SCCM – useful odds and sods

As many of you do (i imagine) – you run into useful things, use them once… or a few times…. or a few hundred times, but recording these in a central location is something that tech’s are just not good at.

For me, this is demonstrated by the times i google something and my own f*cking blog comes back with the answer…. i’m old, forgetful and deal with a lot of clients and technologies…. Still….

The purpose of this page is simply to provide a reminder for me and my employees about various useful bits and pieces…. and if it helps others – all the better.


Task sequence monitor

Pre-req installer

TFTP mod script

Creating a Global condition for “Computer Model”

Name:                     Computer Model
Device type:            Windows
Condition type:        Setting
Setting Type:           WQL query
Data Type:               String
Name space:           root\cimv2
Class:                       win32_computersystem
Property:                  Model


Creating a Global condition for “Computer Manufacturer”

Name:                     Computer Model
Device type:            Windows
Condition type:        Setting
Setting Type:           WQL query
Data Type:               String
Name space:           root\cimv2
Class:                       win32_computersystem
Property:                 Manufacturer


set Bitlocker to use XTS-256 instead of XTS-128 as the BitLocker encryption type in a task sequence

cmd /c reg.exe add HKLM\SOFTWARE\Policies\Microsoft\FVE /v EncryptionMethod /t REG_DWORD /d 7 /f


HP Driver Packs


Upping maximum MIF size to 50MB

HKLM\Software\Microsoft\SMS\Components\SMS_INVENTORY_DATA_LOADER\Max MIF Size

Change value to “32000” (Hexadecimal)

No reboot or service restart required


Hardware inventory for monitors

Collecting monitor serial numbers with SCCM


Changing your password when your in a VM, within an RDP session, within a Citrix session, within another RDP session

C:\Windows\explorer.exe shell:::{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}


Collection to find machines with a pending restart

select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System join sms_combineddeviceresources on sms_combineddeviceresources.resourceid = sms_r_system.resourceid where sms_combineddeviceresources.clientstate != 0


Powershell pending reboot module

install-module pendingreboot -confirm:$false

Test-PendingReboot -Computername <computername>


CoreTech SCCM shutdown tool

Configuration Manager shutdown utility


Helpful tool for moving reports between hierarchies

SCCM Configmgr How to Import Export Migrate upload reports to CM12 easy way using ReportSync Tool

Command Synchronicity

Command Synchronicity



Functionality i’d like to see added

One of the great things about the CB releases for SCCM is that there has been a steady flow of nice little touches – along with the major changes. Things that i would like to see included are:

  • Add default classes to SCCM inventory for – Monitors, .NET framework versions (not enabled by default – but there, ready to be enabled)
  • Remove the ridiculous “third party MDM detection” which cripples the client…. or at least allow the functionality to be turned off
  • 802.1x support (native) for OSD
  • Have a GUI wizard to create common collections – such as Windows 10 versions, Client versions, Endpoint protection status, hardware make/model collections for everything currently in the database
  • Client upgrade check – allow tests to be run against existing clients to check if upgrading the client is feasible – and most importantly, if it will cause a reboot (due to .net framework other other supporting component upgrades)
  • Allow columns/headings to be set as default for all views
  • Improve visibility of peer cache usage, and importantly, help to determine why peer cache isn’t being used
  • Allow setting of bitlocker encryption mode in the task sequence
  • A method to prevent user logon while installing… this might be install at shutdown, or preventing logon during install
  • Options to help with timely reboots – i.e. be able to define what happens with a system with a pending reboot… without needing to create a collection and deploy scripts to manage it. This is more than just software updates – its a pending reboot for any reason.
  • Remote control…. a lot to be done here. Decent multi-monitor support, chat window, CMG integration etc
  • WSUS categories for different versions of Win 10 – and x86/x64…. so we can not sync all the stuff we don’t need
  • Default MIF size should be larger than 5 MB…. i would argue for 50Mb… and make it configurable via the GUI
  • Default path for package source…. save an incredible amount of typing
  • The security model currently sucks. At the very least it needs an effective permissions tester interface due to its complexity.