Runas Task Sequence (Full Version)

All Forums >> [Management Products] >> System Center Products >> System Center Configuration Manager



Message

wbracken -> Runas Task Sequence (7/11/2008 5:31:05 PM)

I just realized that teh RunAs command line option is gone for Task Sequencing?  Was this an SP1 thing?

Anyway, I have a script that needs to run in the context of a user who has rights to delete a direct membership rule as the last step in my PXE boot sequence. (to remove it from the "Unknown Computers" collection)

Before I start cracking at this anyone have any tricks up their sleeves?  :)

Thanks!



rbennett806 -> RE: Runas Task Sequence (7/14/2008 5:20:17 PM)

So I'd first suggest backing up a step and looking at your collection and asking yourself why manual intervention is needed. Can't you adjust whatever membership query you're using so that it's dynamic and the resource object is pulled out of that collection when the machine is imaged?

Otherwise, would you want to put the username and password into the script file itself? While I haven't done it during the OSD process, I'd think you'd be able to connect to the SQL database with a set of supplied credentials and use that connection to perform your needed tasks.

Function ConnectToSCCM
' Attempts to use the provided information to connect to the SCCM environment.
On Error Resume Next
Set objLocator = CreateObject("WbemScripting.SWbemLocator")
Set objSMS = objLocator.ConnectServer(strSCCMServerFQDN, "root\sms\site_" & strSiteCode, strUserName, strPassword)
If Err then
   Err.Clear
   ConnectToSCCM = "NoAccess"
   Exit Function
End If
ConnectToSCCM = "Accessed"
End Function

Just a thought...



wbracken -> RE: Runas Task Sequence (7/15/2008 8:49:55 AM)

Thanks for the reply.  The issue I am trying to get around is the direct membership rule that gets created with the PXEFilter.  So effectively I have the PXEFilter script that adds a machine to the specified "Bare Metal" or "Unknown Computers" collection (whatever you choose to call it).  I want to advertise mutliple Task seqeunces as options to choose from for this type of deplyment (ie. run from server, download and execute, complete backup then reimage, diagnostics boot cd, etc.)  this requires me to NOT make the adverts mandatory.  If the machine is then left in the Collection, after the user logs on they get the nice little pop up that show the other Task Seqeunces that are advertised to that Collection as available programs.  This scenerio will without a doubt cause people to re-image their machines by accident.  I dont ever want to present the end user with an "option" to re-image.  I want it to be controlled by IT and by the time the user sees it is should be mandatory.

Too my knowledge adding a query based rule to the collection will only affect members that are dymanically added to the collection, leaving the direct memberships intact.  Is there a trick to this?

I will give your code above a shot.  If you have any other suggestions though please do tell!! 

Thanks!



Page: [1]

Valid CSS!




Forum Software © ASPPlayground.NET Advanced Edition 2.4.5 ANSI
0.25