Saturday, 4 October 2014

Enable the Members of All Local Groups of Machines inventory for ConfigMgr 2012


Steps by Step Guide to Enable the Members of All Local Groups of Machines inventory for ConfigMgr 2012,(Steps tested on ConfigMgr 2012 Infra only),
Three phases to enable the local group details inventory,

Phase 1 à Enable the cm_localgroupmembers classes in hardware inventory client settings, if you already enabled then skip this step.
Phase 2à  on Clients machines building the Custom WMI Namespace for cm_localgroupmembers under root\cimv2 using VB Scripts
Phase 3 à Reports
Steps for Phase 1

·         Save the below as "Localgroup.mof"

#pragma deleteclass ("LocalGroupMembers",NOFAIL)
[ SMS_Report (TRUE),
SMS_Group_Name ("LocalGroupMembers"),
SMS_Class_ID ("LocalGroupMembers") ]
class cm_LocalGroupMembers : SMS_Class_Template
{
[SMS_Report (TRUE), key ] string Account;
[SMS_Report (TRUE) ] string Category;
[SMS_Report (TRUE) ] string Domain;
[SMS_Report (TRUE), key ] string Name;
[SMS_Report (TRUE) ] string Type;
};

·         Open ConfigMgr Console, Click on Administration, Client Settings, right-click  'Default Client Settings', and go to properties. Select Hardware Inventory, then on the right "Set Classes...", then "Import..." and browse to the Localgroup.mof file you saved. A couple of OKs, later... then wait for 15 -30 Min.

·         CM_LocalGroupMembers classes added successfully, Please verify in Hardware inventory class as per below screen shot.

  
Steps for Phase 2

·         Download below VB Script text file & Save as .VBS extension.
on error resume next
'Steps
'enumerate from win32_group where localaccount=1
'Read in the members of each local group returned
'Add the returned information to a custom WMI namespace
'sms-def.mof to pull that back.
Set fso = CreateObject("Scripting.FileSystemObject")
Set nwo = CreateObject("Wscript.Network")
Set sho = CreateObject("Wscript.Shell")
TempFolder = sho.ExpandEnvironmentStrings("%temp%")
strWindir = sho.ExpandEnvironmentStrings("%windir%")
strComputer = nwo.ComputerName
Dim wbemCimtypeSint16
Dim wbemCimtypeSint32
Dim wbemCimtypeReal32
Dim wbemCimtypeReal64
Dim wbemCimtypeString
Dim wbemCimtypeBoolean
Dim wbemCimtypeObject

Dim wbemCimtypeSint8
Dim wbemCimtypeUint8
Dim wbemCimtypeUint16
Dim wbemCimtypeUint32
Dim wbemCimtypeSint64
Dim wbemCimtypeUint64
Dim wbemCimtypeDateTime
Dim wbemCimtypeReference
Dim wbemCimtypeChar16

wbemCimtypeSint16 = 2
wbemCimtypeSint32 = 3
wbemCimtypeReal32 = 4
wbemCimtypeReal64 = 5
wbemCimtypeString = 8
wbemCimtypeBoolean = 11
wbemCimtypeObject = 13
wbemCimtypeSint8 = 16
wbemCimtypeUint8 = 17
wbemCimtypeUint16 = 18
wbemCimtypeUint32 = 19
wbemCimtypeSint64 = 20
wbemCimtypeUint64 = 21
wbemCimtypeDateTime = 101
wbemCimtypeReference = 102

wbemCimtypeChar16 = 103
' Remove classes
Set oLocation = CreateObject("WbemScripting.SWbemLocator")
'===================
'If this is a Domain Controller, bail!
'===================
Set oWMI = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\.\root\cimv2")
Set colComputer = oWMI.ExecQuery _
("Select DomainRole from Win32_ComputerSystem")
For Each oComputer in colComputer
 if (oComputer.DomainRole = 4 or oComputer.DomainRole = 5) then
   wscript.echo "DomainController, So I'm quitting!"
   'wscript.quit
 Else
'==================
'If it is NOT a domain controller, then continue gathering info
'and stuff it into WMI for later easy retrieval
'==================

Set oServices = oLocation.ConnectServer(,"root\cimv2")
set oNewObject = oServices.Get("CM_LocalGroupMembers")
oNewObject.Delete_
'==================

'Get the local Group Names
'==================
Dim iGroups(300)
i=0
Set objWMIService = GetObject("winmgmts:" _
        & "{impersonationLevel=impersonate}!\\.\root\cimv2")
Set colGroup = objWMIService.ExecQuery("select * from win32_group where localaccount=1")
for each obj in colGroup
  igroups(i)=obj.Name
  i=i+1
next

'===============
'Get all of the names within each group
dim strLocal(300)
k=0
Set oLocation = CreateObject("WbemScripting.SWbemLocator")
Set oServices = oLocation.ConnectServer(, "root\cimv2" )

'group name, domain name, user or group
for j = 0 to i-1

squery = "select partcomponent from win32_groupuser where groupcomponent = ""\\\\" &_
 strComputer & "
\\root\\cimv2:Win32_Group.Domain=\""" & strComputer &_
 "\"",Name=\""" &igroups(j) & "\"""""

Set oInstances = oServices.ExecQuery(sQuery)
 FOR EACH oObject in oInstances
  strLocal(k)=igroups(j) & "!" & oObject.PartComponent

  k=k+1
 Next
next

'==================
'Drop that into a custom wmi Namespace
'==================


' Create data class structure
Set oDataObject = oServices.Get
oDataObject.Path_.Class = "CM_LocalGroupMembers"
oDataObject.Properties_.add "Account" , wbemCimtypeString
oDataObject.Properties_("Account").Qualifiers_.add "key" , True
oDataObject.Properties_.add "Domain" , wbemCimtypeString
oDataObject.Properties_.add "Category" , wbemCimtypeString
oDataObject.Properties_.add "Type" , wbemCimtypeString
oDataObject.Properties_.add "Name" , wbemCimtypeString
oDataObject.Properties_("Name").Qualifiers_.add "key" , True
oDataObject.Put_

for m = 0 to k-1
Set oNewObject = oServices.Get("CM_LocalGroupMembers" ).SpawnInstance_
str0 = Split(strLocal(m), "!", -1, 1)
str1 = Split(str0(1), "," , -1, 1)
str2 = Split(str1(0), "\" , -1, 1)

str4 = Split(str2(4), Chr(34), -1, 1)

' The Account name or Group Name is inside the quotes after the comma
str3 = Split(str1(1), Chr(34), -1, 1)
' if the wmi source name is the same as the domain name inside the quotes, it' s a local account
' str2(2) is the wmi source name, str4(1) is the domain name inside the quotes.
If lcase(str2(2)) = lcase(str4(1)) Then
oNewObject.Type = "Local"
Else
oNewObject.Type = "Domain"
End If

oNewObject.Domain = str4(1)
oNewObject.Account = str3(1)
oNewObject.Name = str0(0)
Select Case lcase(str4(0))
  case "cimv2:win32_useraccount.domain="
  
oNewObject.Category = "UserAccount"
  Case "cimv2:win32_group.domain="
   oNewObject.Category = "Group"
  Case "cimv2:win32_systemaccount.domain="
   oNewObject.Category = "SystemAccount"
  case else
   oNewObject.Category = "unknown"
end select
oNewObject.Put_
Next
wscript.echo "ok"

 end if
Next

wscript.quit
·      As per best pratices please run this script file on two there workstation machines before deploying on mass roll-out. 
      ·         Verify the below WMI class exist or not in Client machines after execute this script manually


·       If everything is okay then deploy this Script on Clients machines using Software distribution features

Steps for Phase 3

After successfully execute steps 1 & 2, Local group members details are captured in SCCM database, V_GS_CM_LOCALGROUPMEMBERS View will create automatically against ConfigMgr database,

Below the Standard SQL query to verify the local Group members ship details,


You can customize the report or SQL Query as per your requirement. J

 

 

1 comment:

  1. Hi Praveen,

    Good article, I have followed all the instructions given,
    When I run the query against the ConfigMgr Database an error occurred: Invalid object name 'v_GS_Localgroupmembers'.

    Also, is there any way to add another column for the logon timestamp?

    Any suggestion?

    ReplyDelete