Preparing for SCCM – enabling Secure Key Exchange

2Mar/080

Preparing for SCCM – enabling Secure Key Exchange

I found this interesting forum post on the msft forums. This code will help you change all your sites to require secure key exchange.

here's the post: http://forums.microsoft.com/TechNet/ShowPost.aspx?PostID=2796017&SiteID=17

on error resume next ' Setup a connection to the local provider. Set swbemLocator = CreateObject("WbemScripting.SWbemLocator") Set swbemServices= swbemLocator.ConnectServer(".", "root\sms") Set providerLoc = swbemServices.InstancesOf("SMS_ProviderLocation") For Each Location In providerLoc If location.ProviderForLocalSite = True Then Set swbemServices = swbemLocator.ConnectServer(Location.Machine, "root\sms\site_" + Location.SiteCode) siteCode = Location.SiteCode Exit For End If Next

Set swbemContext = CreateObject("WbemScripting.SWbemNamedValueSet") swbemContext.Add "SessionHandle", swbemServices.ExecMethod("SMS_SiteControlFile", "GetSessionHandle").SessionHandle

' How to list the site security mode from the site control file. Call SetSecureKeyExchange(swbemServices, swbemContext, siteCode, 0) Sub SetSecureKeyExchange(swbemServices, _ swbemContext, _ siteCode, _ enableDisableFlag)

' Load site control file and get the SMS_SCI_SiteDefinition section. swbemServices.ExecMethod "SMS_SiteControlFile.Filetype=1,Sitecode=""" & siteCode & """", "Refresh", , , swbemContext Query = "SELECT * FROM SMS_SCI_SiteDefinition " & _ "WHERE ItemName = 'Site Definition' " & _ "AND SiteCode = '" & siteCode & "'"

' Get the Site Definition properties. Set SCIComponentSet = swbemServices.ExecQuery(Query, ,wbemFlagForwardOnly Or wbemFlagReturnImmediately, swbemContext)

'Only one instance is returned from the query. For Each SCIComponent In SCIComponentSet 'Loop through the array of embedded SMS_EmbeddedProperty instances. For Each vProperty In SCIComponent.Props ' Setting: Allow unknown child sites aka check the box ' require secure key exchange If vProperty.PropertyName = "Allow unknown child sites" Then wscript.echo "Site Code: " & SiteCode wscript.echo vProperty.PropertyName wscript.echo "Current value: " & vProperty.Value wscript.echo "Resetting value to: " & enableDisableFlag

' modify the value vProperty.Value = enableDisableFlag

' Save the properties SCIComponent.Put_ , swbemContext End If Next Next

'Commit any changes to the actual site control file. Set InParams = swbemServices.Get("SMS_SiteControlFile").Methods_("CommitSCF").InParameters.SpawnInstance_ InParams.SiteCode = siteCode swbemServices.ExecMethod "SMS_SiteControlFile", "CommitSCF", InParams, , swbemContext

' Release the copy of the site control file. swbemServices.Get("SMS_SiteControlFile").ReleaseSessionHandle swbemContext.Item("SessionHandle").Value End Sub

Share and Enjoy:

Enjoy this article?

Consider subscribing to our rss feed!

About Tom Lasswell

about myself.

Tagged as: ConfigMgr, script Leave a comment

This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.

Comments (0) Trackbacks (0) ( subscribe to comments on this post )

No comments yet.

No trackbacks yet.

« Datacenter Storage datacenter build »

Twitter Feed

@kix1979 link? What's the free connector? 2010/07/21
@vStorage finally! been looking forward to this feature. glad it's finally there. nice writeup btw. 2010/07/19
@3parfarley been using that for about a year now. :) when i first used it finally got a correct pizza order. hah 2010/07/19

TechColumnist Storage Information Blog