To Remove Disconnected Session

 function Remove-DisconnectedSessions {

    # Get all user sessions on the machine

    $sessions = query user

    foreach ($session in $sessions) {

        # Split the session details into an array

        $sessionDetails = $session -split '\s+'

        # Check if the session state is 'Disc' (Disconnected)

        if ($sessionDetails[3] -eq 'Disc') {

            $sessionId = $sessionDetails[2]

            # Log off the disconnected session

            logoff $sessionId

            Write-Host "Disconnected session with ID $sessionId has been logged off."

        }

    }

}

Remove-DisconnectedSessions

This can be used in SCCM Script and run against any Device collection

Temporary Admin Rights Script for SCCM/ MECM

Script for Granting Temporary Admin Rights for End User's

The  Temporary Admin Rights script has been enhanced to grant temporary administrative rights to the currently logged-in user. The script identifies the user by determining the owner of the explorer.exe process and adds them to the local administrators' group with a set timer. Once the timer expires, the user is automatically removed from the admin group. Additionally, the script includes a GUI with a button that allows the user to extend the admin rights by 30-minute increments, up to a maximum of 6 hours.

Key Features:

User Identification: The script identifies the currently logged-in user by finding the owner of the explorer.exe process.

Admin Rights Management: Admin rights are granted using the PowerShell Add-LocalGroupMember cmdlet, and they are removed using the Remove-LocalGroupMember cmdlet. The use of PowerShell avoids the appearance of a command prompt window on the desktop.

Timer Functionality: A timer counts down the time remaining for the admin rights. Once the timer runs out, the user is removed from the admin group.

GUI Interface: The script includes a graphical interface that displays the time remaining in hours, minutes, and seconds. It also provides an "Add 30 minutes" button to extend the timer.

Deployment in SCCM: The script was packaged as an SCCM application / package and configured to run in the user context. Extensive testing confirmed that the script works as intended, providing a seamless experience for users requiring temporary administrative privileges.

Script is available to download from GitHub

Enhancing SCCM/MECM AD Group Deployment with Our Upgraded PowerShell Tool

I'm excited to share the latest update to our PowerShell tool designed for SCCM/MECM AD Group deployments. This upgrade brings several new features and improvements that enhance our deployment processes and streamline our workflow.

Key Features of the Upgraded Tool:

1. Dual Deployment Capability: Previously, our tool only supported application deployments. With this upgrade, it now supports both application and package deployments, providing greater flexibility and efficiency.

2. New Collection Creation: The tool can now create new collections, making it easier to organize and manage deployments. Once the collection is created, the tool can deploy applications and packages to it seamlessly.

3. Support for Existing AD Group Collections: In addition to creating new collections, the tool can also deploy applications and packages to existing AD group collections, simplifying the integration with our current infrastructure.

4. Automated Collection Variables: To ensure smooth deployments, the tool adds collection variables automatically, reducing the need for manual intervention and minimizing errors.

5. Proper Folder Placement: The tool ensures that both applications and packages, along with collections, are placed in the correct folders within SCCM. This organization helps maintain a tidy and efficient deployment environment.

6. Automated Deployment Creation: After performing all the above steps, the tool automatically creates the deployment, saving valuable time and effort.

7. Email Notifications for Validation: The tool will continue to send email notifications with the same details as before for validation of the deployment, ensuring that our processes remain transparent and verified.

8. User Collection Creation: The tool can now create user collections and deploy to them. Simply enable the "If user" checkbox to utilize this feature.

Conclusion:

These enhancements are designed to improve our deployment processes, increase accuracy, and save time. By automating several key steps, we can focus on more strategic tasks and ensure our deployment operations run smoothly.

Feel free to reach out if you have any questions or need more information about the upgraded tool.

Here is the image from the tool.

Here is the link to download the Script

MECM Deployment Kit

Streamlining Deployments with a GUI Tool Built on PowerShell

In our ongoing efforts to enhance efficiency and streamline our deployment processes, we have Upgraded our previously built PowerShell GUI Tool. This tool simplifies the deployment process and ensures that all necessary conditions and notifications are met. Once a deployment is created, the tool automatically sends an email to our distribution list (DL), keeping all relevant parties informed.

 Deployable Objects

The tool supports the deployment of the following objects:

    - Applications

    - Packages

    - Task Sequences (Non-Imaging)

Deployment Targets

Deployments can be made to:

    - User Collections

    - Device Collections

Key Conditions

To maintain a smooth and error-free deployment process, the following conditions must be adhered to:

1. Exclusion of Default Collections

   - Collections starting with "SMS" are default collections and cannot be used for deployments.

2. Validation for Required Deployments

   - Required deployments will not allow you to use collections with any members. After the validation is complete, devices can be added to the collection.

3. Time Restrictions

   - For both available and required deployments, you cannot use a time that is earlier than the current time.

4. Notification Settings

   - Notification settings are integrated for package and task sequence deployments to ensure all necessary parties are informed promptly.

How It Works

1. Select the Object to Deploy

   - Choose from applications, packages, or task sequences.

2. Choose the Target Collection

   - Select either a user collection or a device collection for the deployment. (Enable checkbox for user collection)

3. Adhere to Conditions

   - Ensure that no default collections are used, and validate collections for required deployments.

   - Set the deployment time to ensure it is not earlier than the current time.

4. Deployment Notification

   - Upon creating a deployment, the tool will send an email notification to the designated distribution list, providing details of the deployment.

Benefits

- Ease of Use

  - The GUI tool provides a user-friendly interface that simplifies the deployment process.

  

- Automated Notifications

  - Automatic email notifications keep everyone informed about the status and details of deployments.

- Compliance with Conditions

  - The tool enforces conditions to prevent common deployment errors, ensuring smoother operations.

- Versatility

  - Supports a wide range of deployment objects and targets, catering to various needs.

By integrating this GUI tool into our deployment workflow, we have significantly improved efficiency and reduced the likelihood of errors. This tool exemplifies our commitment to leveraging technology to streamline processes and enhance operational effectiveness.

Feel free to reach out with any questions or feedback about using the GUI tool for deployments.

Screenshot of GUI Tool

Application Deployment 

                                    

Email Sample after deployment creation -Application

===============================================

Package Deployment

Email Sample after deployment creation -Package 

=========================================================

Task Sequence Deployment (Non Imaging TS only)

Email Sample after deployment creation - Task Sequence

------------------------------------------------------------------------------------

Script is available to download from GitHub

MECM SQL query to get application deployment type and its details

 

;WITH XMLNAMESPACES ( DEFAULT 'http://schemas.microsoft.com/SystemsCenterConfigurationManager/2009/06/14/Rules', 'http://schemas.microsoft.com/SystemCenterConfigurationManager/2009/AppMgmtDigest' as p1)

SELECT

A.[App Name],max(A.[DT Name])[DT Title],A.Type

,A.ContentLocation ,A.InstallCommandLine,A.UninstallCommandLine,A.ExecutionContext,A.RequiresLogOn

,A.UserInteractionMode,A.OnFastNetwork,A.OnSlowNetwork,A.DetectAction

from (

SELECT LPC.DisplayName [App Name]

,(LDT.SDMPackageDigest.value('(/p1:AppMgmtDigest/p1:DeploymentType/p1:Title)[1]', 'nvarchar(max)')) AS [DT Name]

,LDT.SDMPackageDigest.value('(/p1:AppMgmtDigest/p1:DeploymentType/p1:Installer/@Technology)[1]', 'nvarchar(max)') AS [Type]

,LDT.SDMPackageDigest.value('(/p1:AppMgmtDigest/p1:DeploymentType/p1:Installer/p1:Contents/p1:Content/p1:Location)[1]', 'nvarchar(max)') AS [ContentLocation]

,LDT.SDMPackageDigest.value('(/p1:AppMgmtDigest/p1:DeploymentType/p1:Installer/p1:InstallAction/p1:Args/p1:Arg)[1]', 'nvarchar(max)') AS [InstallCommandLine]

,LDT.SDMPackageDigest.value('(/p1:AppMgmtDigest/p1:DeploymentType/p1:Installer/p1:UninstallAction/p1:Args/p1:Arg)[1]', 'nvarchar(max)') AS [UninstallCommandLine]

,LDT.SDMPackageDigest.value('(/p1:AppMgmtDigest/p1:DeploymentType/p1:Installer/p1:InstallAction/p1:Args/p1:Arg)[3]', 'nvarchar(max)') AS [ExecutionContext]

,LDT.SDMPackageDigest.value('(/p1:AppMgmtDigest/p1:DeploymentType/p1:Installer/p1:InstallAction/p1:Args/p1:Arg)[4]', 'nvarchar(max)') AS [RequiresLogOn]

,LDT.SDMPackageDigest.value('(/p1:AppMgmtDigest/p1:DeploymentType/p1:Installer/p1:InstallAction/p1:Args/p1:Arg)[8]', 'nvarchar(max)') AS [UserInteractionMode]

,LDT.SDMPackageDigest.value('(/p1:AppMgmtDigest/p1:DeploymentType/p1:Installer/p1:Contents/p1:Content/p1:OnFastNetwork)[1]', 'nvarchar(max)') AS [OnFastNetwork]

,LDT.SDMPackageDigest.value('(/p1:AppMgmtDigest/p1:DeploymentType/p1:Installer/p1:Contents/p1:Content/p1:OnSlowNetwork)[1]', 'nvarchar(max)') AS [OnSlowNetwork]

,LDT.SDMPackageDigest.value('(/p1:AppMgmtDigest/p1:DeploymentType/p1:Installer/p1:DetectAction/p1:Provider)[1]', 'nvarchar(max)') AS DetectAction

FROM

dbo.fn_ListApplicationCIs(1033) LPC

RIGHT Join fn_ListDeploymentTypeCIs(1033) LDT ON LDT.AppModelName = LPC.ModelName

--where LDT.CIType_ID = 21 AND LDT.IsLatest = 1

) A

GROUP BY A.[App Name],A.Type,A.ContentLocation,A.InstallCommandLine,A.UninstallCommandLine,A.ExecutionContext,A.RequiresLogOn,A.UserInteractionMode,

A.OnFastNetwork,A.OnSlowNetwork,A.DetectAction