SCCM: Collection that queries against a security group

configuration sccm system-center
25,005

You can only create rule based queries based on data that has been collected with the various discovery methods. But among the discovery methods, you have Active Directory Security Group Discovery which will work just fine for your purposes. You just have to turn it on and set it to scan the AD containers that have your groups in them.

Then you can create rule based collections with queries that filter on the System Group Name attribute of the System Resource attribute class. The raw SQL for this type of query is provided in taylord1's answer.

If you're worried about timing and the fact that the default scan schedule is only once a day as well as the collection update schedule, it's really easy to just change the schedule to meet your needs. Just keep in mind that you'll need to update both the Security Group Discovery schedule and the Collection Update schedule. If possible, you should try to time them so the Collection Update schedule happens a few minutes after the Security Group Discovery schedule.

If you're already using Security Group Discovery and are worried about a performance hit from increasing the scan schedule, I'd still suggest trying it out first to see whether it actually causes too much stress on your infrastructure. However, there are other ways of triggering individual machine updates I can describe if you're interested. It involves some programming though.

Share:
25,005

Related videos on Youtube

user7862
Author by

user7862

Updated on September 17, 2022

Comments

  • user7862
    user7862 almost 2 years

    Is there a way to specify that a collection queries against a specific security group in AD, or can it only query against machines already in it's db put there via discovery methods?

  • Madhu Cheluvaraju
    Madhu Cheluvaraju about 15 years
    What are you trying to do? Perhaps I can help.
  • user7862
    user7862 about 15 years
    I am attempting to test SCCM deployment against a subset of machines that I have defined in a security group.
  • Madhu Cheluvaraju
    Madhu Cheluvaraju about 15 years
    You mean deploy the client? OS? Package?
  • Madhu Cheluvaraju
    Madhu Cheluvaraju about 15 years
    You could discover the OU that contains all the machines, then create a collection with only those machines.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

SCCM: Add one machine explicitly
System Center Configuration Manger 2012 SP1 PXE boot
Run Microsoft SCCM Remote Control Viewer on Client Machines?
How to query SCCM for all collections that a user is a member of?
Why is Configuration Manager 2012 creating a SMSPKG folder on my C: drive?
SCCM 2012 unable to update boot images with pxe enabled
Are there complete System Center Configuration Manager alternatives?
ConfigMgr 2012 - How to automatically make updates available to computers without forcing them to be installed?
Flutter macOS high Sierra error
SCCM SUP cannot connect with WSUS Server - WSUS Server version 3.0 SP2 or above is not installed