I finally got around testing the new Orchestrator Task in MDT 2012 Update 1 and wow is the word that comes into mind!
I thought well I will do two simple tests to see how it works, now I am hooked. I added two Orchestrator tasks in my OS Deployment Task Sequence the first step will remove the computer from the OSD Collection when it is completed and the other step will send an E-Mail if the OS deployment fails.
Two fairly simple tasks but think about the possibilities, updating the Service Request for re-installing a computer in Service Manager with status on where the installation is, adding a computer dynamically to a asset system or counting the number of time a computer is being re-installed which can be useful for seeing trends and identifying problems with models e.t.c.
Here is how to create a Runbook to remove the computer from a Collection after a successful OS deployment, which is something fairly often scripted today:
Environment prerequisites:
- Configuration Manager 2012 site configured for OSD
- MDT 2012 Update 1
- The Network Access account need to be a Orchestrator User
1. In the Orchestrator Runbook designer I created a Runbook with the two following steps:
2. Add a variable to the Initialize Data step like this:
3. Create a new step using the Delete Collection Rule activity from the System Center 2012 Configuration Manager Integration Pack. It defaults to “Direct” instead of “Direct Rule” so remember to change that. When creating the Membership rule right-click and select Subscribe / Published Data and select “Computername” in the list.
4. Test the Runbook and Check it in after testing it successfully.
5.Create a new step in the SCCM/MDT Task Sequence like the one below, it is really simple type in the name if the Orchestrator server and press Browse then you will be able to browse all runbooks available on the Orchestrator server. The UI will find that the Runbook requires input, in this case in the form of Computername so you can select to pass a variable along.
That is it, incredibly easy!
You are now ready to test out your Runbook integration. Don’t forget to configure security in Orchestrator so you have permission to execute the Runbook
Here is a another example on how to use the Orchestrator integration from Peter van der Woude, which display how to move the computer to the correct OU after deployment, which is another popular thing to script. http://www.petervanderwoude.nl/post/using-the-power-of-orchestrator-to-move-a-computer-to-a-different-ou-via-configmgr-2012/
So now we can use Runbooks instead of doing a lot of scripting in our deployment solutions!! However when you want to do more advanced things you will need sooner or later write your own Powershell script to achieve this, so scripting is still needed don’t worry 😉
Hi Jorgen
We so much want to use Orchestrator but we can’t figure out what we are missing.
When we run the taskt seq we get this error:
“The task sequence execution engine failed executing the action (Remove PC from Collection) in the group (New Group) with the error code 10801
Action output: … 9-1″/>
401 – Unauthorized: Access is denied due to invalid credentials.
Server Error
401 – Unauthorized: Access is denied due to invalid credentials.
You do not have permission to view this directory or page using the credentials that you supplied.. The operating system reported error 1: Incorrect function. ”
Please help
Best regards
Morten
Hi,
Sorry for the extremely late answer.
It sounds like the account you run the exectue the runbook are not the correct one. make sure that the account you execute the runbook with has the permissions needed.
If you don’t use “Run as the following user” then it is executed with the Network access account.
/Jörgen
Hi,
It’s okay 🙂
In the task seq. it’s not possible to do “Run as” on task “Execute Runbook”?
Or are we doing something wrong?
/Morten