Using a PowerShell Configuration Baseline to Deploy CMTrace


As a Premier Field Engineer, I spend a lot of time with customers coast to coast. One common thing I have seen is customers constantly looking for their favorite log viewer (at least mines 🙂 .

Configuration Baselines to the rescue.

Anyone that knows me knows I am a huge fan of configuration baselines since they can enable so much outside the box thinking, valuable workflows, and automation workflows that can be presented, OMG it's insane, the fun stuff you can do with Configuration Baselines. Another story for another day.

So getting CMTrace out in the infrastructure is fairly straight forward, so let's get started.

Objective:

  • From an RUN Command, type in CMTRACE and have CMTrace pop up.

To get started here 1st we need to figure out the commands needed to test for the existence of CMTrace. Now before we do that, we need to consider the 1st objective. We need CMTrace in the windows\system32 folder to be able to execute CMTrace from the RUN command.

Phase One: (Testing for the file)

To test for the existence of CMTrace we can use the Test-Path PowerShell command. Why PowerShell you may ask because POWERSHELL IS KING, and I can further tune this as much as I would like for any scenario.

#look for cmtrace.exe
$cmtrace = Test-Path "c:\windows\System32\cmtrace.exe"
$cmtrace

As you can see I store the results of the Test-Path commandlet as a variable, so I can use that variable to evaluate the True or False from the variable.

The below picture is a negative evaluation. (Meaning CMTrace IS NOT in the tested location)

After I put CMTrace in the tested path you get the picture below showing a good evaluation. (Meaning CMTrace IS in the tested location)

Phase Two: (Remediating the file)

Now that we know how to test for the existence of the file and we also have the extra value of evaluating the file existence on True or False, we can get down to remediation if the value equals false.

#copy cmtrace to c:\temp
Copy-Item -Path "\\scapss\SMS_SCA\tools\cmtrace.exe" -Destination "C:\Windows\System32\cmtrace.exe" -Verbose

Phase Three: (Putting it Together)

Now that we know how to detect for the file and remediate if the file IS NOT there. Off to create our Configuration Item with Remediation and Configuration Baseline to deploy.

Below you will see screenshots of how the Configuration Item is Configured.

 

Configuration Baseline Configuration:

NOTES:

Change values and locations as needed within the script. This script and Configuration Baselines are meant for testing use only.

 

@SCCMAvenger

Deploy CMTrace.zip

Comments (1)

  1. Chris Roberts says:

    Interesting to see somebody else is using Baselines to keep a file on a system. I’ve been using this technique since we implemented SCCM 2012. One thing I would add on this, unless you increase the script execution timeout (https://blogs.msdn.microsoft.com/fei_xias_blog/2013/10/20/system-center-2012-configmgr-using-vbs-to-extend-the-dcm-script-execution-timeout-value/), you could show failures of the CI for script execution. Although they show as a failure the script does keep running. Next evaluation will show the system as then being compliant without being remediated.

    The example we used was actually copying a number of files using Robocopy. To get around the script showing as failed I triggered a start-process instead with “no wait”, which meant the remediation script continued to run and finish without a failure. It does mean your CI will show as “all OK” before the script has really finished, so it is a balancing act of what you would prefer reported for your baselines.

    I would also extend what you’re doing here to trap the version of CMTrace on the source share and compare it to the version on the client, ensuring they always have the latest version. Add to this, if you’re planning on using this on systems that may not always have access to the source folder then do a test-path on the source file first. If it can’t access, just let the script complete as successful, next time it can access the source it will get the file.

Skip to main content