As shown and promised at MMS 2016 in Minnesota, probably the best tech event I ever attended by the way!!, I talked about and showed how I have installed applications dynamically using Configuration Manager for the last 4 years during my session with Kent Agerlund and Ryan Ephgrave. I love to keep it simple.
Update: The script is now updated so it supports nested groups and use _SMSTSMachineName as computername. Thanks to Daniel Marklund for great additions!
By reading the application name from the AD group description field instead of from a Collection in Configuration Manager we don’t need access to the Site Server during OSD, the local domain controller will be used. We can also pre-stage computers in AD without having a MAC address yet just by creating the computer in AD and the add it to the groups, the Unknown computer support can be used to deploy the machine for instance, you select the correct name and the applications are installed..
Here is how it works.
– I Use a naming convention for my AD groups which are used in Configuration Manager Collection queries to install applications for example a prefix of “App-“ or “A.” with a suffix for Install groups for instance “.i” something like this “A.7Zip.920.i”
-I put the exact name of the application in Configuration Manager in the Description field of the AD Group. If I don’t want to install the application during OSD simply remove the description.
-In the Task Sequence I run a script that reads the description field from all the groups that starts with my prefix and adds them to the COALESCEDAPPS variable so that they are installed automatically during OS deployment using the built-in step in Configuration Manager.
Then the applications will be installed dynamically
To implement it do the following.
- Download the script and add it to a Package in Configuration Manager here: Download
- Edit the two variables so it matches your naming convention for your AD groups.
- Add the Application name to the AD groups description field in AD as shown above
- Add one step in the task sequence that runs the Powershell script, it must be run in the full Operating System after the “Setup Windows and Configuration Manager”
- Then we add the step to install the applications dynamically.
- On the Options tab for the Install Applications step add the following condition to prevent the task sequence from failing if you don’t have any applications to install.
Then you are all set!
Thanks to my awesome colleague Johan Schrewelius, this script was actually a vbscript when the conference started! Johan rewrote it when I was presenting.
colleague
If I remember correctly, you had a similar solution for package also 🙂
Hi,
Correct using vbscript, let me know if you want it!
/Jörgen
Hi Jörgen,
Do you by any chance still have the VBScript for dealing with packages rather than Applications?
It would seem a myself and a few others could really benefit from its use.
Thanks
Simon
Hi,
I get this error in smsts.log: “No Env variable with specified basename COALESCEDAPPS and suffix ’01’ is found. No application installed.”
Any ideas?
Thanks
Regards
Claus
Hi again,
I have change “OSDComputerName” to “_SMSTSMachineName”. Now it installes one application. But not all of them. It seams that there is something wrong with the foreach loop.
Regards Claus
Hi,
Yes I will change the computername variable used. It is also case-sensitive for the “A.” and “.i” are the “allow applications to be installed during Task Sequence without being deployed” checked for the applications?
/Jörgen
yes, the “allow applications to be installed during Task Sequence without being deployed” is checked. I would also like the vb script.
Thanks
/Claus
After you have updated the script it works for me. Did you have a solution for packages as well?
Thanks
/Claus
Hi,
great Script – There are some Problems using the Script with PowerShell 2.0, for now i’ve not found a solution.
I have also Extended the Script with logging Function. Please contact by Mail, so i can send you my updated Version.
Thanks
Works great, but why would you rather use this than variables on groups in Config mgr? This route seems to add a step to make sure the computer is part of a group.
I know all environments are different, for instance in my environment I can say for the most part computers in OU-A should get X applications and computers in OU-B should get Y, therefor variables on a group in CM which are kept up to date by a query on OU seems to be pretty straight forward.
Even if you stuck with the groups couldn’t you also add the groups to CM (using a query on the AD group) and assign variables to the groups? This would eliminate the need for the Powershell script.
I understand your method removes the need to communicate with the CM server but is there really any advantage there?
Thanks
Hi,
One reason would be to be able to prestage computers in AD without knowin MAC/UUID and still be able to install applications on them dynamically during OS deployment using AD groups instead.
Regards,
Jörgen
That’s an interesting approach to deploy software.
I currently apply a completely different approach:
When we’re getting ready to image a workstation, we move the workstation to a specific OU for computer building.
In order to get a computer up and running as fast as possible, we put the least applications possible in the task sequence. Instead, we have a collection to which base software that are normalized to each computer are deployed as soon as possible outside of maintenance window.
What this does is, once the computer is imaged, the software deploys ASAP. Once the software is deployed, we move the workstation to the proper OU for production, and in SCCM, it will not figure for outside maintenance window deployment anymore.
Another possible approach would be to set a very wide maintenance window into the collection to which your newly imaged workstation will appear under until you move them.
Hi Jörgen,
Can’t make this work and would appreciate some help.
Get-AppGroups.ps1 runs with no errors but the next step is skipt because the condition is evaluated to be false.
I have tried to run the script manually from TS and I can confirm that it finds the Computer and it’s AD groups in AD so I guess that something goes wrong after that. There is no COALESCEDAPPS01 variable or it’s null.
My prefix = “APP” and suffix = “install”. Application name in CM also starts with APP but that should not matter.
Hi, sounds great. How do I modify the Script, that i can directly use the AD GroupName where my Computer is located. My AD Groups already have the Final Application Name. I have different Prefixes and Suffixes. In my description field are more Information than only the Application Name.
Thanks in advance.
Thanks. It doesn’t seem to work if I have an application group inside another group. I thought that’s what the “support for nested groups” was but maybe it’s something different. Help? Let’s say I create a “Lab” group and put an application “A.app.i” as member of that Lab group, and my computer is also member of the Lab group, it doesn’t seem to pick it up. It will not create the TS variable for it.