SCCM CB Run PowerShell Script Directly from Collection


SCCM CB fast channel has an option to push PowerShell scripts to devices. This PowerShell scripts can be pushed almost in the real-time. This real time push of RUN PowerShell script is explained in the video tutorial attached above. In this post, we will see “SCCM Run Scripts options and architecture”.

I have an another post explains about “What is Fast channel push notification” and the new communication channel between SCCM server components and clients. More details about Real-Time Graphical Representation SCCM Run Script Results.

SCCM 1810 Updates – Improvements in SCCM Run Scripts

There are many improvements for SCCM run scripts deployment in the recent releases of SCCM . One of the latest release is SCCM 1810 and following are some of the improvements which Microsoft brought in.

With SCCM 1810,  you can now view detailed script output in raw or structured JSON format. The following SCCM script performance and troubleshooting improvements apply from SCCM 1810 version onwards:

  • Updated SCCM 1810 clients return output less than 80 KB to the site over a fast communication channel. This change increases the performance of viewing script or query output.
  • Additional logs for troubleshooting as I mentioned in the CMPivot post.

What is the process of pushing PowerShell scripts using SCCM Right Click Option?

SCCM CB Run PowerShell Script

  1. Enable Create and Run Script feature
  2. Import PowerShell Script
  3. Approve or Decline the PowerShell Script
  4. Right click on Device collection and run the script
  5. Get the status of PowerShell script execution via Monitoring workspace

SCCM CB 1706 supports pushing normal PowerShell scripts using this method. But, SCCM team included two new features in Run  Script option in SCCM CB preview releases. SCCM Run Scripts architecture details are explained.

  • Read parameters from the PowerShell script.
  • PowerShell script parameters capabilities improved to detect mandatory and optional parameters and prompt you to enter mandatory and optional parameters.

Why is “Script” node not visible in SCCM CB console?

Create and Run Script is a pre release feature of SCCM CB 1706. Script node is visible in Software Library workspace. So, if you have not enabled this feature from “Administration – Updates & Servicing – Features”. Navigate through the console path \Administration\ Overview\Updates and Servicing\Features. Right click on “Create and Run Script” feature and select Turn On.

How to Import PowerShell Script to SCCM CB?

As I explained in the video here, navigate via SCCM console Software Library workspace (“\Software Library\Overview\Scripts”) and click on Scripts node. Right click on script node and select Create Script option. Script wizard will guide you to import PowerShell script to SCCM CB.

Provide appropriate Script name “Create Files and Folders”. The supported script language is ONLY PowerShell now. May be, we will have some other supported options in the near future. Don’t expect SCCM to check the PowerShell script syntax errors before importing to SCCM.

How to Approve PowerShell Script via Fast Channel Push method?

To avoid accidental PowerShell script push to devices, SCCM team included an approval flow into the Run Script engine. By default, you can’t approve your own PowerShell script.

To enable the approval script option to yourself, you have to disable the following option from Hierarchy settings properties “Do Not Allow Script authors to approve their own scripts“.

You can right click on the script you want to execute and select Approve/Deny button. Approve or Deny script wizard will walk you through the script Approval process. You can see more details in the video guide here.

How to Execute the PowerShell Script via SCCM CB Fast Channel using Push method? SCCM Run Scripts?

Once the Script is approved from SCCM then, that script will be available for execution. The initiation of PowerShell script is done from "\Assets and Compliance\Overview \Device Collections" in SCCM CB console. Select the device collection you want to target for the execution of the PowerShell script and right click on the collection – select Run Script option.

Run script wizard won't show all the PowerShell scripts imported into SCCM. The Run Script wizard will only show the scripts which are APPROVED by admins. You can select one approved script at a time from SCCM Console.

End User Experience of Run PowerShell Script via Fast Channel Push method?

Once the script is initiated for a collection, all the devices with proper SCCM client version (SCCM CB 1706 and above) will get the push notification for executing a script. The SCCM client Windows 10 devices will immediately execute the script on the device.

As you can see in the video here, I initiated a files and Folders creation script to Windows 10 device. SCCM client got notification from notification server and immediately executed the script on Windows 10 machine. The script created 20 files and folders in C drive Root of Windows 10 device.  I have an another post explains about troubleshooting of running a script  “What is Fast channel push notification“.

How to Monitor the Execution of PowerShell Script through Push channel?

Once the PowerShell script is executed on Windows 10 machine then, the client will send the result to SCCM notification server. You can see the results in "\Monitoring \Overview\ Client Operations". Operation Name is "Run Script", and each task will be active for 1 hour if I'm not wrong.

References :-

  • Video Guide to Troubleshoot SCCM CB Fast Channel Push Notification Issues – here
  • Fast Channel Client Notification in SCCM  – Here
  • Fast channel notification and MP replica issues – Here
  • What’s New With ConfigMgr’s Client Notification Feature – Here



