SCCM : Query : XP Machines That Are Not Encrypted

In an effort to keep the team from having to do double work; encrypt, re-image, re-encrypt; we wanted to find out which departments had a large number of XP machines that had not yet been encrypted. We are going to begin pushing out Windows 7 through SCCM before we encrypted them. We also had o make sure the departments we were pushing to did not require multiuser and that the computers we were loading 7 on were not outdated and needed to be replaced. My query selects the computers with XP loaded on them but without the Sophos SafeGuard sotware then returns its name, lastUser, model, OS, Service Pack version, and the OU it belongs to. The parts in blue are what you may need to change to fit your purposes.


from SMS_R_System
inner join SMS_G_System_COMPUTER_SYSTEM on SMS_G_System_COMPUTER_SYSTEM.ResourceID = SMS_R_System.ResourceId
inner join SMS_G_System_OPERATING_SYSTEM on SMS_G_System_OPERATING_SYSTEM.ResourceID = SMS_R_System.ResourceId

SMS_G_System_OPERATING_SYSTEM.Caption like “%XP%” and SMS_G_System_COMPUTER_SYSTEM.Name not in (

select distinct

from SMS_R_System
inner join SMS_G_System_COMPUTER_SYSTEM on SMS_G_System_COMPUTER_SYSTEM.ResourceID = SMS_R_System.ResourceId
inner join SMS_G_System_ADD_REMOVE_PROGRAMS on SMS_G_System_ADD_REMOVE_PROGRAMS.ResourceID = SMS_R_System.ResourceId

where SMS_G_System_ADD_REMOVE_PROGRAMS.DisplayName like “%Sophos SafeGuard%” )


PowerShell w/ SCCM : Members of a Collection to a TXT file

This powershell script will return a list of computers in a specified device collection. It outputs the list to a text file that can then be used by other scripts. This script gets called by a VBScript and pulls your window’s credentials as the needed credentials to access the collection information. Also you can set the $CollectionName to be passed as a parameter if you wanted to get fancier with it (ie: called from an HTA with a list of collections to choose from). Anywho, here is the basic script. The parts in blue are editable.

$SiteServer = ‘
$SiteCode = ‘DOU
$CollectionName = ‘HIM
$cred = [System.Management.Automation.PSCredential]::Empty
$Collection = get-wmiobject -ComputerName $siteServer -NameSpace “ROOT\SMS\site_$SiteCode” -Class SMS_Collection -Credential $cred | where {$_.Name -eq “$CollectionName”}
$SMSMembers = Get-WmiObject -ComputerName $SiteServer -Credential $cred -Namespace “ROOT\SMS\site_$SiteCode” -Query “SELECT * FROM SMS_FullCollectionMembership WHERE CollectionID=’$($Collection.CollectionID)’ order by name” | select Name
$SMSMembers >> “.\members.txt

SCCM : Error : OSD x80004005

Derek had an issue with a Dell XT2 not wanting to image. SCCM would error out every time he entered our password to pull up the OSD Task Sequence list. For us, this is typically a sign of hardware trouble but in this case he had already swapped the hard drive and the memory and on these models there wasn’t anything else he could easily change. I sought Google and found our solution. The BIOS clock on the machine he was trying to image was wrong. We had to set the time so it was the same as the rest of the domain machines, most importantly that of the SCCM server. After we changed the BIOS date and time the OSD Task Sequence kicked off as expected. A nice and easy fix.