[PowerShell] Remove Objects Tool v1.0






If you are like me and use “All Unknown Computers” to deploy your OSD to you will also be fairly familiar of making sure you have cleared an object from the SCCM Database before trying to re-image, otherwise … well its not Unknown now is it?

Typically this would involve a tech opening AD searching for the computer and removing it, then opening the SCCM console and doing the same. I have spent some time adding to a tool i previously released , adding many more functions. 

I have expanded the tool and added further features which allows you to
  • Remove AD Objects
  • Remove SCCM Objects
  • Remove both SCCM/AD objects
  • View LAPS (Local Admin Password)
  • View additional machine details
  • Remote control 

Download Tool – if LAPS is deployed in your environment

Download Tool – if LAPS is NOT deployed in your environment

Requirements of Tool.

1. Before running the tool, ensure you have the ‘Remote Server Admin Tools’ installed
2. Tool will need to be launched with credentials sufficient for the functions you plan to use. ( Tool doesn’t prompt for credentials)

Under the hood.

The “Remove Objects” tool is written in PowerShell and compiled. The tool essentially looks at all computer objects (taken from settings file), does a lookup in AD for these objects, then scans your SCCM instance for the same name. It will then merge all the information together.

 Settings for your environment are referenced in the file “settings.xml”

Settings.XML

https://gist.github.com/padgo/9fd48031fbf9a1e7f184592b542744f4.js
SCCMServer: Location of SCCM instance
SearchBase: the root location for workstations (in format of DistinguishedName)
SCCMSite: your SCCM Site Code

SystemOUName: Same path as SearchBase , but in the format of CanocialName 
CMRCViewer: Location of the SCCM Remote control viewer files – see below for more info

Spaces in the search base should be accepted without worry.

Ensure that you set these values to match your environment. The settings file MUST reside in the same root folder as the Remove Objects executable, if not you will see this error.

Logging

You will get an output file stored in the same location as the executable, this will be recreated each time the “search/filter” button is used, this is used in case you face issues with objects not being found.

Remote Control

The Remove Objects tool has the ability to remote control a workstation. Remote control is issued through CmRcViewer. CmRcViewer is installed locally when you have the SCCM Console installed on your machine. To avoid installing the full SCCM console on every machine you with to run “Remove Objects” you can copy these files to each machine. The files required for remote viewing are seen in the screenshot below:

I have provided a “InstallRemote.cmd” which would copy these files to the default path in C:\Program Files (x86)\ConfigMgrConsole\bin\i386 . I haven’t included the actual remote control files in my download as these are copyrighted. 

Usage.

When the tool launches, you will see the following, press Search/Filter to list objects

(Note: If you dont have LAPS deployed, script will still work but you will not see the column for it)

When search is complete, you will be presented with all objects. The Data source for the objects listed is as follows:
Name: Active Directory 
Description: Active Directory 
Operating System: Active Directory
IPV4Address: SCCM
Enabled: Active Directory
LAPS Password: Active Directory
MAC Address: SCCM
SCCMResourceID: SCCM 

You can search/filter off any value, for example, name. 
The function controls are self-explanatory. All functions (except remote) will prompt for confirmation. All cells can be copied to clipboard.
NB. To perform any function, you must highlight the computer name from the NAME column. 

All options chosen will prompt for confirmation, except for “Remote Control”. 

Remote Control:  This uses CmRcViewer.exe which is either

a. Bundled when installing the SCCM Console
b. Installed from the InstallRemote.cmd as mentioned earlier.

Remove AD Object: Removes AD Object 

Remove SCCM Object:Removes SCCM Object 


Remove SCCM/AD Object: Removes SCCM and AD Object – This is the default function you should use to clear a machine for reimaging. 




Cells highlighted in yellow indicate that a computers SCCM resource ID has been removed or not found. This would happen if you were to use the “Remove from SCCM” option only. 

Note, your SystemOUName variable should be the root location for your workstations, if your system OU name doesnt match your searchbase, items will be shown as yellow , as they cannot be matched against the same computer names in AD.

The lookup code that manages this is: $sccmQuery = get-wmiobject -query “select * from SMS_R_SYSTEM WHERE Name like ‘%’ ” -computername $sccmserver -namespace “ROOT\SMS\site_$sccmsite” | Where-Object { $_.SystemOUName -contains $SystemOUName }


This code exists to ensure that you dont return other SCCM objects such as servers or mobile devices.

A block of code will run for each computer loaded that will check that each AD Hostname has a matching record in the above lookup code, if the Hostname is not found, the row will be shown as yellow.

Code for that lookup is :

if ($datagridviewResults.Rows[$i].Cells[‘SCCMResourceID’].Value -eq $null)
{
$row.defaultcellstyle.backcolor = ‘yellow’

}

Limitations.

In further releases i will include a settings option to either use SCCM remote control OR Microsoft Remote Assistance.
Because the tool scans AD then matches the host names of computers to their object names in SCCM, machines that have been removed from AD and still exist in SCCM will not be shown. 

Disclaimer.

Be sure to read the “readme” file in the download package for all T’s and C’s. All efforts have been put into testing this application.

Full code can be viewed here – Note this is created with PS studio therefore all object controls are held separately, if you would like the full code export with object controls, let me know. 


3 thoughts on “[PowerShell] Remove Objects Tool v1.0

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s