Q&A – Invoke Baseline evaluation on a device collection

 

 

So i got this question under the comments on my blogpost where i made a Powershell function that would invoke baseline evaluation on a single machine https://timmyit.com/2016/07/26/sccm-and-powershell-trigger-baseline-evaluation-on-client/ and i thought i would answer it through this blog post.

 

Question:

 

Looking for This same powershell script for this one. But, I need one for “all systems” for SCCM. Can you help me with that. Thank you very much! I’m not a powershell scripter at all. But, getting all more baselines in compliance and now having to manually force to evaluate is a pain.. In my environment I have 44,000 devices.. and I have 15 baselines that I need to be in compliance. Thank you very much! Karen

 

Answer:

 

Thanks for your question Karen and i will try to help, below you will find a function that will do what you are asking for but i do need to highlight some things. First of all if you have 44,000 devices and want to run this script against every single one of them it will take a long time for it to finish. One could also add multi threading of course or run it as a job to speed up the process somewhat but it gets complicated really fast and i do prefer to keep it simple.

Lets say it takes an average of 3 seconds per node to Invoke all 15 baselines with this script (not counting nodes thats offline or commuinication failures where powershell will have to timeout) and you have 44,000 of them, that will take approximately 36 hours for the script to finish.

 

If i were you, i would take a look at changing the Compliance setting and the Schedule compliance evaluation. By default it’s set to every 7 days but maybe you want to run it once a day instead ? If not, the Powershell script is listed below.

 

 

2

 

 

The Script:

 


function Invoke-BLEvaluation
{
param (
[String][Parameter(Mandatory=$true, Position=1)] $DeviceCollection,
[String][Parameter(Mandatory=$true, Position=2)] $SiteServer,
[String][Parameter(Mandatory=$true, Position=3)] $SiteCode,
[String][Parameter(Mandatory=$False, Position=4)] $BLName
)
Try
{
$Collection = Get-Wmiobject -NameSpace "ROOT\SMS\site_$SiteCode" -Class SMS_Collection -ComputerName $siteServer | Where-Object {$_.Name -eq "$DeviceCollection"}
$Members = Get-WmiObject -Namespace "ROOT\SMS\site_$SiteCode" -ComputerName $SiteServer -Query "SELECT * FROM SMS_FullCollectionMembership WHERE CollectionID='$($Collection.CollectionID)'"
$Computers = $Members.resourceid

Foreach ($Computer in $Computers)
{
If ($BLName -eq $Null)
{
$Baselines = Get-WmiObject -ComputerName $Computer -Namespace root\ccm\dcm -Class SMS_DesiredConfiguration
}
Else
{
$Baselines = Get-WmiObject -ComputerName $Computer -Namespace root\ccm\dcm -Class SMS_DesiredConfiguration | Where-Object {$_.DisplayName -like $BLName}
}

$Baselines | % {

([wmiclass]"\\$Computer\root\ccm\dcm:SMS_DesiredConfiguration").TriggerEvaluation($_.Name, $_.Version)

}
}
}
Catch
{
}
}

 

Example: 

 

To call the function:


Invoke-BLEvaluation -DeviceCollection "All systems" -SiteServer "localhost" -SiteCode "TS1"

 

Following parameters needs to be declared,

 


$DeviceCollection,
$SiteServer,
$SiteCode,

 

and optionally is

 

$BLName

 

$DeviceCollection = The device collection you want to run the script against

$SiteServer = Site server for your SCCM environment (in my example i just ran it locally on my SiteServer so that’s why i specified localhost)

$SiteCode = Site code of the SCCM Site you wan’t to run the script against.

 

and it will look something like this:

 

1

 

Regardless which option you go for it still will be faster then doing it all manually haha, so pick whatever suits your needs the best.

 

If you liked my post and found it helpful please share it and also you can follow me on social media.

 

Cheers,

Timmy