Sccm Disabled Machines
Question
Hi Team,
I want to exclude the Disable computers from SCCM.
To achieve this activity, I have created a Query based collection with the specific OU path where disabled computer reside however the computers are not getting added in that particular collection. Also, these disable computers are discovered in sccm as we are running the System discovery for All OU’s.
Below WQL query used:
select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where SMS_R_System.SystemOUName = “”
Troubleshooting steps performed :
- Checked in Sccm the disabled machines are showing under All Systems but not under Disabled collection which I created.
- Tried with Sql query to fetch the computers which specific OU but didn’t got any output
- Followed below article but couldn’t get anything with “4098”.
- https://social.technet.microsoft.com/Forums/systemcenter/en-US/041a95cb-6c65-4d64-abeb-8ec3fe9a69d7/cleaning-disabled-computer-accounts-from-sccm?forum=configmgrgeneral
Could you please suggest can we exclude the disable computers from SCCM by any other way.
Answers ( 8 )
Thanks, I will try.
Hi,
You need to add the attribute in system discovery then only computers enabled status will be fetched from active directory and updated in V_R_System view with columns name as enabled0 using this column. we can comes to know whether the object is enabled or disabled from AD.
Refer below link to add the custom attribute in AD system discovery.
https://www.systemcenterdudes.com/sccm-2012-custom-active-directory-attributes/
Thanks
Karthikeyan
Hi,
Yes. You can disable the computer object from respective collection using query membership rule. but you need to add the respective attribute in AD system discovery setting then only if the machines are discovered from AD even though if the object is part of your active OU. using the attribute we can filter in SCCM side.
first add the enabled attribute in AD system discovery and come back to us.
i will share the SQL or WQL query to exclude same in SCCM
Note:
SQL query is used in SQL server management studio to get the report.
WQL query is used in SCCM console to create the collection based on requirements.
Thanks
Karthikeyan.
Hi Karthikeyan,
Thanks for your response.
Do we need to define the attribute for all Systems (Active/Disabled) which are reporting in AD.
Eventually they would get deleted later as part of maintenance tasks however if you have separate OUs already why don’t you exclude that OU from the discovery itself ?
I guess it would be long term plan as your AD guys may be moving such objects to different OU before actual deletion so may go hand in hand for a long term plan.
Currently, we are not sure what are we going to do for disabled machines.
I tried to Exclude that particular OU from system discovery, but the machines didn’t went off. I waited for 2 hours only .
Hello Vani Sandhu, Really appreciable the way you provided the detailed info.
If the account is deactivated, SCCM cannot read the 4098 value, therefore it will still read inside SCCM as 4096.
Check the more details here – https://mickitblog.blogspot.com/2017/08/remove-ad-disabled-systems-from-sccm.html
Thanks Jitesh.
I went thru the article which you shared but in my case i don’t want to delete the disable machines for sometime.
Is there any way to get them added in collection.