WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000121}" /NOINTERACTIVE
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000003}" /NOINTERACTIVE
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000010}" /NOINTERACTIVE
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000001}" /NOINTERACTIVE
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000021}" /NOINTERACTIVE
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000022}" /NOINTERACTIVE
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000002}" /NOINTERACTIVE
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000031}" /NOINTERACTIVE
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000108}" /NOINTERACTIVE
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000113}" /NOINTERACTIVE
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000111}" /NOINTERACTIVE
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000026}" /NOINTERACTIVE
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000027}" /NOINTERACTIVE
WMIC /namespace:\\root\ccm path sms_client CALL TriggerSchedule "{00000000-0000-0000-0000-000000000032}" /NOINTERACTIVE
I recently found in our infrastructure that a lot of new Windows Server 2012 Core Edition were installed for specific reason. This edition can cause some problems to administrators that are not aware of SCCM commands.
Here is the list of actions that will be covered in this post:
- Configuration Manager client services and properties
- Configuration Manager agent scan trigger
- EndPoint Protection client installation and properties
- Logs directory
There’s a lot of commands that can be execute but I will give you the minimum to remember.
From ‘cmd’, type those commands for configuration manager.
Configuration Manager Client Scan Trigger with WMI
You can also trigger agent from WMI command line if you don’t want to open the configuration manager properties.
Troubleshooting
Make sure to run those commands as administrator else you will receive an access denied error message.
If the execution is successful, you should see something like this.
Configuration Manager Client Scan Trigger with Powershell
*** Update : 2014-10-30 *** Thanks to MaxFlipz for this addition.
Powershell can also be used to launch scans on clients whether local or remote. Simply use the commandInvoke-WMIMethod:
$Server = Server Name where you want to run the trigger. You can remove -ComputerName if you are locally on the server.
Endpoint Protection Client Installation and Properties
*** Update : 2015-05-08 ***
You can install an EndPoint Protection client locally on a machine with FEPInstall.exe. Simply copy the file somewhere locally on the device and execute with an elevated command prompt.
You can refer to TechNet for more details about FEPInstall.
You can manage a local EndPoint Protection client with MpCmdRun.exe. This table shows switches that can be used with the command line.
Use MpCmdRun alone to see additional information about the switches.
You will receive a return code if you use switch -Scan.
- 0 if no malware is found or successfully remediated
- 2 if malware is found and not remediated
Logs
You can find configuration manager logs in C:\Windows\CCM\Logs for any troubleshoot orC:\Windows\CCMSetup for installation logs.
You are now ready to troubleshoot client on a Windows Server 2012 Core Edition.
댓글 없음:
댓글 쓰기