Installing Applications Dynamically during OS using AD group

As shown and promised at MMS 2016 in Minnesota, probably the best tech event I ever attended by the way!!, I talked about and showed how I have installed applications dynamically using Configuration Manager for the last 4 years during my session with Kent Agerlund and Ryan Ephgrave. I love to keep it simple.

Update: The script is now updated so it supports nested groups and use _SMSTSMachineName as computername. Thanks to Daniel Marklund for great additions!

By reading the application name from the AD group description field instead of from a Collection in Configuration Manager we don’t need access to the Site Server during OSD, the local domain controller will be used. We can also pre-stage computers in AD without having a MAC address yet just by creating the computer in AD and the add it to the groups, the Unknown computer support can be used to deploy the machine for instance, you select the correct name and the applications are installed..

Here is how it works.

– I Use a naming convention for my AD groups which are used in Configuration Manager Collection queries to install applications for example a prefix of “App-“ or “A.” with a suffix for Install groups for instance “.i” something like this “A.7Zip.920.i”


-I put the exact name of the application in Configuration Manager in the Description field of the AD Group. If I don’t want to install the application during OSD simply remove the description.



-In the Task Sequence I run a script that reads the description field from all the groups that starts with my prefix and adds them to the COALESCEDAPPS variable so that they are installed automatically during OS deployment using the built-in step in Configuration Manager.


Then the applications will be installed dynamically

To implement it do the following.

  1. Download the script and add it to a Package in Configuration Manager here: Download
  2. Edit the two variables so it matches your naming convention for your AD groups.
  3. Add the Application name to the AD groups description field in AD as shown above
  4. Add one step in the task sequence that runs the Powershell script, it must be run in the full Operating System after the “Setup Windows and Configuration Manager”
  5. Then we add the step to install the applications dynamically.
  6. On the Options tab for the Install Applications step add the following condition to prevent the task sequence from failing if you don’t have any applications to install.Installapps9

Then you are all set!

Thanks to my awesome colleague Johan Schrewelius, this script was actually a vbscript when the conference started! Johan rewrote it when I was presenting.


Leave a Reply to Thomas Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.