Powershell – Check That SCCM User Environment Is Setup

Posted on by Leave a comment

SCCM is a bit fiddly it has its “own” powershell console that is a tad inconvenient. Also a lot of assumptions are made that the user is all good to go with SCCM cmdlets and that is usually far from the truth.

The following script is does few prerequisite checks to ensure it is all good to go for the novice SCCM Powershell user. The script is self documenting as to what checks I am doing. These check have been learnt the hard way. 🙂 

For the novice:
All SCCM Cmdlets have to run from the $SCCMSiteCodePath Location
Assumption is that the Security group ($SecurityGroupthatHasSSCMRights in the code) does have the correct rights to run the powershell functions against SCCM

 

#Script does a bunch of checks to ensure that the user is setup to be able to run SCCM Powershell commands
#All SCCM Cmdlets have to run from the $SCCMSiteCodePath Location
#Assumption is that the Security group $SecurityGroupthatHasSSCMRights does have the correct rights to run the powershell functions against SCCM

$SiteServer = (Get-CMSite).Servername
$SCCMSiteCode = (Get-CMSite).Sitecode
$SCCMSiteCodePath = $SCCMSiteCode + ":"
$SecurityGroupthatHasSSCMRights = "SEC_SCCM_Admin"

push-location
#Check if SCCM Console has been run on this user profile before
if (($env:SMS_ADMIN_UI_PATH) -ne $null)
{
  Write-Host "SCCM Environment path exists:" $env:SMS_ADMIN_UI_PATH -ForegroundColor Green
}
else
{
  Write-Error "You have not run up the SCCM Console before .... please run up SCCM console first and then re-run script  exiting........"
  break
}
#Check if logged in with Account as required for SCCM
if ((Get-ADPrincipalGroupMembership -Identity $env:USERNAME |where name -eq $SecurityGroupthatHasSSCMRights) )
{
    Write-Host "User: $env:USERNAME belongs to $SecurityGroupthatHasSSCMRights AD Group" -ForegroundColor Green
}
else
{
  Write-Error "You do not belong to the $SecurityGroupthatHasSSCMRights group.. Gain access and then re-run script  exiting........"
  break
}

#Check for the fact the user has run SCCM Console once
#If they have then the "HKCU:\Software\Microsoft\ConfigMgr10" registry entry will exist
try
{
Set-Location "HKCU:\Software\Microsoft\ConfigMgr10" -ErrorAction Stop
Write-Host "User: $env:Username has run SCCM Console before carrying on" -ForegroundColor Green
}

catch [System.Net.WebException],[System.Exception]
{
    Write-error "User: $env:Username has NOT run SCCM Console before ... Exiting"
    Break
}
finally
{
    
}

pop-location


Import-Module (Join-Path $(Split-Path $env:SMS_ADMIN_UI_PATH) ConfigurationManager.psd1)
#Set current directory to SCCM site
Set-Location -Path $SCCMSiteCodePath

 

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.