Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, January 16, 2020 4:16 PM
I am just starting to integrate my MDT imaging process with SCCM and I'm having a problem adding computers into AD security groups.
In MDT I have a command line that adds computers into a security group but when I add that line into my SCCM MDT task sequence it doesn't work and I can't seem to find any errors indicating why it's not working.
Here's the command line
powershell -executionpolicy bypass -noprofile -noninteractive "& ""%scriptroot%\dagroupw10.ps1""" EXIT
And I have the Run this step as the following account option checked with the proper credentials. I have copied this step verbatim into the SCCM MDT TS.
Any help would be greatly appreciated.
All replies (9)
Thursday, January 16, 2020 6:12 PM
Without knowing anything about the PowerShell script, no one can anything here as this completely depends on it.
Have you reviewed smsts.log on a system where the TS has run to validate whether it is running successfully?
Jason | https://home.configmgrftw.com | @jasonsandys
Friday, January 17, 2020 1:46 AM
Hi,
Thanks for posting in TechNet.
May we know if there is any further information about this issue in the smsts.log? Please refer to:
SCCM: How to copy SMSTS.log when a Task Sequence fails
Note: This is non-Microsoft link, just for your reference.
Thanks for your time.
Best regards,
Simon
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Friday, January 17, 2020 5:40 PM
Here's the script I am using in MDT and trying to get to work in SCCM.
$ComputerName = $env:computername
$GroupPath = "LDAP://CN=DirectAccess16Computers,OU=Security Groups,DC=xxx,DC=xxx,DC=xx,DC=xx"
$computerPath = "LDAP://CN=$ComputerName,OU=NewComputers,DC=xxx,DC=xxxxx,DC=xx,DC=xx"
$Group =[ADSI]"$GroupPath"
$Group.Add("$computerPath")
$Group.SetInfo()
Friday, January 17, 2020 7:17 PM
And what does smsts.log show about the execution of this script in the TS?
Jason | https://home.configmgrftw.com | @jasonsandys
Monday, January 20, 2020 9:05 AM
Hi,
Thanks for your reply.
May we know if the script works well when running manually? If yes, please check if there is any error about this issue in smsts.log. Thanks for your understanding.
Best regards,
Simon
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Tuesday, January 21, 2020 1:56 PM
Simon,
Yes, the script runs correctly when run directly from powershell and it also runs properly when run in the original MDT task sequence.
The issue is it doesn't work in the SCCM/MDT task sequence. Here is the requested information from the smsts.log.
Thanks,
Andy
Evaluating a variable condition expression TSManager 1/21/2020 8:15:57 AM 4676 (0x1244)
Variable = islaptop TSManager 1/21/2020 8:15:57 AM 4676 (0x1244)
Value = true TSManager 1/21/2020 8:15:57 AM 4676 (0x1244)
Operator = equals TSManager 1/21/2020 8:15:57 AM 4676 (0x1244)
Expand a string: equals TSManager 1/21/2020 8:15:57 AM 4676 (0x1244)
Expand a string: islaptop TSManager 1/21/2020 8:15:57 AM 4676 (0x1244)
Expand a string: true TSManager 1/21/2020 8:15:57 AM 4676 (0x1244)
The variable condition expression is evaluated to be TRUE TSManager 1/21/2020 8:15:57 AM 4676 (0x1244)
The AND expression is evaluated to be TRUE TSManager 1/21/2020 8:15:57 AM 4676 (0x1244)
The condition for the action (Add computer to Direct Access group) is evaluated to be true TSManager 1/21/2020 8:15:57 AM 4676 (0x1244)
Expand a string: smsswd.exe /run: powershell.exe -executionpolicy bypass -File %scriptroot%\dagroupw10.ps1 TSManager 1/21/2020 8:15:57 AM 4676 (0x1244)
Expand a string: TSManager 1/21/2020 8:15:57 AM 4676 (0x1244)
Command line for extension .exe is "%1" %* TSManager 1/21/2020 8:15:57 AM 4676 (0x1244)
Set command line: smsswd.exe /run: powershell.exe -executionpolicy bypass -File %scriptroot%\dagroupw10.ps1 TSManager 1/21/2020 8:15:57 AM 4676 (0x1244)
Start executing the command line: smsswd.exe /run: powershell.exe -executionpolicy bypass -File %scriptroot%\dagroupw10.ps1 TSManager 1/21/2020 8:15:57 AM 4676 (0x1244)
!! TSManager 1/21/2020 8:15:57 AM 4676 (0x1244)
Expand a string: WinPEandFullOS TSManager 1/21/2020 8:15:57 AM 4676 (0x1244)
Executing command line: smsswd.exe /run: powershell.exe -executionpolicy bypass -File %scriptroot%\dagroupw10.ps1 TSManager 1/21/2020 8:15:57 AM 4676 (0x1244)
[ smsswd.exe ] InstallSoftware 1/21/2020 8:15:57 AM 4864 (0x1300)
PackageID = '' InstallSoftware 1/21/2020 8:15:57 AM 4864 (0x1300)
BaseVar = '', ContinueOnError='' InstallSoftware 1/21/2020 8:15:57 AM 4864 (0x1300)
ProgramName = 'powershell.exe -executionpolicy bypass -File C:\_SMSTaskSequence\WDPackage\Scripts\dagroupw10.ps1' InstallSoftware 1/21/2020 8:15:57 AM 4864 (0x1300)
SwdAction = '0001' InstallSoftware 1/21/2020 8:15:57 AM 4864 (0x1300)
Getting linked token InstallSoftware 1/21/2020 8:15:58 AM 4864 (0x1300)
Get RunAs private desktop SMSTS-498812\SMSTSDesktop InstallSoftware 1/21/2020 8:15:59 AM 4864 (0x1300)
Run command line under a user account InstallSoftware 1/21/2020 8:15:59 AM 4864 (0x1300)
Command line for extension .exe is "%1" %* InstallSoftware 1/21/2020 8:15:59 AM 4864 (0x1300)
Set command line: Run command line InstallSoftware 1/21/2020 8:15:59 AM 4864 (0x1300)
Working dir 'not set' InstallSoftware 1/21/2020 8:15:59 AM 4864 (0x1300)
Executing command line: Run command line InstallSoftware 1/21/2020 8:15:59 AM 4864 (0x1300)
Create a process under given user token InstallSoftware 1/21/2020 8:15:59 AM 4864 (0x1300)
The following exception occurred while retrieving member "Add": "Unknown error (0x80005000)" InstallSoftware 1/21/2020 8:16:03 AM 4864 (0x1300)
At C:\_SMSTaskSequence\WDPackage\Scripts\dagroupw10.ps1:7 char:1 InstallSoftware 1/21/2020 8:16:03 AM 4864 (0x1300)
+ $Group.Add("$computerPath") InstallSoftware 1/21/2020 8:16:03 AM 4864 (0x1300)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~ InstallSoftware 1/21/2020 8:16:03 AM 4864 (0x1300)
+ CategoryInfo : NotSpecified: (:) [], ExtendedTypeSystemException InstallSoftware 1/21/2020 8:16:03 AM 4864 (0x1300)
+ FullyQualifiedErrorId : CatchFromBaseGetMember InstallSoftware 1/21/2020 8:16:03 AM 4864 (0x1300)
InstallSoftware 1/21/2020 8:16:03 AM 4864 (0x1300)
Process completed with exit code 0 InstallSoftware 1/21/2020 8:16:05 AM 4864 (0x1300)
The following exception occurred while retrieving member "SetInfo": "Unknown error (0x80005000)" InstallSoftware 1/21/2020 8:16:05 AM 4864 (0x1300)
At C:\_SMSTaskSequence\WDPackage\Scripts\dagroupw10.ps1:8 char:1 InstallSoftware 1/21/2020 8:16:05 AM 4864 (0x1300)
+ $Group.SetInfo() InstallSoftware 1/21/2020 8:16:05 AM 4864 (0x1300)
+ ~~~~~~~~~~~~~~~~ InstallSoftware 1/21/2020 8:16:05 AM 4864 (0x1300)
+ CategoryInfo : NotSpecified: (:) [], ExtendedTypeSystemException InstallSoftware 1/21/2020 8:16:05 AM 4864 (0x1300)
+ FullyQualifiedErrorId : CatchFromBaseGetMember InstallSoftware 1/21/2020 8:16:05 AM 4864 (0x1300)
InstallSoftware 1/21/2020 8:16:05 AM 4864 (0x1300)
Command line returned 0 InstallSoftware 1/21/2020 8:16:05 AM 4864 (0x1300)
Process completed with exit code 0 TSManager 1/21/2020 8:16:05 AM 4676 (0x1244)
Tuesday, January 21, 2020 1:59 PM
There are clearly errors in the log that you need to troubleshoot.
Are you using a Run PowerShell task or a Run Command Line task?
Jason | https://home.configmgrftw.com | @jasonsandys
Tuesday, January 21, 2020 2:39 PM
Command line.
Tuesday, January 21, 2020 3:36 PM
This has to do with module loading as an alternate user in PowerShell (or something like that).
I'm not sure if there's a work-around here or not though. You may ant to search around the web for alternate scripts or similar issues.
A quick search turned up a post from you from 5 years ago with the exact same issue: https://social.technet.microsoft.com/Forums/office/en-US/c6506b24-9ef0-47eb-84ae-c3e5a531601d/powershell-script-error-when-running-it-in-a-mdt-task-sequence
Have you tried Jorgen's solution: https://ccmexec.com/2010/08/adding-computer-to-ad-groups-during-deployment/
Jason | https://home.configmgrftw.com | @jasonsandys