There are many examples out there on how to remove a computer from a collection after OS Deployment is finished. I have used different scripts in different scenarios but at a customer lately we had a requirement to open as few ports as possible in the firewall. If you run a script from the Task Sequence on the client side that remove the device from a collection you will need to for example open RPC High Ports which could be avoided.
That is why I wrote this little Powershell script that will remove the computer from a collection and clear the PXE flag as well using Maik Koster’s excellent webservice instead and a Powershell script to use it. Maik Koster’s webservice can be downloaded here http://mdtcustomizations.codeplex.com/releases , don’t forget to secure it using request filtering in IIS.
The Powershell script
The following script is used to call the webservice, in this example we use Maik Koster’s webservice and call it using UUID as the identifier on the command line. The following lines need to be configured in the script below.
[string]$UsrName = “Contoso\wbssvc”
[string]$UsrPW = “Pa@ssw0rd”
[string]$SiteCode = “123”
[string]$URI = “http://sccm02/webservice/sccm.asmx?WSDL”
Copy the script and place it in a folder that can be used as a package source for a package so we can call the script from a package in the Task Seqeunce.
The script:
Param(
[string]$computerName,
[string]$UUID,
[String]$CollectionID
)
[string]$UsrName = "Contoso\wbssvc"
[string]$UsrPW = "Pa@ssw0rd"
[string]$SiteCode = "123"
[string]$Macaddress = ""
[string]$URI = "http://sccm02/webservice/sccm.asmx?WSDL"
$secpasswd = ConvertTo-SecureString "$UsrPW" -AsPlainText -Force
$mycreds = New-Object System.Management.Automation.PSCredential ("$UsrName", $secpasswd)
$zip = New-WebServiceProxy -uri $URI -Credential $mycreds
# Invoke Web Service
$method = "ClearLastPXEAdvertisementForComputer"
$zip."$method".Invoke("$Macaddress","$UUID","$SiteCode")
try
{
$method = "RemoveComputerFromCollection"
$zip."$method".Invoke("$Macaddress","$UUID","$CollectionID","$ComputerName")
}
catch
{
Write-Output "$_.Exception.Message"
exit 1
}
exit 0
The Task Sequence step
Before we create a package we need to edit the information in the script above. Then create a package from which we can call the script.
I prefer to use a run command line step to run the powerhsell script and call the webservice. Use the package we created before to run the command from.
The following command line can be used, where the last part is the collection the device should be removed from, you need to change that to reflect your environment: “Powershell.exe -NoProfile -ExecutionPolicy ByPass -File RemoveFromOSDCollection1.ps1 %OSDcomputername% %UUID% 06000062”
That should do it, deploy the task sequence and test it out.
Note:
- The script will return an error if the computer cannot be removed from the Collection, you can solve it with continue on error.
- If you import a computer with MAC address you need to change the script to use MAC address instead of UUID to remove it
Works great!!! Flawlessly!! Thanks for the note about the MAC address!! We import machines by mac address so that helped.
Glad to hear it worked, I am planning on posting more scenarios where using a webservice is a great option!
/Jörgen
Is there a way to setup more than one CollectionID? We deploy our OS to about 15 different collections.
Hi,
I will post an example this weekend.
/Jörgen
Cool! I just subscribed to the feed to alert me. Thanks!
Thank you for sharing! Works fine!
Is there a way to not define $UsrPW in the script. I’ve tried with Run commandline and “Run this step as following account” but without success.
The TaskSequence works withoud OSD but in an OSD TaskSequence the WebService fails.