Awesome
PSDiscoveryProtocol and SCCM HW Inventory
This is a proof of concept to demonstrate how to add information about the network device on the other end of your computer's wired connection to the SCCM Hardware Inventory.
Switches and other network devices can send advertisements containing information such as system name, port id, IP address, model number etc.
Our goal is to use PSDiscoveryProtocol to capture those advertisements, and store information from them in a new CIM class. The CIM class can then be included in the SCCM Hardware Inventory.
Computer Requirements
- Windows 10
WinRM and PowerShell Remoting must be enabled(Not required in PSDiscoveryProtocol 1.3.0)- Windows PowerShell 5.1 or later
- PSDiscoveryProtocol
Network Device Requirements
- CDP or LLDP must be enabled
Check for advertisements
Some network admins disable CDP and LLDP as a security measure. Before we do anything in SCCM we need to check if our network device is actually sending advertisements.
Install PSDiscoveryProtocol
Install-Module PSDiscoveryProtocol
Import-Module PSDiscoveryProtocol
Test PSDiscoveryProtocol
Invoke-DiscoveryProtocolCapture -Type CDP | Get-DiscoveryProtocolData
Invoke-DiscoveryProtocolCapture -Type LLDP | Get-DiscoveryProtocolData
The information returned by the commands above is what we have to work with when creating our new CIM class.
Setup PSDiscoveryProtocol Baseline
The script Install-PSDiscoveryProtocolBaseline.ps1 will do most of the heavy lifting for us. You should always read through and try to understand it before you run anything you find online.
The script in the Configuration Item will install the package provider NuGet and the PSDiscoveryProtocol module. If you decide to deploy PSDiscoveryProtocol using a package in SCCM or some other way, you can remove this from the script:
if ('NuGet' -notin (Get-PackageProvider).Name) {
Install-PackageProvider -Name NuGet -Force | Out-Null
}
if ('PSDiscoveryProtocol' -notin (Get-InstalledModule).Name) {
Install-Module -Name PSDiscoveryProtocol -Repository PSGallery -Confirm:$false -Force | Out-Null
}
- Download Install-PSDiscoveryProtocolBaseline.ps1.
- Start Configuration Manager Console and click on the dropdown menu in the top left corner.
- Click Connect via Windows PowerShell ISE.
- Press F5 to run the script. Prompt should change to
PS SITECODE:\>
- Open Install-PSDiscoveryProtocolBaseline.ps1 in Windows PowerShell ISE.
- Press F5 to run the script.
- You will be prompted for
MyTestCollection
. Type the name of your collection. This collection must already exist. - You will be prompted for
DiscoveryProtocolType
. TypeCDP
orLLDP
. - Wait for the script to finish.
- Go back to Configuration Manager Console.
- Navigate to \Assets and Compliance\Overview\Compliance Settings\Configuration Items.
- Right click PSDiscoveryProtocol and click Properties.
- Click Supported Platforms and unselect everything but Windows 10. Click OK.
- Run Download Computer Policy on your test collection.
- Trigger baseline evaluation on computers in your test collection.
- Go to \Administration\Overview\Client Settings.
- Right click Default Client Settings and click Properties.
- Click Hardware Inventory and Set Classes... then click Add... and Connect....
- Connect to one of the computers where the baseline succeded, then find and select PSDiscoveryProtocol in the list of inventory classes.
- Run Collect Hardware Inventory on your test collection.
The report named PSDiscoveryProtocol under \Monitoring\Overview\Queries should soon start to fill up.
If you want to check the contents of your new class you can run the following on one of the computers in the test collection:
Get-CimInstance -ClassName PSDiscoveryProtocol
Trigger PSDiscoveryProtocol Baseline Evaluation
$Parameters = @{
ComputerName = $env:COMPUTERNAME
Namespace = 'root\ccm\dcm'
Class = 'SMS_DesiredConfiguration'
}
$Baseline = Get-CimInstance @Parameters -Filter 'DisplayName="PSDiscoveryProtocol"'
if ($Baseline) {
$Arguments = @{
Name = $Baseline.Name
Version = $Baseline.Version
}
Invoke-CimMethod @Parameters -MethodName TriggerEvaluation -Arguments $Arguments
}
Known issues
Compliance error 0x87d00321
This means the script timed out. Maximum execution time for a script is 60 seconds. CDP packets are advertised every 60 seconds by default and PSDiscoveryProtcol will capture for 62 seconds just to make sure we don't miss out on a packet. You have several options to fix this issue:
- Change CDP advertisement interval to something lower than 60 seconds.
- Increase maximum execution time for scripts.
- Decrease duration for PSDiscoveryProtocol.