Tracking T2 Macs by collecting custom inventory data

0 users found this article helpful

Description

Starting from Parallels Mac Management 7.1, custom inventory reporting is supported.

In SCCM 1706 and above, there is a default TPM Status (SMS_TPM) class.

TPM stands for Trusted Platform Module. TPM Status class was originally created for tracking this module on various Windows devices.

Parallels Mac Management enables possibility to adapt this class for Mac devices.

NOTE: SCCM versions below 1706 have to import this class.

Enabling custom inventory and TPM Status class

1. Open SCCM Console \Administration\Overview\Client Settings > Default Client Settings > Properties:

2. Switch to Hardware Inventory and set Collect MIF Files to Collect IDMIF Files:

3. Click Set Classes and look for TPM Status class:

4. Enable it and click OK on Hardware Inventory Classes window:

5. Click OK on Default Settings window:

Creating Configuration Item with Discovery Script

1. Download and unzip the attached script on the machine with SCCM Console and Parallels Mac Management Console Extension installed.

2. Create new Configuration Item at SCCM Console \Assets and Compliance\Overview\Compliance Settings\Configuration Items:

3. Name it, set type to Mac OS X (custom) and click Next:

4. Ensure that Select All is checked in order to include Mac OS X versions that are not listed specifically. (e.g. 10.15) and click Next:

5. Change Settings type to Script, Data type to String, name the setting and click Add Script...

6. Click Open and navigate to unzipped custom_inventory_sms_tpm.sh:

NOTE: If you click OK and then reopen this window, the script will be displayed correctly.

7. Click OK on Edit Discovery Script and then on Create Setting window.and click Next:

8. Name the Rule and click Browse:

9. Highlight Setting that was just created and click Select:

10. Once the setting is selected, click OK on Create Rule window:

11. Click Next on Compliance Rules and Summary pages and wait for Progress:

12. Click Close:

Creating and Deploying Configuration Baseline

1. Switch to Configuration Baselines and create a new one:

2. Name it and click Add > Configuration Items:

3. Find the previously created Configuration Item in the lis, Add it and click OK:

4. Click OK to finish creating Configuration Baseline:

5. Deploy Configuration Baseline to All Mac OS X Systems collection:

NOTE: It's possible to use child collection as well.

6. After getting all the latest policies, Deployment will display percentage of Macs with successful script execution:

Updating Hardware Inventory and checking TPM Status summary

Hardware Inventory will be updated according to it's schedule or you may also trigger it manually from Mac Client or from SCCM Console, as long as Mac is reachable.

If Mac is able to get policies, it might be better to adjust schedules for Policies Polling Interval and Hardware Inventory Schedule in Default Client Settings.

This way it's possible to obtain information a bit faster if there is urgency.

NOTE: Do not forget to change schedule back afterward, as it will cause additional load on SCCM server.

You may download the attached query and then use it at SCCM Console \Monitoring\Overview\Queries to check the results of script execution for every Mac that was reported as compliant.

Results will look as follows:

NOTE: After Importing Query, please make sure to open it's Properties and set Limit to collection value.

Query Language:

select SMS_R_System.Name, SMS_R_System.IPAddresses, SMS_G_System_TPM_STATUS.IsReady, SMS_G_System_TPM_STATUS.IsApplicable from  SMS_R_System inner join SMS_G_System_TPM_STATUS on SMS_G_System_TPM_STATUS.ResourceID = SMS_R_System.ResourceId

Also, results can be checked from Resource Explorer, individually for each Mac:

 

Was this article helpful?

Tell us how we can improve it.