I have created Device information READ Security Role.just create new Security Role as shown bellow with just READ permission on Collection object.So you can create role, that will grant just read permissions over devices in some particular collection, read Bitlocker Recovery keys etc.Ĭreate Security Role for reading device information Security Roles allows you to delegate permissions to various part of SCCM. This step is necessary only if you don't want to use any of the predefined Security Roles.įor testing purposes, its ok to just use your SCCM admin account and omit this part In browser running under user, that has admin rights for SCCM open or check List all available classes section in Examples bellow.Use WMI Explorer to connect to your SCCM server WMI ROOT\SMS\site_ and try to find the right class on your ownġ.2.1 Check v1.0 source, if the information you are looking for, isn't there.In case you know, in what class are data you need stored, you can happily proceed to next sectionġ.2 Case 2 - I don't know the WMI class, that contains information I need.Find out, where the information you need is storedĪdministration Service offers two data sources. Network access to SCCMs 443 port (https).Account that has at least READ rights on SCCM (or part of its data) or be SCCM admin to define security roles and assign it to some account.SCCM with installed Administration Service role (SMS provider).Request the data from Administration Service API Add (service) account to created Security Role 1.2.1 Check v1.0 source, if the information you are looking for, isn't there.
1.2 Case 2 - I don't know the WMI class, that contains information I need.1.1 Case 1 - I know the exact WMI class, that contains information I need.
Find out, where the information you need is stored In this blog post I will show you, how to use this API to your advantage. We of course could've created admin account on SCCM server and utilize WMI to get such information, but there is nicer way and that is to use native SCCM REST API called Administration Service :) The reason behind this was to give our users option to wake their remote computers by WOL, just by creating JIRA ticket. In our company we have currently came across the situation, when we needed MAC addresses of computers managed by SCCM. SCCM (now MECM) WMI contains a lot of valuable information about your environment, devices etc.
0 kommentar(er)
