Generate Active Directory group with Orchestrator when new Configuration Manager 2012 Application is created

This is an example on how to automate creation of Active Directory (AD) groups with Orchestrator based on the Applications that are created in System Center Configuration Manager (SCCM). The Runbook will also rename the AD group if the application is renamed in SCCM.

This is the first Runbook in a series of Runbooks that will automate creation and deletion of AD groups and Collections in SCCM based on SCCM application administration.

Prerequisites for this Runbooks are that the Integration Pack “Execute PowerShell Script” is installed on the Runbook server and that WinRM is enabled on the SCCM 2012 server.

The Runbook

Generate AD group with SCO when new SCCM 2012 Application is created1

The Runbook will connect to SCCM with WinRM and get all applications that exist in SCCM, except the ones that are in the state expired. It will then see if the group already exist at the activity “Get Groups that contains CM ID”. It does so by checking if the SCCM Package ID exist in any AD group name. If the group does not exist in AD it will create it with the activity “Create Group”.

If the group exist the activity “Get Groups with SAMAccountName” will be ran to see if the name is the same as before. If not the group will be renamed.

Runbook breakdown

Generate AD group with SCO when new SCCM 2012 Application is created2

Command: PS Script 01

Import-Module “C:\Program Files (x86)\Microsoft Configuration Manager\AdminConsole\bin\ConfigurationManager.psd1”;
Set-Location P01:
Get-CMApplication | Select-Object -Property LocalizedDisplayName, PackageID, IsExpired | % {If ($_.IsExpired -eq $False) {$_.PackageID +”,”+ $_.LocalizedDisplayName}}

Generate AD group with SCO when new SCCM 2012 Application is created3 Generate AD group with SCO when new SCCM 2012 Application is created4 Generate AD group with SCO when new SCCM 2012 Application is created5 Generate AD group with SCO when new SCCM 2012 Application is created6 Generate AD group with SCO when new SCCM 2012 Application is created7 Generate AD group with SCO when new SCCM 2012 Application is created8 Generate AD group with SCO when new SCCM 2012 Application is created9 Generate AD group with SCO when new SCCM 2012 Application is created10

No comments yet.

Leave a Reply