tests/Test-CmClientCoverage.ps1
function Test-CmClientCoverage { [CmdletBinding()] [OutputType()] param ( [parameter()][string] $TestName = "Device Client Coverage Status", [parameter()][string] $TestGroup = "operation", [parameter()][string] $TestCategory = "CM", [parameter()][string] $Description = "Confirm AD computers managed by CM", [parameter()][hashtable] $ScriptParams ) try { $startTime = (Get-Date) [int]$Coverage = Get-CmHealthDefaultValue -KeySet "configmgr:ClientCoverageThresholdPercent" -DataSet $CmHealthConfig Write-Log -Message "coverage threshold = $Coverage percent" $stat = "PASS" $except = "WARNING" $msg = "Coverage meets stated threshold of $Coverage percent" [System.Collections.Generic.List[PSObject]]$tempdata = @() # for detailed test output to return if needed [array]$adcomps = Get-ADSIComputer | Select-Object -ExpandProperty name $adcount = $adcomps.Count Write-Log -Message "AD computers = $adcount" [array]$cmcomps = Get-CimInstance -ClassName "SMS_CombinedDeviceResources" -Namespace "root/sms/site_$($ScriptParams.SiteCode)" -ErrorAction Stop | Where-Object {$_.IsClient -eq $True} | Select-Object -ExpandProperty Name $cmcount = $cmcomps.Count Write-Log -Message "CM computers = $cmcount" if (($adcount -gt 0) -and ($cmcount -gt 0)) { $delta1 = $cmcomps | Where-Object {$_.name -notin $adcomps} # CM device names not in AD $delta2 = $adcomps | Where-Object {$_ -notin $cmcomps.name} # AD computer names not in CM Write-Log -Message "there are $($delta1.Count) computers in configmgr which are not in active directory" Write-Log -Message "there are $($delta2.Count) computers in active directory which are not in configmgr" if (($delta1.Count -gt 0) -or ($delta2.Count -gt 0)) { $stat = $except $msg = "discrepancies found between configmgr and active directory computer coverage" Write-Log -Message $msg -Category Warning $d1names = $delta1.name -join ',' $d2names = $delta2 -join ',' $tempdata.Add( [pscustomobject]@{ ADComputers = $($adcomps.Count) CMComputers = $($cmcomps.Count) OnlyAD = $d2names OnlyCM = $d1names NotInAD = $($delta1.Count) NotInCM = $($delta2.Count) } ) } } else { $stat = $except $msg = "Unable to query environment data to validate this test" } } catch { $stat = 'ERROR' $msg = $_.Exception.Message -join ';' } finally { $([pscustomobject]@{ TestName = $TestName TestGroup = $TestGroup Category = $TestCategory TestData = $tempdata Description = $Description Status = $stat Message = $msg RunTime = $(Get-RunTime -BaseTime $startTime) Credential = $(if($ScriptParams.Credential){$($ScriptParams.Credential).UserName} else { $env:USERNAME }) }) } } |