Author Posts

May 6, 2015 at 7:32 pm

I am using PowerShell to add user collections to my Configuration Manager

The Command is: Add-CMUserCollectionDirectMembershipRule -CollectionName "All Mobile Devices" -ResourceId " "

I want to make the membership rule an Active Directory User Group but I am not sure how to Query the Resource ID for an Active Directory User Group. I have to use the Resource ID and not the name

Please help me figure out how to do this or if you know another way to do this let me know

Thanks

May 7, 2015 at 5:03 am

I don't believe you can use AD groups for membership in SCCM. Collections are filled either by SCCM query (of SCCM objects) or by Direct Rule, which is what are doing. The ResourceID is the uniqueIdentifier for a SCCM object (e.g. computer or user). I don't have SCCM in my environment, but you would have to do something like this:

Get users in ADGroup
Get resourceID associated with that name
Put resourceID in Collection

foreach ($adUser in (Get-ADGroupMember -Identity MyAdGroup)){
    try{
        $resourceID = Get-CMUser -Name $adUser.Name -ErrorAction Stop | Select -ExpandProperty ResourceID
        try {
            Add-CMUserCollectionDirectMembershipRule -Identity MySCCMCollection -ResourceID $resourceID
        }
        catch {
            "Issue adding user {0} to collection. {1}" -f $adUser.Name, $_.Exception.Message
        }
    }
    catch {
        "Issue finding SCCM user with name {0}.  {1}" -f $adUser.Name, $_.Exception.Message
    }
}

Again, I did not test this, but I think the logic will get you on the right path.