Creating collections in SCCM based on Active Directory OU Membership
To create a collection like this we need to setup a collection based on a query, the attributes that we will use will be..
Attribute Class: System Resource
Attribute: System OU Name
The Operator can be set to : is equal to
Values should be available when you click the value button.
If the values are not populated chances are is that the Active Directory System Group Discovery has either not been set or the OU you require has not been specified.
Enable the group discovery and add a Custom LDAP query to the OU/OUs in question, initiate a scan by selecting “Run discovery as soon as possible” in the polling schedule tab, you can monitor the progress of this in the adsysgrp.log
After this complete you should see the SMS table System_System_OU_Name_ARR table in the SCCM database will populate with data in the System_OU_Name0 column of the database.
The OU’s will now populate for the containers or domain you specified in the AD System Group Discovery LDAP queries.
Select the OU from the list, alternatively you can specify using the following query;
select * from SMS_R_System where SMS_R_System.SystemOUName = "<FQDNDomain>/<OUName>"
John Riseam
System Center Consultant
Risual Ltd
this only creates the collection MEMBERSHIP based on OU’s, it does not create the actual collection itself and therefor shall not create collections based on OU-names
Correct this is just making the query that the collection can be based on, creating SCCM collections is assumed. The post is mainly about a common admin struggle to create the collection and the OU names not being populated, which I’ve observed in the field.