How to Schedule SCCM Client Reboot through ConfigMgr


You may have a requirement to reboot SCCM client computers which have not been rebooted for n number of days. This process can be used to schedule a reboot using PowerShell script deployed as SCCM application.


Schedule SCCM Client Reboot – Process overview

  • The PowerShell script will check if machine was rebooted in last n number of days. If not it will return exit code 3010 instructing SCCM client agent that a soft reboot is required.
  • The script need to be deployed as ConfigMgr Application using ‘Fake path’ as file detection rule to re-execute the script at each application evaluation cycle.
  • The reboot behavior will be controller by SCCM client agent “Computer restrart” settings. If 4 hours deadline time given in Computer restart settings, user will get 4 hours time to reboot the computer. The reboot will be forced after that.
  • Global condtion and Requirements rule are used to restrict script executes only on laptops. You can update this as per your requirements.


Limitation of Process

You can’t control the exact reboot time of client computer with this method.


PowerShell Script

The below PowerShell script will check computer last boot time. If last boot age will be more than specified number of days then it will return exit code 3010. We will deploy this script through SCCM application and SCCM client initiate a reboot if exit code is 3010.

function Write-Log {
    [CmdletBinding()]
    param(
        [Parameter()]
        [ValidateNotNullOrEmpty()]
        [string]$Message,
 
        [Parameter()]
        [ValidateNotNullOrEmpty()]
        [ValidateSet('Information','Warning','Error')]
        [string]$Severity = 'Information'
    )
 
    [pscustomobject]@{
        Time = (Get-Date -f g)
        Message = $Message
        Severity = $Severity
    } | Export-Csv -Path "c:\windows\Temp\SCCMClientReboot.csv" -Append -NoTypeInformation
 }


$LastBootupTime = (gcim win32_operatingsystem).LastBootupTime
$LastBootAge = ((Get-Date) - (gcim win32_operatingsystem).LastBootupTime).Days

If ($LastBootAge -gt 15)  {
    $msg =  "Last Bootup time: $LastBootupTime - Last bootup Age (days): $LastBootAge - Exit Code 3010. ConfigMgr client will handle reboot."
    Write-Host $msg
    Write-Log -Message $msg -Severity Information
    Exit (3010)
    }
else
    { $msg =  "Last Bootup time: $LastBootupTime - Last bootup Age (days): $LastBootAge - Exit Code 0. Reboot is not required"
      Write-Host $msg
      Write-Log -Message $msg -Severity Information
      Exit (0)}



Computer Agent Settings

When SCCM client initiate a reboot, the final reboot count down time will be based on Computer Restart client settings “Specify the amount of time after the deadline before a device get restarted”. In the below example, user will see 4 hour count down timer and computer will be forcefully rebooted after 4 hours. You can adjust this as per your requirement. However keep in mind that it will also change the bahavior for restart initiated by Software Update deployment / other applications.

SCCM | ConfigMgr Computer Agent Settings | Schedule SCCM Client Reboot

Global Conditions to Add an Extra Safety Layer

In Configuration Manager, global conditions are rules that represent business or technical conditions that you can use to specify how an application is provided and deployed to client devices. You can create a Global Conditions from Software Library / Global Conditions blade.

Global conditions are used in Requirement rules while creating an application. Here, we will create a Global condition to identify the PC type such as Desktop, Laptop or Server. We will use this Global condition in requirement rule of Application to ensure script will only executes on laptops. This will add an additional layer of security as SCCM application will applicable for laptops only.

SCCM Global Conditions

Create a Global condition with below details.

  • Global condition name: PC System Type
  • Description: Possible values: 1 (Desktop), 2 (Mobile), 3 (Workstation), 4 (Enterprise Server), 5 (SOHO Server), 6 (Appliance PC), 7 (Performance Server), 8 (Maximum), 0 (Unknown)
  • Device type: Windows
  • Condition type: Settings
  • Setting type: WQL query
  • Namespace : root\cimv2
  • Class: Win32_ComputerSystem
  • Property: PCSystemType


SCCM Global Conditions



Create ConfigMgr Application

Use the following configuration when creating SCCM application. These are not the complete steps to create an application. The assummption here is that you are already well familiar with Configuration Manager application model.

User Experience:

  • Installation behavior: Install for system
  • Logon requirement: Whether or not a user is logged on
  • Installation program visibility: Hidden

Select “Determine behaviour based on return codes” at bottom of screen.

Detection Rule:

Create Detection Rule with the following details.

  • Setting Type: File System
  • Type: File
  • Path : C:\FakePath
  • File or folder name: FakeFile
  • Select “The file system setting must exists on the target system to indicate presense of this application

SCCM Detection Rule

Requirements:

In the Requirements tab, add the Global Condition which you created earlier. The value should be 2 to restrict the execution on laptops only. This will add an additional layer of security. If someone mistakenly deployed the application on Servers then application will not execute.

SCCM Application Requirements rule.


Create a Deployment

Create a SCCM collection for all Laptops and deploy the application on that collection. You can refer SCCM Dynamic Collection Based on Device Type | Collection Queries if you need any help in creating the collection for Laptop / Desktops.

Ensure that you hide the deployment from Software Center. The way we have used the detection rule to ensure script execute at each application evaluation, the appenforce.log will show that application was not detected after installation. The user will see application status as failed in Software Center and may raise issue to IT team. Hence, it’s better to hide the deployment from Software center.


Log File to View Script Actions

The script will create a log file on client computer in c:\windows\temp folder. This can be checked to review the execution history and reboot action triggered by script.

Log File


Related Posts:

Subscribe to Techuisitive Newsletter

Be the first to know about our new blog posts. Get our newsletters directly in your inbox and stay up to date about Modern Desktop Management technologies & news.

Scroll to Top