I was able to get most of this written yesterday afternoon, I’ll work on finishing it up, testing and then getting it to run with the WMI event system (Shout out to Trevor Sullivan’s Power Events module http://powerevents.codeplex.com/)
Here is what I’ve written so far, I’ll clean this up with some switch statements, and I think there are a few more possible values for desiredconfigtype and deploymentintent that I need to account for: # SCCM Deployment Warning Script # # Written by: Matt Atkinson ([email protected]) # # Purpose: Send an email alert whenever a deployment targeting more than a certain number of computers/users is created # # Notes: Make sure that you set your warning threshold number (line 24), and the list of email recipients to receive the warning (line 27), # your email server (line 31), location for the SCCM powershell module (line 20), and your SCCM site code. # # # Change log: # # v1.0: Initial Script # param( [string]$AssignmentUniqueID ) ##Import the powershell module for configuration manager (change this if your path is different) import-module "D:\Program Files\Microsoft Configuration Manager\AdminConsole\bin\configurationmanager.psd1" ## Declare variables #Number of computers to be the warning threshold. If the deployment goes to more than this number of computers, warning will be sent $WarningThreshold = 500 #Comma separated list of email addresses to send warning to $EmailAddresses = "#email addresses go here" #Email server $EmailServer = "" #SCCM Site Code $CMSiteCode = "#sitecode" Set-location $CMSiteCode #Get the application name $Application = (Get-CMDeployment -DeploymentId $AssignmentUniqueID).SoftwareName #Get the deployment intent (Install or Uninstall) If ((Get-CMDeployment -DeploymentId $AssignmentUniqueID).DesiredConfigType -eq "2") { $DesiredConfigType = "Uninstalled" } Else { $DesiredConfigType = "Installed" } #Get the deployment intent (Install or Uninstall) If ((Get-CMDeployment -DeploymentId $AssignmentUniqueID).DeploymentIntent -eq "2") { $DeploymentIntent = "Available" } Else { $DeploymentIntent = "Required" } $DeadlineTime = (Get-CMDeployment -DeploymentId $AssignmentUniqueID).EnforcementDeadline #Get the collection that is targeted $TargetCollection = (Get-CMDeployment -DeploymentId $AssignmentUniqueID).CollectionName ###$Creator = (Get-CMDeployment -DeploymentId $AssignmentUniqueID).SoftwareName #Get the member count of the collection after testing whether it is a user or device collection If (Get-CMDeviceCollection -Name "$TargetCollection" -ne $null) { $MemberCount = (Get-CMDeviceCollection -name "$TargetCollection").MemberCount } Else { $MemberCount = (Get-CMUserCollection -name "$TargetCollection").MemberCount } If ($MemberCount -ge $WarningThreshold) { Send-MailMessage -SmtpServer $EmailServer -From "SCCM Warning System" -To "$EmailAddresses" -Subject "SCCM Deployment Notice $Application Being $DesiredConfigType on $MemberCount assets" -Body "Application Name: $Application `n Is Being: $DesiredConfigType`n On: $MemberCount Assets`n The Deployment has a deadline of $DeadlineTime`n" } From: [email protected] [mailto:[email protected]] On Behalf Of Ryan Sent: Tuesday, July 29, 2014 7:56 AM To: [email protected] Subject: Re: [mssms] Deployment warning system? I was thinking of a scheduled task that runs a script every minute, this way I can add a tiny bit of logic into it. I'd think the over-head would be the same. Don't WMI triggers run the query you specify every x seconds and trigger the action if something is returned in the query? How would you exclude something if it is actually supposed to go out to x% of your computers? On Tue, Jul 29, 2014 at 8:38 AM, Michael Mott <[email protected]<mailto:[email protected]>> wrote: Hasn’t the Shy WMI guy already have these triggers in place or blogged out? From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Ryan Sent: Monday, July 28, 2014 11:58 PM To: [email protected]<mailto:[email protected]> Subject: Re: [mssms] Deployment warning system? If you think of something, let me know. Otherwise, I've been thinking of writing something to notify you if you add too many devices to a collection or if you make a new deployment and deploy it to more than x devices. I was also thinking of making it auto-delay (change start date) a required task sequence until you tell it to allow the task sequence. I just need to find the most elegant way of checking every minute if deployments fit that criteria. On Mon, Jul 28, 2014 at 4:31 PM, Atkinson, Matt <[email protected]<mailto:[email protected]>> wrote: Hi All, We’ve been kicking around the idea of some kind of warning system to notify our SCCM team via email when someone creates a deployment targeting more than $x number of computers. Has anyone out there seen or built something like that? I think I can put something together using WMI events and Powershell, but want to make sure it doesn’t already exist before heading down that path. Thanks! -Matt ________________________________ This message is intended for the sole use of the addressee, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the addressee you are hereby notified that you may not use, copy, disclose, or distribute to anyone the message or any information contained in the message. If you have received this message in error, please immediately advise the sender by reply email and delete this message. ________________________________ Legal Notice: This email is intended only for the person(s) to whom it is addressed. If you are not an intended recipient and have received this message in error, please notify the sender immediately by replying to this email or calling +44(0) 2083269015<tel:%2B44%280%29%202083269015> (UK) or +1 866 592 4214<tel:%2B1%20866%20592%204214> (USA). This email and any attachments may be privileged and/or confidential. The unauthorized use, disclosure, copying or printing of any information it contains is strictly prohibited. The opinions expressed in this email are those of the author and do not necessarily represent the views of 1E Ltd. Nothing in this email will operate to bind 1E to any order or other contract. ________________________________ This message is intended for the sole use of the addressee, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the addressee you are hereby notified that you may not use, copy, disclose, or distribute to anyone the message or any information contained in the message. If you have received this message in error, please immediately advise the sender by reply email and delete this message.
