I wrote a post way back where I used a Powershell script to query AD group description for Applications to install dynamically during OS deployment in Configuration Manager. There was a couple of comments and recently a request to extend that script to also install packages dynamically during OS Deployment. The old post can be read here: https://ccmexec.com/2016/05/installing-applications-dynamically-during-os-using-ad-group/
So here it is as promised, this script will install both applications and packages/programs during OS deployment dynamically.
It will read the description of AD groups and match it using a Prefix and Suffix to identify groups used for Applications / Packages. In the Description field for AD groups used for applications we add the application name and for packages we the packageID and program to run like shown below.
To use it:
- Save the script below and edit the following lines so it matches the environment it is run in
$Prefix = “A.”
$Suffix = “.i”
$SiteCode = “060” - Create a package with the script so we can run it in a Task Sequence
- Add the script to the Task Sequence using the run Powershell script command
- Add an Install Application Step using these settings.
With the following condition so it is skipped if the are no applications to install
- Add an Install Packages Step using these settings.
With the following condition so it is skipped if there are no packages to install
The script:
# Written by Johan Schrewelius / Jörgen Nilsson
# https://ccmexec.com
# Version 1.1
# Added fallback to _SMSTSMAchineName if OSDComputerName is missing
# Thanks to Daniel Marklund for testing and adding features (Nested groups)!
# Version 1.2
# Update 2/12/2017: Added support for PackageID:Program in description attribute – Limitation: Application name must not start with SiteCode
$Prefix = “A.”
$Suffix = “.i”
$SiteCode = “060”
$tsenv = New-Object -COMObject Microsoft.SMS.TSEnvironment
$CmpName = $tsenv.Value(“OSDComputerName”)
if(!$CmpName) { $CmpName = $tsenv.Value(“_SMSTSMachineName”) }
$ADObjectDN = ([ADSISEARCHER]”samaccountname=$($CmpName)`$”).Findone().Properties.distinguishedname
$AllGroups =([ADSISEARCHER]”member:1.2.840.113556.1.4.1941:=$ADObjectDN”).FindAll()
$DescList = $AllGroups.Path `
| Where { ($_ -replace ‘^LDAP://CN=([^,]+).+$’,’$1′).StartsWith($Prefix) -and ($_ -replace ‘^LDAP://CN=([^,]+).+$’,’$1′).EndsWith($Suffix) } `
| Foreach { ([ADSI]”$_”).Description }
$AppCount = 1
$PkgCount = 1
$DescList | Where { !$_.StartsWith($SiteCode) } | Foreach { $tsenv.Value(“COALESCEDAPPS” + ($AppCount++).ToString(“00”)) = “$_” }
$DescList | Where { $_.StartsWith($SiteCode) } | Foreach { $tsenv.Value(“PACKAGES” + ($PkgCount++).ToString(“000”)) = “$_” }
That is it.
Hi Jörgen , thanks for this post, very usefull.
What if the application is deployed by a task sequence ? It will work?
Regards
Bruno
Hi,
You would have to use Nested task sequences in that case if the order is important.
/Jörgen