ConfigMgr WebService has been designed to extend the functionality of Operating System Deployment with Configuration Manager 2012 (and above). These methods provided by this web service enables you to build custom frontend / HTA applications.
The list below shows an overview of the available methods:
- AddCMComputerToCollection
- GetCMBootImageSourceVersion
- GetCMDeployedApplicationsByDevice
- GetCMDeployedApplicationsByUser
- GetCMDeviceCollections
- GetCMDeviceNameByUUID
- GetCMDeviceResourceIDByMACAddress
- GetCMDeviceResourceIDByUUID
- GetCMDiscoveredUsers
- GetCMDriverPackageByModel
- GetCMHiddenTaskSequenceDeployments
- GetCMHiddenTaskSequenceDeploymentsByResourceId
- GetCMPackage
- GetCMPrimaryDeviceByUser
- GetCMPrimaryUserByDevice
- GetCMUniqueUserName
- GetCMUnknownDeviceByUUID
- ImportCMComputerByMacAddress
- ImportCMComputerByUUID
- RemoveCMUnknownDeviceByUUID
- UpdateCMCollectionMembership
- AddMDTRoleMember
- AddMDTRoleMemberByAssetTag
- AddMDTRoleMemberByMacAddress
- AddMDTRoleMemberBySerialNumber
- AddMDTRoleMemberByUUID
- GetMDTComputerByAssetTag
- GetMDTComputerByMacAddress
- GetMDTComputerBySerialNumber
- GetMDTComputerByUUID
- GetMDTComputerNameByIdentity
- GetMDTComputerRoleMembership
- GetMDTDetailedComputerRoleMembership
- GetMDTRoles
- RemoveMDTComputerFromRoles
- AddADComputerToGroup
- SetADComputerDescription
- SetADOrganizationalUnitForComputer
- RemoveADComputerFromGroup
This web service has been built to support the following versions of System Center Configuration Manager:
- Configuration Manager 2012 SP1
- Configuration Manager 2012 SP2
- Configuration Manager 2012 R2
- Configuration Manager 2012 R2 SP1
- Configuration Manager Current Branch (all currently supported versions released by Microsoft)
Make sure that .NET Framework 4.5.2 is available on the member server you intend to host this web service on.
To successfully run this web service, you'll need to have IIS installed on a member server with ASP.NET enabled. Easiest way to get going is to install the ConfigMgrWebService on the same server as where your Management Point role is hosted. You'll also need to have a service account for the application pool in IIS. It's recommended that you add the service account in ConfigMgr with Full Administrator privileges.
- Download the project and compile the solution in Visual Studio (you can download the free version called Visual Studio Community Edition)
- Create a folder in C:\inetpub called ConfigMgrWebService. Inside that folder, create a folder called bin.
- Copy the compiled ConfigMgrWebService.dll to C:\inetpub\ConfigMgrWebService\bin.
- Rename Web.Release.config to Web.config and copy it to C:\inetpub\ConfigMgrWebService.
- Copy ConfigMgrWebService.asmx to C:\inetpub\ConfigMgrWebService.
- Locate AdminUI.WqlQueryEngine.dll and Microsoft.ConfigurationManagement.ManagementProvider.dll in the ConfigMgr console installation location and copy them to C:\inetpub\ConfigMgrWebService\bin.
- Open IIS management console, right click on Application Pools and select Add Application Pool.
- Enter ConfigMgrWebService as name, select the .NET CLR version .NET CLR Version v4.0.30319 and click OK.
- Select the new ConfigMgrWebService application pool and select Advanced Settings.
- In the Process Model section, specify the service account that will have access to ConfigMgr in the Identity field and click OK.
- Open IIS management console, expand Sites, right click on Default Web Site and select Add Application.
- As for Alias, enter ConfigMgrWebService.
- Select ConfigMgrWebService as application pool.
- Set the physical path to C:\inetpub\ConfigMgrWebService and click OK.
- Open IIS management console, expand Sites and Default Web Site.
- Select ConfigMgrWebService application and go to Application Settings.
- Enter values for each application settings, SiteServer being the server where the SMS Provider is installed, SiteCode being the site code of your site and SecretKey being a custom string that you create yourself.
When calling the web service methods, you'll need to pass along a secret key that matches what's specified for the SecretKey application setting in web.config as a parameter. Without this parameter, the method will be invoked properly. This is a somewhat reasonable security mechanism (at least it's something) that prevents unathorized users to invoke the methods and retrieve data from your ConfigMgr environment. It's recommended that you generate a GUID and enter that as the SecretKey.