Skip to content

Josh's IT-Blog

Information Technology, and other interesting things …

  • Home
  • About
  • Contact
  • Links
  • Home
  • About
  • Contact
  • Links

getting Security Scopes of SCCM folder

  1. Home   »  
  2. getting Security Scopes of SCCM folder

getting Security Scopes of SCCM folder

7. February 202021. October 2020 Burkard JoshGeneral

since version 1906 SCCM supports role-based access control (RBAC) for folders. This can be configured trough the SCCM console or (recommended) PowerShell.

unfortunattely the current version of the commandlet Get-CMObjectSecurityScope doesn’t support any folder as InputObject. so, if you want to know, which Security Scope is allowed to see a folder, you have to use this:

$PathName = 'LAB:\DeviceCollection\FolderName\SubFolder' 
$SiteCode = 'LAB'
$SiteServer = 'server.domain.net'

Import-Module "$($ENV:SMS_ADMIN_UI_PATH)\..\ConfigurationManager.psd1" -Scope Global -ErrorAction SilentlyContinue -WarningAction SilentlyContinue
New-PSDrive -Name $SiteCode -PSProvider CMSite -Root $SiteServer -Scope Global | Out-Null
Set-Location -Path "$( $SiteCode ):\"

$Folder = Get-Item $PathName 
Get-WmiObject -ComputerName $SiteServer -Namespace "root\sms\site_$( $SiteCode )" -Query "SELECT * FROM SMS_SecuredCategoryMembership WHERE ObjectKey = '$( $Folder.ContainerNodeID )'" | ForEach-Object { Get-CMSecurityScope -Id $_.CategoryID }

to add or remove any SecurityScopes to a Folder, you can use this build-in commandlets:

Add-CMObjectSecurityScope -InputObject $Folder -Name $SecurityScopeName
Remove-CMObjectSecurityScope -InputObject $Folder -Name $SecurityScopeName

Post navigation

Previous: Pester tests for PowerShell modules
Next: Windows Azure Pack doesn’t show Automation dashboard after updating SMA

About

Author Image
My name is Josh Burkard.
I'm a DevOps Engineer working with one of Europees largest payroll provider. in my work I have a lot to do with Microsoft server operating systems, System Center, VMware, Microsoft Azure Cloud and other software.
On this site I will write some posts about different technology problems and their solutions.
please note also my tweets and retweets from this area.

Categories

  • General (13)
  • Hardware (9)
    • Network (8)
      • Cisco (2)
    • Storage (2)
  • Hiking (1)
  • Home Assistant (5)
  • Microsoft Azure (1)
    • Automation (1)
  • PowerShell (3)
  • Software (1)
    • Excel (1)
  • System Center (18)
    • SCCM (3)
    • SCDPM (1)
    • SCOM (12)
    • SCSM (1)
    • SMA (1)
  • VMware (8)
  • Windows 2008 R2 (10)
    • Active Directory (7)
  • Windows 2012 R2 (1)
  • Windows 2016 (1)
  • Windows 7 (4)
    • BitLocker (1)
  • WordPress (1)
Proudly powered by WordPress | Theme: goldy-mex by inverstheme.