KB3135680\Client) ,identify the correct KB (latest cumulative update) ,client folder, copy the folder into hotfix folder.
Copy above 2 folders into hotfix folder
5. Now we need to share this folder so that ,it can be accessed during the client install at system boot up time.
Right click on the folder properties ,Go to sharing tab ,advance sharing
Client on Permissions ,give full control to every one
Click Ok ,Ok ,Ok
Note the share folder path which is need to input into the control file (xml) later.
6. Now ,we will create another folder inside the SCCMClient to store the error logs for the client that fail for some reason so we can investigate at later times.
Create a folder called Errorlogs
7. With this ,we have finished with folder creation and copied all necessary files . Now lets edit the start up script file and move onto group policy creation.
Go to the downloaded script folder ,edit ConfigMgrStartup.xml using notepad and make necessary changes as said in the PDF document .
This xml file is used supply the input parameters need for vbscript during the client installation.
You are required to make couple of changes as listed below (mandatory).
Parameters to edit are:
AgentVersion—Client with less than this version will initiate SCCM client install
ClientLocation—Client installation folder what we created above initiate ccmsetup from specified.
ErrorLocation –to store the error logs (computername.log) incase of any SCCM client failure
AutoHotfix –if you have any hotfix to install ,will added to the ccmsetup.exe command line else ,you can ignore this .
For all the location paths, I would recommend to use FQDN instead of hostname.
My xml file looks like this:
<Option Name="LocalAdmin" >eskonr/localadmin</Option>
<Option Name="SiteCode" >P01</Option>
<Option Name="Delay" >5</Option>
<CCMSetupParameter Name="noservice" />
<ServiceCheck Name="BITS" State="Running" StartMode="Auto" Enforce="True" />
<ServiceCheck Name="winmgmt" State="Running" StartMode="Auto" Enforce="True" />
<ServiceCheck Name="wuauserv" State="Running" StartMode="Auto" Enforce="True" />
<ServiceCheck Name="lanmanserver" State="Running" StartMode="Auto" Enforce="True" />
<ServiceCheck Name="RpcSs" State="Running" StartMode="Auto" Enforce="True" />
<RegistryValueCheck Key="HKLM\SOFTWARE\Microsoft\Ole" Value="EnableDCOM" Expected="Y" Enforce="True" Type="REG_SZ"/>
<RegistryValueCheck Key="HKLM\SOFTWARE\Microsoft\Ole" Value="EnableRemoteConnect" Expected="Y" Enforce="False" Type="REG_SZ"/>
<RegistryValueCheck Key="HKLM\SOFTWARE\Microsoft\Ole" Value="LegacyAuthenticationLevel" Expected="2" Enforce="False" Type="REG_DWORD"/>
<RegistryValueCheck Key="HKLM\SOFTWARE\Microsoft\Ole" Value="LegacyImpersonationLevel" Expected="2" Enforce="False" Type="REG_DWORD"/>
save the xml file .
we are now ready to implement the client start up script using Group policy.
if you are not authorized/permission issues to create group policy ,take the below scripts and handover to Active Directory guy to create start up script for you.
8.Login to the domain controller ,Go to Group Policy Management console ,create new Group policy and called it ‘Install Configmgr Client 2012’
Right on the GPO you created above and click on edit
Drill down to Policies –windows settings –scripts (startup/ Shutdown) ,double click on startup
Click on Show files
Now we need to place the vbscript and xml file in the startup folder
If you have issues with access denied when trying to place the files, you may have to open the actual folder (C:\windows etc) on your domain controller to place the files.
Go back to the startup script properties and click add and browse to select vb script
In the script parameters ,type in /Config:ConfigMgrStartup.xml
Click ok and close the Group Policy Management Editor .
we are now ready to link the GPO to any OU that you want the computers receive Configmgr client during the system boot up.
For troubleshooting ,script will create log file with name Scriptfilename.log (ConfigMgrStartup1.75.vbs.log) in C:\windows\temp folder and for some reason ,the client did not install ,it will copy the log file to errorlog location with computer name as log file.
Hope it helps.