Using Run Scripts feature in SCCM

Most of the ConfigMgr (MEMCM) admins often must take custom actions on a device or group of devices in a collection. These tasks could be running ConfigMgr client actions or making any ad-hoc changes to the system as required without user intervention.

 
 

While there any many third-party tools available that you can purchase and install in your SCCM environment. Not all organizations prefer to buy a such third-party solutions. Well, the good news is that now Microsoft has introduced the “Run Script” feature in ConfigMgr console to fulfill this task.

 
 

Benefits:

Running custom actions on multiple devices without user intervention and without connecting to machines using RDP, PowerShell, PsExec, etc.

No need to invest in any third-party solutions.

No need to create any Application, Package, or Configuration Item and Baselines to perform the custom task.

Runs under SYSTEM account context

 
 

Step by Step using the Run Script feature

 
 

Configuration Manager doesn’t enable this optional feature by default.

You must enable this feature before using it

 
 

ConfigMgr Console | Administration | Updates and Servicing | Features

Right click the feature “Create and run scripts” and select Turn On

 
 

Create your first custom script:

ConfigMgr Console | Software Library | Scripts

– Follow along the screenshots for step-by-step tutorial

 
 

 
 

 
 

 
 

 
 

 
 

 
 

 
 

This approval is primarily used for the testing phase of script development.

1. In the Configuration Manager console, click Administration.
   
2. In the Administration workspace, expand Site Configuration, and then click Sites.
   
3. In the list of sites, choose your site and then, on the Home tab, in the Sites group, click Hierarchy Settings.
   
4. On the General tab of the Hierarchy Settings Properties dialog box, clear the checkbox Script authors require additional script approver.
   

 
 

 
 

 
 

 
 

 
 

Running the script on a device or a collection of devices:

ConfigMgr console | Devices | select the device on which you want to run this script

Right Click and select “Run Script” | select your script from the list of scripts to run on this device.

 
 

 
 

 
 

 
 

Picture on console on checking script status

Realtime

Later in Script Status / monitoring tab

 
 

Picture on Client machine where the script is temp located.

 
 

Log files

On the client, by default in C:\Windows\CCM\logs:

Scripts.log

CcmMessaging.log

On the MP, by default in C:\SMS_CCM\Logs:

MP_RelayMsgMgr.log

On the site server, by default in C:\Program Files\Configuration Manager\Logs:

SMS_Message_Processing_Engine.log

 
 

Note:

• On client machines, it is recommended to exclude %windir%\CCM\ScriptStore so that the anti-malware software permits those features to run without interference.
  
• Microsoft Docs: https://docs.microsoft.com/en-us/mem/configmgr/apps/deploy-use/create-deploy-scripts