public static SmsClientId RegisterClient(string CMServerName, string ClientName, string DomainName, string CertPath, SecureString pass, ILog log)
{
using (MessageCertificateX509Volatile certificate = new MessageCertificateX509Volatile(CertPath, pass))
{
// Create a registration request
ConfigMgrRegistrationRequest registrationRequest = new ConfigMgrRegistrationRequest();
// Add our certificate for message signing
registrationRequest.AddCertificateToMessage(certificate, CertificatePurposes.Signing | CertificatePurposes.Encryption);
// Set the destination hostname
registrationRequest.Settings.HostName = CMServerName;
log.Info($"[{ClientName}] - Running Discovery...");
// Discover local properties for registration metadata
registrationRequest.Discover();
registrationRequest.AgentIdentity = "MyCustomClient";
registrationRequest.ClientFqdn = ClientName + "." + DomainName;
registrationRequest.NetBiosName = ClientName;
log.Info("About to try to register " + registrationRequest.ClientFqdn);
// Register client and wait for a confirmation with the SMSID
registrationRequest.Settings.Compression = MessageCompression.Zlib;
registrationRequest.Settings.ReplyCompression = MessageCompression.Zlib;
log.Info($"[{ClientName}] - Message Zipped successfully, registering...");
SmsClientId clientId = registrationRequest.RegisterClient(Sender, TimeSpan.FromMinutes(5));
log.Info($"[{ClientName}] - Got SMSID from CM Server for this client of {clientId}...");
return(clientId);
}
}
static void SimulateClient(string CMServerName, string ClientName, string DomainName, string SiteCode)
{
//HttpSender sender = new HttpSender();
// Load the certificate for client authentication
//Password for excerpted cert
using (MessageCertificateX509Volatile certificate = new MessageCertificateX509Volatile(CertPath, pass))
{
X509Certificate2 thisCert = new X509Certificate2(CertPath, pass);
Console.WriteLine(@"Using certificate for client authentication with thumbprint of '{0}'", certificate.Thumbprint);
Console.WriteLine("Signature Algorithm: " + thisCert.SignatureAlgorithm.FriendlyName);
if (thisCert.SignatureAlgorithm.FriendlyName == "sha256RSA")
{
Console.WriteLine("Cert has a valid sha256RSA Signature Algorithm, proceeding");
}
else
{
Console.ForegroundColor = ConsoleColor.Yellow;
Console.WriteLine("ConfigMgr requires a Sha256 Cert, try recreating cert with:");
string multiline = @"
New-SelfSignedCertificate `
-KeyLength 2048 -HashAlgorithm ""SHA256""
- Provider ""Microsoft Enhanced RSA and AES Cryptographic Provider""
-KeyExportPolicy Exportable - KeySpec KeyExchange `
-Subject ""SCCM Test Certificate"" - KeyUsageProperty All - Verbose
";
Console.Write(multiline);
return;
}
// Create a registration request
ConfigMgrRegistrationRequest registrationRequest = new ConfigMgrRegistrationRequest();
// Add our certificate for message signing
registrationRequest.AddCertificateToMessage(certificate, CertificatePurposes.Signing | CertificatePurposes.Encryption);
// Set the destination hostname
registrationRequest.Settings.HostName = CMServerName;
Console.WriteLine("Trying to reach: " + CMServerName);
// Discover local properties for registration metadata
registrationRequest.Discover();
registrationRequest.AgentIdentity = "MyCustomClient";
registrationRequest.ClientFqdn = ClientName + "." + DomainName;
registrationRequest.NetBiosName = ClientName;
//registrationRequest.HardwareId = Guid.NewGuid().ToString();
Console.WriteLine("About to try to register " + registrationRequest.ClientFqdn);
// Register client and wait for a confirmation with the SMSID
//registrationRequest.Settings.Security.AuthenticationType = AuthenticationType.WindowsAuth;
registrationRequest.Settings.Compression = MessageCompression.Zlib;
registrationRequest.Settings.ReplyCompression = MessageCompression.Zlib;
SmsClientId testclientId = new SmsClientId();
try
{
testclientId = registrationRequest.RegisterClient(Sender, TimeSpan.FromMinutes(5));
}
catch (Exception ex)
{
Console.WriteLine("Failed to enroll with an error");
Console.WriteLine(ex.Message);
return;
}
SmsClientId clientId = testclientId;
Console.WriteLine(@"Got SMSID from registration of: {0}", clientId);
// Send data to the site
ConfigMgrDataDiscoveryRecordMessage ddrMessage = new ConfigMgrDataDiscoveryRecordMessage();
// Add necessary discovery data
ddrMessage.SmsId = clientId;
ddrMessage.ADSiteName = "Default-First-Site-Name"; //Changed from 'My-AD-SiteName
ddrMessage.SiteCode = SiteCode;
ddrMessage.DomainName = DomainName;
ddrMessage.NetBiosName = ClientName;
Console.WriteLine("ddrSettings clientID: " + clientId);
Console.WriteLine("ddrSettings SiteCode: " + ddrMessage.SiteCode);
Console.WriteLine("ddrSettings ADSiteNa: " + ddrMessage.ADSiteName);
Console.WriteLine("ddrSettings DomainNa: " + ddrMessage.DomainName);
Console.WriteLine("ddrSettings FakeName: " + ddrMessage.NetBiosName);
Console.WriteLine("Message MPHostName : " + CMServerName);
// Now create inventory records from the discovered data (optional)
ddrMessage.Discover();
// Add our certificate for message signing
ddrMessage.AddCertificateToMessage(certificate, CertificatePurposes.Signing);
ddrMessage.AddCertificateToMessage(certificate, CertificatePurposes.Encryption);
ddrMessage.Settings.HostName = CMServerName;
// Now send the message to the MP (it's asynchronous so there won't be a reply)
ddrMessage.SendMessage(Sender);
//todo add as a param
/*
* ConfigMgrHardwareInventoryMessage hinvMessage = new ConfigMgrHardwareInventoryMessage();
* hinvMessage.Settings.HostName = CMServerName;
* hinvMessage.AddCertificateToMessage(certificate, CertificatePurposes.Signing | CertificatePurposes.Encryption);
* hinvMessage.SmsId = clientId;
* hinvMessage.SiteCode = SiteCode;
* hinvMessage.NetBiosName = ClientName;
* hinvMessage.DomainName = DomainName;
* hinvMessage.Settings.Compression = MessageCompression.Zlib;
* hinvMessage.Settings.Security.EncryptMessage = true;
* hinvMessage.AddInstancesToInventory(WmiClassToInventoryReportInstance.WmiClassToInventoryInstances(@"root\cimv2", "Win32_LogicalDisk", @"root\cimv2\sms", "SMS_LogicalDisk"));
* hinvMessage.AddInstancesToInventory(WmiClassToInventoryReportInstance.WmiClassToInventoryInstances(@"root\cimv2", "Win32_Processor", @"root\cimv2\sms", "SMS_Processor"));
* hinvMessage.AddInstancesToInventory(WmiClassToInventoryReportInstance.WmiClassToInventoryInstances(@"root\cimv2", "Win32_SystemDevices", @"root\cimv2\sms", "SMS_SystemDevices"));
* hinvMessage.SendMessage(Sender);
* Console.WriteLine("Sending: " + hinvMessage.HardwareInventoryInstances.Count + "instances of HWinv data to CM");*/
}
}
public static void SendDiscovery(string CMServerName, string clientName, string domainName, string SiteCode,
string CertPath, SecureString pass, SmsClientId clientId, ILog log, bool enumerateAndAddCustomDdr = false)
{
using (MessageCertificateX509Volatile certificate = new MessageCertificateX509Volatile(CertPath, pass))
{
//X509Certificate2 thisCert = new X509Certificate2(CertPath, pass);
log.Info($"Got SMSID from registration of: {clientId}");
// create base DDR Message
ConfigMgrDataDiscoveryRecordMessage ddrMessage = new ConfigMgrDataDiscoveryRecordMessage
{
// Add necessary discovery data
SmsId = clientId,
ADSiteName = "Default-First-Site-Name", //Changed from 'My-AD-SiteName
SiteCode = SiteCode,
DomainName = domainName,
NetBiosName = clientName
};
ddrMessage.Discover();
// Add our certificate for message signing
ddrMessage.AddCertificateToMessage(certificate, CertificatePurposes.Signing);
ddrMessage.AddCertificateToMessage(certificate, CertificatePurposes.Encryption);
ddrMessage.Settings.HostName = CMServerName;
ddrMessage.Settings.Compression = MessageCompression.Zlib;
ddrMessage.Settings.ReplyCompression = MessageCompression.Zlib;
Debug.WriteLine("Sending [" + ddrMessage.DdrInstances.Count + "] instances of Discovery data to CM");
if (enumerateAndAddCustomDdr)
{
//see current value for the DDR message
var OSSetting = ddrMessage.DdrInstances.OfType <InventoryInstance>().Where(m => m.Class == "CCM_DiscoveryData");
////retrieve actual setting
string osCaption = (from x in new ManagementObjectSearcher("SELECT Caption FROM Win32_OperatingSystem").Get().Cast <ManagementObject>()
select x.GetPropertyValue("Caption")).FirstOrDefault().ToString();
XmlDocument xmlDoc = new XmlDocument();
////retrieve reported value
xmlDoc.LoadXml(ddrMessage.DdrInstances.OfType <InventoryInstance>().FirstOrDefault(m => m.Class == "CCM_DiscoveryData")?.InstanceDataXml.ToString());
////Set OS to correct setting
xmlDoc.SelectSingleNode("/CCM_DiscoveryData/PlatformID").InnerText = "Microsoft Windows NT Server 10.0";
////Remove the instance
ddrMessage.DdrInstances.Remove(ddrMessage.DdrInstances.OfType <InventoryInstance>().FirstOrDefault(m => m.Class == "CCM_DiscoveryData"));
CMFauxStatusViewClassesFixedOSRecord FixedOSRecord = new CMFauxStatusViewClassesFixedOSRecord
{
PlatformId = osCaption
};
InventoryInstance instance = new InventoryInstance(FixedOSRecord);
////Add new instance
ddrMessage.DdrInstances.Add(instance);
}
ddrMessage.SendMessage(Sender);
ConfigMgrHardwareInventoryMessage hinvMessage = new ConfigMgrHardwareInventoryMessage();
hinvMessage.Settings.HostName = CMServerName;
hinvMessage.SmsId = clientId;
hinvMessage.Settings.Compression = MessageCompression.Zlib;
hinvMessage.Settings.ReplyCompression = MessageCompression.Zlib;
//hinvMessage.Settings.Security.EncryptMessage = true;
hinvMessage.Discover();
var Classes = CMFauxStatusViewClasses.GetWMIClasses();
foreach (string Class in Classes)
{
try { hinvMessage.AddInstancesToInventory(WmiClassToInventoryReportInstance.WmiClassToInventoryInstances(@"root\cimv2", Class)); }
catch { log.Info($"!!!Adding class : [{Class}] :( not found on this system"); }
}
var SMSClasses = new List <string> {
"SMS_Processor", "CCM_System", "SMS_LogicalDisk"
};
foreach (string Class in SMSClasses)
{
log.Info($"---Adding class : [{Class}]");
try { hinvMessage.AddInstancesToInventory(WmiClassToInventoryReportInstance.WmiClassToInventoryInstances(@"root\cimv2\sms", Class)); }
catch { log.Info($"!!!Adding class : [{Class}] :( not found on this system"); }
}
hinvMessage.AddCertificateToMessage(certificate, CertificatePurposes.Signing | CertificatePurposes.Encryption);
hinvMessage.Validate(Sender);
hinvMessage.SendMessage(Sender);
};
}
public static void GetPolicy(string CMServerName, string SiteCode, string CertPath, SecureString pass, SmsClientId clientId)
{
using (MessageCertificateX509Volatile certificate = new MessageCertificateX509Volatile(CertPath, pass))
{
bool replyCompression = true;
bool compression = true;
ConfigMgrPolicyAssignmentRequest userPolicyMessage = new ConfigMgrPolicyAssignmentRequest()
{
ResourceType = PolicyAssignmentResourceType.User,
SmsId = clientId,
SiteCode = SiteCode
};
userPolicyMessage.Settings.HostName = CMServerName;
userPolicyMessage.Settings.Security.AuthenticationScheme = AuthenticationScheme.Ntlm;
userPolicyMessage.Settings.Security.AuthenticationType = AuthenticationType.WindowsAuth;
userPolicyMessage.AddCertificateToMessage(certificate, CertificatePurposes.Signing | CertificatePurposes.Encryption);
userPolicyMessage.Discover();
userPolicyMessage.Settings.Security.EncryptMessage = true;
userPolicyMessage.Settings.ReplyCompression = (true == replyCompression) ? MessageCompression.Zlib : MessageCompression.None;
userPolicyMessage.Settings.Compression = (true == compression) ? MessageCompression.Zlib : MessageCompression.None;
userPolicyMessage.SendMessage(Sender);
ConfigMgrPolicyAssignmentRequest machinePolicyMessage = new ConfigMgrPolicyAssignmentRequest();
machinePolicyMessage.Settings.HostName = CMServerName;
machinePolicyMessage.AddCertificateToMessage(certificate, CertificatePurposes.Signing | CertificatePurposes.Encryption);
machinePolicyMessage.Settings.Security.EncryptMessage = true;
machinePolicyMessage.Settings.Compression = (true == compression) ? MessageCompression.Zlib : MessageCompression.None;
machinePolicyMessage.Settings.ReplyCompression = (true == replyCompression) ? MessageCompression.Zlib : MessageCompression.None;
machinePolicyMessage.ResourceType = PolicyAssignmentResourceType.Machine;
machinePolicyMessage.SmsId = clientId;
machinePolicyMessage.SiteCode = SiteCode;
machinePolicyMessage.Discover();
//machinePolicyMessage.SendMessage(Sender);
}
}
static void SimulateClient(string MPHostname, string ClientName, string DomainName)
{
HttpSender sender = new HttpSender();
// Load the certificate for client authentication
//Password for excerpted cert
using (MessageCertificateX509Volatile certificate = new MessageCertificateX509Volatile("c:\\temp\\MixedModeTestCert.pfx", "Pa$$w0rd!"))
{
Console.WriteLine(@"Using certificate for client authentication with thumbprint of '{0}'", certificate.Thumbprint);
// Create a registration request
ConfigMgrRegistrationRequest registrationRequest = new ConfigMgrRegistrationRequest();
// Add our certificate for message signing
registrationRequest.AddCertificateToMessage(certificate, CertificatePurposes.All);
// Set the destination hostname
registrationRequest.Settings.HostName = MPHostname;
Console.WriteLine("Trying to reach: " + MPHostname);
// Discover local properties for registration metadata
registrationRequest.Discover();
registrationRequest.AgentIdentity = "MyCustomClient.exe";
registrationRequest.ClientFqdn = ClientName + "." + DomainName;
registrationRequest.NetBiosName = ClientName;
registrationRequest.HardwareId = Guid.NewGuid().ToString();
Console.WriteLine("About to try to register" + registrationRequest.ClientFqdn);
// Register client and wait for a confirmation with the SMSID
//registrationRequest.Settings.Security.AuthenticationType = AuthenticationType.WindowsAuth;
registrationRequest.Settings.Compression = MessageCompression.Zlib;
registrationRequest.Settings.ReplyCompression = MessageCompression.Zlib;
SmsClientId clientId = registrationRequest.RegisterClient(sender, TimeSpan.FromMinutes(5));
Console.WriteLine(@"Got SMSID from registration of: {0}", clientId);
// Send data to the site
ConfigMgrDataDiscoveryRecordMessage ddrMessage = new ConfigMgrDataDiscoveryRecordMessage();
// Add necessary discovery data
ddrMessage.SmsId = clientId;
ddrMessage.ADSiteName = "Default-First-Site-Name"; //Changed from 'My-AD-SiteName
ddrMessage.SiteCode = "F0X";
ddrMessage.DomainName = DomainName;
Console.WriteLine("ddrSettings clientID: " + clientId);
Console.WriteLine("ddrSettings SiteCode: " + ddrMessage.SiteCode);
Console.WriteLine("ddrSettings ADSiteNa: " + ddrMessage.ADSiteName);
Console.WriteLine("ddrSettings DomainNa: " + ddrMessage.DomainName);
Console.WriteLine("Message MPHostName : " + MPHostname);
// Now create inventory records from the discovered data (optional)
ddrMessage.Discover();
// Add our certificate for message signing
ddrMessage.AddCertificateToMessage(certificate, CertificatePurposes.Signing);
ddrMessage.AddCertificateToMessage(certificate, CertificatePurposes.Encryption);
ddrMessage.Settings.HostName = MPHostname;
// Now send the message to the MP (it's asynchronous so there won't be a reply)
ddrMessage.SendMessage(sender);
}
}
