Zum Inhalt

SCCM – Delete computer object via powershell and wmi [edit]

After one hour of research i found a solution on how to delete a computer object in sccm from a remote computer via Powershell. First of all you need to get the computer object from your sccm namespace „ROOT\SMS\site_[yoursite] -> SMS_R_SYSTEM.
All machine items are stored in SMS_R_SYSTEM, so i used a wmi query with a filter to get the object i need.

There are several ways you can get the computer object, another example is a WMI query, that returns the object.

You should check if the $compObject is empty or not and if not you can just use psbase to delete the object from the sccm server completly (not only from the collection) by using this statement

 

How to deal with multiple objects [edit]

Special thanks to Leeni, who wrote a comment at this post on how to deal with multiple entries at your SCCM server. If your WMI query returns more than one object you have to handle this a bit different.
To check if your query returned more than one object try this:

or

Both properties are only set if your result contains more than one object, so you can easily check if these objects are empty or not.

If they are not empty you have to delete your $compObject this way

This pipes your syncroot object to a foreach loop (% is an alias for foreach) and delete every object one after another.

Veröffentlicht inSCCM

16 Kommentare

  1. Der Facebook Like Button wuerde sich gut im Blog machen, oder finde ich ihn nur nicht?

  2. Der Pendler Der Pendler

    Stimmt, der fehlte bei dem Eintrag, ich dachte ich hätte die überall eingebunden

  3. Leeni Leeni

    Check for „$compObject.psbase.length“ or „$compObject.psbase.syncroot“. If exist, then you have to delete via: $compObject.psbase.syncroot | % { $_.psbase.delete() }. Reason: Multiple ResourceIDs :-/.

  4. Thanks for your comment. Sometimes we have to deal with multiple sccm objects, so this is a good point. I add it to my post if it’s ok

  5. Leeni Leeni

    Null Problemo ;-).

  6. Great, thanks 🙂 (Added)^^

  7. someone someone

    In Leeni’s code, the following line should be replaced:
    „$compObject.psbase.syncroot | % { $_.delete() }“
    with:
    $compObject.psbase.syncroot | % { $_.psbase.delete() }

  8. Thanks for your comment. I replaced it :).

  9. Frank Frank

    Hi,

    wenn man den computer löscht, dann dauert es noch eine Weile bis SCCM ihn wirklich gelöscht hat. Was deinem Script noch fehlt wäre anschließend ein Update des SCCM, der die Zeit verkürzt.

    ZB sowas hier…
    Invoke-WmiMethod -Path „root/SMS/site_$($SiteCode):SMS_Collection.CollectionId=’SMS00001′“ -Name RequestRefresh -ComputerName $SiteServer #Update the default All Systems collection.

    Oder? Hast Du eine Idee?

  10. Hi Frank,
    danke für dein Kommentar.

    Bisher haben wir noch keinerlei Seiteneffekte beim entfernen von Objekten gemerkt. Da wir diesen Vorgang ab und zu von Hand ausführen und danach direkt per Wmi abfragen ob as entsprechende Objekt gelöscht ist haben wir kein Delay festgestellt. Was natürlich sein kann ist, dass die Ansicht im Configuration Manager das Objekt in der Sammlung noch anzeigt. Ich werde das mal überprüfen, wenn ich aus dem Urlaub zurück bin

  11. David David

    hi Marco,
    your post corresponds exactly to a current matter I am working on and I can not make it work.
    I have the following error :
    PS C:\Users\david> $compObject.psbase.delete()
    Exception calling „Delete“ with „0“ argument(s): „Generic failure “
    At line:1 char:1
    + $compObject.psbase.delete()
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : DotNetMethodException

    $compObject is the result of the following :
    PS C:\Users\david> $compObject = get-wmiobject -query „select * from SMS_R_SYSTEM WHERE Name=’servername'“ -namespace „ROOT\SMS\site_AAA“

    $compObject is composed of only one object.
    The account I use can create/modify/delete collections in a SCCM console but is not authorized to delete a Device through the console. I am wondering if it is not a matter of authorization but the error message does not mention such a problem.

    Any idea or experience,
    Thanks,
    Regards,

  12. Hi David,

    you try to get a correct error message, right?
    I don’t know why you don’t receive a correct return message. Maybe it isn’t correct handled within the SCCM WMI interface, or you are missing a parameter or something else. What kind of Sccm version do you use?

    I have seen something strange, while I tried to reproduce your example.
    I copied your example to my Powershell and added the „-computername xxx“ remoting parameter. Both examples seem to be the same, but if I try to use yours I receive the error at selecting the computer (not delete).
    Maybe there is a weird copy and paste special character problem?!
    Could you try copy and paste your example to notepad and copy and paste it back to your Powershell? Does the error persist?

    Regards,
    Marco

  13. David David

    Hi Marco,
    yes, I’d like the delete method to work in fact.
    The quotes and double-quotes were „altered“ during the copy/paste but that is not why I have an error trying to delete.
    Regarding the error I have when trying to delete, that is exactly my point: what parameter am I missing, and why don’t you need to mention one in your example ?
    If you have an idea,
    Regards,

  14. David David

    Hi Marco,

    My bad, I should not have trusted the administrators : I tested your method with two accounts, one I knew was not fully authorized, one I thought was.
    In the end, the account which I took for a „Full Administrator“ was not.
    Once corrected, the service account with „Full Administrator“ as a security role, can properly delete a DEVICE via the method you described. For anyone who may encounter the error I had, be sure to check the Security Roles used : the error message is clearly not meaningful.

    Regards,

  15. Never trust the admins :D.
    As you mention, the message isn’t meaningful.
    I couldn’t test it with a non privileged user, because we have only accounts with full read and write access. Anyway the error message should be more meaningful, to get directed into the right direction.

    Thanks for sharing the information 🙂

  16. Tony Tony

    Hello

    I am have built a collection in Configuration Manager to bring in a list of computers that have duplicate names. Here is the query that I am using.

    select R.ResourceID,R.ResourceType,R.Name,R.SMSUniqueIdentifier,R.ResourceDomainORWorkgroup,R.Client from SMS_R_System as r full join SMS_R_System as s1 on s1.ResourceId = r.ResourceId full join SMS_R_System as s2 on s2.Name = s1.Name where s1.Name = s2.Name and s1.ResourceId != s2.ResourceId

    I am working toward building a PowerShell Script which obtains the computer name in this collection and stores them in a variable. Next, I want to obtain the computer resources (e.g., ddr records) and store them in another variable using the first variable to pipe in the data, which I want to delete from the Configuration Manager database. I am having diffucilt with the last part of my script which is to delete the actual records from SCCM. Here is my code:

    #// required parameters
    $SCCMServer = „doit-sccm-site“
    $sitename = „PS1“
    $collectionID = „PS1009c8“

    #// Obtain collection members from $collectionID
    $SMSClients = Get-WmiObject -Query „SELECT * FROM SMS_FullCollectionMembership WHERE CollectionID=’$collectionID‘ order by name“ -ComputerName $SCCMServer -Namespace „ROOT\SMS\site_$sitename“

    #//looping construct to loop through all the colection members
    ForEach ($SMSclient in $SMSclients) {

    #// Loads computer records one at a time into $compobject variable using a ForEachloop to be deleted
    $compObject = get-wmiobject -query „select * from SMS_R_SYSTEM WHERE Name=’$($smsclient.name)'“ -computername $SCCMServer -namespace „ROOT\SMS\site_$sitename“

    #// Delete’s computer objects one at a time in $compObject variable from CM12 database
    $compObject.psbase.syncroot | % { $_.psbase.delete() }
    }

    What delete syntax should I use? When using $compObject.psbase.syncroot | % { $_.psbase.delete() }, I receive this error:

    ou cannot call a method on a null-valued expression.
    At line:23 char:35
    + $compObject.psbase.syncroot | % { $_.psbase.delete() }
    + ~~~~~~~~~~~~~~~~~~
    + CategoryInfo : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : InvokeMethodOnNull

    –Tony

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.