The Configuration Manager PowerShell module contains the Get-CMUserDeviceAffinity cmdlet to allow one to use an AD user object to search for devices that the user is the Primary User for. I’ve written a script which first runs an LDAP query to derive the AD user objects from a list in First Name + Last Name format that a Project Manager is likely to have available to them, and then provides a report complete with the UPN, the sAMAccountName, and each device that the user is the Primary User for in MECM.
This is a simple, but very convenient script to allow one to translate from the info a PM will likely be able to provide to the information needed as an engineer. Obviously, this is not a replacement for a user-based collection/deployment, nor should it be used as such. Oftentimes, I have found it preferential to manage devices, especially for large-scale deployments, but this is not always the case, in such instances as an application utilizing user-based licensing or a specialty application. You’ll find the script below.
# Script written by Payton Flint
# See https://paytonflint.com/powershell-get-affiliated-devices-by-user/
#=//Prerequisites//==============================================================================================
# Clear variables for repeatability
Get-Variable -Exclude PWD,*Preference | Remove-Variable -EA 0
# Identify location of script
$ScriptPath = Split-Path ($MyInvocation.MyCommand.Path) -Parent
# Install/check for ConfigurationManager module
Import-Module ConfigurationManager -ErrorAction 'Stop'
#=//Variables//=================================================================================================
# Set CM Site Code
$SiteCode = '<CM SITE CODE>'
# Get domain name
$Domain = Get-ADDomain | Select-Object -ExpandProperty NetBIOSName
# Set list file name
$FileName = "UserList.txt"
# Set output file name
$OutputFile = "DeviceList.csv"
#=//Body//======================================================================================================
# Get content from list, ignore blank lines
$ListContent = Get-Content "$ScriptPath\$FileName" | Where-Object {$_.Trim() -ne "" }
# Get properties for each user w/ corresponding display name
$ListContent | ForEach-Object {
# If user present in AD, get user properties
If (Get-ADUser -LDAPFilter "(displayName=$_)") {
# Get AD user properties
$ADUser = Get-ADUser -LDAPFilter "(displayName=$_)"
$ADUser | ForEach-Object {
$SamAcctName = $_ | Select-Object -ExpandProperty SamAccountName
# User Properties
$UserObjProps = @{
DisplayName = $_.GivenName + " " + $_.Surname
SamAcctName = $SamAcctName
UserPrincipalName = $_.UserPrincipalName
DomainUser = Join-Path $Domain $SamAcctName
}
# Create application objects using above properties
$UserObj = New-Object psobject -Property $UserObjProps
# Add user objects to list
$Users += ,$UserObj
}
}
}
# Change provider to CM site
Set-Location $SiteCode':'
# For each user...
$Users | ForEach-Object {
# Get user object instance
$UserObjInst = $_
# Get domain user property
$DomainUser = $_ | Select-Object -ExpandProperty DomainUser
# Get user device affinity from CM
$UserDevice = Get-CMUserDeviceAffinity -UserName "$DomainUser"
# Reset counter per user
$count = $null
# Get resource names of affiliated device and add to object
$UserDevice.ResourceName | ForEach-Object {
# Count up per resource instance
$count++
# Derive resource number
$ResCount = "Resource" + "$count"
# Add resource property to object
Add-Member -MemberType NoteProperty -InputObject $UserObjInst -Name "$ResCount" -Value ($_) -Force
}
}
# Change to local provider
Set-Location 'C:'
# Export to .CSV
$Users `
| Sort-Object -Property DisplayName `
| Export-Csv -Path "$ScriptPath\$OutputFile"