Approval request notification for Systems Center 2012 Configuration Manager


My favorite feature in Systems Center 2012 Configuration Manager (Configuration Manager) is without a doubt the new and shiny self-service Application Catalog portal. The new Application Catalog feature is packed with benefits for both the application owner and the end user. As an IT department or Line of business (LOB) application owner, you can easily make all or some of your applications available to users via an internal web portal. As an end-user, if you need to obtain a new business application all you need to do is pay a visit to your company’s internal application portal, search or select the application you’re interested in and install it all by yourself.


However, Configuration Manager Application Catalog is not a free for all place where users can install any application they like. First, when end-users visit the application portal, they will only see those applications they’ve been granted explicit access to by the application owner. Second, for many reasons (licensing being one of them), corporations may require a manager’s approval before an end-user can install a particular application. This is where Configuration Manager Application Catalog’s approval workflow feature comes in.

If the application owner requires administrator or manager’s approval before a user can install a particular application, the user will be able to submit a request for approval directly from the application portal.


After submitting a request for approval using my lab, I quickly realized that, well I realized that nothing else happened. It was at that moment that I started pondering (just like you are now I am sure): If a user goes to the Configuration Manager Application Catalog portal and submits a request for approval but no one knows about it, did the request really happen?

You see, as of RC2, Configuration Manager has no ability to notify administrators/approvers when users submit requests for approval from the Application Catalog site. Firing up the Configuration Manager Console and navigating to the “Approval Requests” section is the only way to see and manage (approve/deny) user requests. See below.


Now, before you head out to find your pitch forks and shovels, you may want to consider that Configuration Manager provides a very handy API that allows developers to easily query the Application Catalog for new user requests. The bad news here is that there’s no built-in mechanism to notify administrators of new requests but the good news is that you can build your own and have it do anything you like. J

For instance, I was able to build a VB.NET Windows service that queries Configuration Manager at a configurable time interval and retrieves any new user requests.


To obtain the list of requests from Configuration Manager, you simply query the UserApplicationRequest class and retrieve all entries that have the CurrentState property set to 1.

The following sample WMI query retrieves all user requests from Configuration Manager 2012:

strComputer = "."

Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\SMS\site_P01")

Set colItems = objWMIService.ExecQuery( _

"SELECT * FROM SMS_UserApplicationRequest",,48)

For Each objItem in colItems

Wscript.Echo "-----------------------------------"

Wscript.Echo "SMS_UserApplicationRequest instance"

Wscript.Echo "-----------------------------------"

Wscript.Echo "Application: " & objItem.Application

Wscript.Echo "UniqueID: " & objItem.CI_UniqueID

Wscript.Echo "RequestGUID: " & objItem.RequestGUID

Wscript.Echo "CurrentState: " & objItem.CurrentState

Wscript.Echo "Comments: " & objItem.Comments

Wscript.Echo "ModelName: " & objItem.ModelName

Wscript.Echo "LastModifiedBy: " & objItem.LastModifiedBy

Wscript.Echo "LastModifiedDate: " & objItem.LastModifiedDate

Wscript.Echo "User: " & objItem.User

Wscript.Echo "RequestHistory: " & objItem.RequestHistory

Wscript.Echo "UserSid: " & objItem.UserSid


Once I have the list of user requests, all I need to do is send a notification email to the application approvers using the provided email address or Distribution List. Lastly, I store each Request GUID in a text file with today’s date so that approvers are notified only once-per-day.


After the approvers receive the notification email, they can fire up the Configuration Manager Console and approve or deny the user requests.

I know, I know. You’re thinking that now that you solved the email notification issue you still have to use Configuration Manager’s Console to manage these requests. You may also be thinking of creative ways to deploy the console across your organization to all your approvers and administrators. A daunting task, no doubt!

Luckily, once again, there’s no need to panic. Using the same API, you can create a custom (web) interface to allow approvers and admins the ability to manage user requests without having to rely on the Configuration Manager Console. However, that as they say, is a topic for another day and will be covered on my next blog post on the topic. For now, thank you for your time and I look forward to seeing you again soon.

This post was contributed by guest author Rafael Dominguez, a Senior Consultant with Microsoft Services USA specializing in Windows and Office deployment using Configuration Manager and Microsoft Deployment Toolkit

Disclaimer: The information on this site is provided "AS IS" with no warranties, confers no rights, and is not supported by the authors or Microsoft Corporation. Use of included script samples are subject to the terms specified in the Terms of Use

Comments (7)

  1. Carl Nelson says:

    Hi, this is exactly what I need. Unfortunate i'm not exactly sure how to get all this established. Any chance we could get a step by step guide on how to do this?


  2. REN4 says:


    Great post ..but need more information from a implementional level (Lab/Production.).

  3. Andrew says:

    People definitely need a step by step guide!

  4. LEWIS says:


    Very handy, please a step by step guide.

  5. jeremy says:

    If anyone is still trying to figure out how to do this.
    Create a file with a .vbs extension and copy this into it:

    'Change the site_XYZ to your site (Leave the "site_)
    Set wmiService = GetObject("winmgmts:\.rootsmssite_XYZ")
    Set wmiResults = wmiService.ExecQuery("SELECT * FROM SMS_UserApplicationRequest")
    strBody = ""
    For Each objitem In wmiResults
    If objItem.CurrentState = 1 Then
    strBody = strBody & VbCrLf & "———————————–"
    strBody = strBody & VbCrLf & "SMS_UserApplicationRequest instance"
    strBody = strBody & VbCrLf & "———————————–"
    strBody = strBody & VbCrLf & "Application: " & objItem.Application
    strBody = strBody & VbCrLf & "UniqueID: " & objItem.CI_UniqueID
    strBody = strBody & VbCrLf & "RequestGUID: " & objItem.RequestGUID
    strBody = strBody & VbCrLf & "CurrentState: " & objItem.CurrentState
    strBody = strBody & VbCrLf & "Comments: " & objItem.Comments
    strBody = strBody & VbCrLf & "ModelName: " & objItem.ModelName
    strBody = strBody & VbCrLf & "LastModifiedBy: " & objItem.LastModifiedBy
    strBody = strBody & VbCrLf & "LastModifiedDate: " & objItem.LastModifiedDate
    strBody = strBody & VbCrLf & "User: " & objItem.User
    strBody = strBody & VbCrLf & "RequestHistory: " & objItem.RequestHistory
    strBody = strBody & VbCrLf & "UserSid: " & objItem.UserSid
    End If
    If strBody <> "" Then
    Set email = CreateObject("CDO.Message")
    email.Subject = "Unapproved Software Request"
    'Change to your to/from addresses
    email.From = ""
    email.To = ""

    email.TextBody = strBody
    'Change to your SMTP Server
    set email = Nothing
    End If

    Update the 4 lines and set as a scheduled task.

    1. Derek Morehead says:

      Your wmiService object instantiation line is missing a few backslashes – “\”. It should be:
      Set wmiService = GetObject(“winmgmts:\\.\root\sms\site_XYZ”)

Skip to main content