Lately I’ve been experimenting with building a web service. It mainly started out with a need for a particular customer of mine that needed to get the primary user and device relationships during OSD. I turned to Maik Koster’s excellent web service, but found out that it did not include any web method that I needed in this case. That kind of got me started by attempting to create one of my own. After a few failed attempts and a steep learning curve, I got my first web method working that I needed for the project. But why stop there? I had a few other ideas that I wanted to implement as well. Before we continue, I want to give a shout out to Johan Arwidmark who sat down with me during Ignite to find out what how to determine if a task sequence is deployed hidden or not.
Today, I’m releasing my ConfigMgr WebService publicly. In this post, I’ll go cover it’s intentions and functionality and how you can get it setup in your environment.
The ConfigMgr WebService has been designed to extend the functionality of Operating System Deployment with Configuration Manager 2012 (and above). Included in this web service, are the following web methods:
- Get Primary User by Device
- Get Primary Device by User
- Get Boot Image Source Version
- Get Deployed Applications by User
- Get Deployed Applications by Device
- Get Hidden Task Sequence Deployments
In the documentation section of this post, you’ll find sample scripts that could be used to invoke any of the web methods mentioned above.
Download ConfigMgr WebService
In order to get your hands on the bits for this web service, you have some options. You can download the source code from my GitHub page, and compile the web service yourself. For installation instructions, follow what’s outlined in the README.md file in the repository. You can visit my GitHub page from the link below:
Your other option is to download a compiled version of the web service, ready for use. This version has been made available on TechNet Gallery:
I’ve published the source code for the purpose of making it available for those organisations that cannot leverage untrusted publishers, but also if you’d want to get your hands dirty and have a look at it.
To successfully run this web service, you’ll need to have IIS installed on a member server with ASP.NET enabled. Easiest way to get going is to install the ConfigMgrWebService on the same server as where your Management Point role is hosted. You’ll also need to have a service account for an application pool in IIS, that will be created. It’s recommended that you add the service account in ConfigMgr with Full Administrator privileges.
The instructions below are for the already compiled version of the ConfigMgr WebService.
Create folder structure
1. Create a folder in C:\inetpub called ConfigMgrWebService. Inside that folder, create a folder called bin.
2. Download and extract the contents from the zip file on TechNet Gallery into C:\inetpub\ConfigMgrWebService.
3. Locate AdminUI.WqlQueryEngine.dll and Microsoft.ConfigurationManagement.ManagementProvider.dll in the ConfigMgr console installation location and copy them to C:\inetpub\ConfigMgrWebService\bin.
Add an Application Pool in IIS
1. Open IIS management console, right click on Application Pools and select Add Application Pool.
2. Enter ConfigMgrWebService as name, select the .NET CLR version .NET CLR Version v4.0.30319 and click OK.
3. Select the new ConfigMgrWebService application pool and select Advanced Settings.
4. In the Process Model section, specify the service account that will have access to ConfigMgr in the Identity field and click OK.
Add an Application to Default Web Site
1. Open IIS management console, expand Sites, right click on Default Web Site and select Add Application.
2. As for Alias, enter ConfigMgrWebService.
3. Select ConfigMgrWebService as application pool.
4. Set the physical path to C:\inetpub\ConfigMgrWebService and click OK.
Set Application Settings
1. Open IIS management console, expand Sites and Default Web Site.
2. Select ConfigMgrWebService application and go to Application Settings.
3. Enter values for each application settings, SiteServer being the server where the SMS Provider is installed, SiteCode being the site code of your site and SecretKey being a custom string that you create yourself.
You should now be able to browse to e.g. https://localhost/ConfigMgrWebService/ConfigMgr.asmx and see the following:
When calling the web service methods, you’ll need to pass along a secret key that matches what’s specified for the SecretKey application setting in web.config as a parameter. Without this parameter, the method will be invoked properly. This is a somewhat reasonable security mechanism (at least it’s something) that prevents unathorized users to invoke the methods and retrieve data from your ConfigMgr environment. It’s recommended that you generate a GUID and enter that as the SecretKey.
|GetPrimaryUserByDevice||This method returns all primary user associated for a specified device.||deviceName (string), secretKey (string)|
|GetPrimaryDeviceByUser||This methods returns all primary devices associated with a specified user.||userName (string), secretKey (string)|
|GetDeployedApplicationsByUser||This methods returns a list of all applications deployed targeting a specified user.||userName (string), secretKey (string)|
|GetDeployedApplicationsByDevice||This methods returns a list of all applications deployed targeting a specified device.||deviceName (string), secretKey (string)|
|GetHiddenTaskSequenceDeployments||This method returns a list of all task sequences deployed (available and required) as hidden.||secretKey (string)|
|GetBootImageSourceVersion||This method returns the source version of a specified Boot Image.||packageId (string), secretKey (string)|
Below is a sample script that you can use to connect to the web service and invoke one of the methods. Reference the above documentation for the different web methods in order to set the proper parameters per method.
# Connect to web service $URI = "https://localhost/ConfigMgrWebService/ConfigMgr.asmx" $Web = New-WebServiceProxy -Uri $URI # Invoke method $Web.GetDeployedApplicationsByUser("username", "yoursecretkeydefinedinapplicationsettings")