Solved

VBscript to generate the report of Missing patches on servers

Posted on 2013-01-01
10
1,250 Views
Last Modified: 2013-01-02
Hello Team,

could you please help me out with the VBscript that will generate the report of pending patch information from the servers listed in textpad remotely.
0
Comment
Question by:biplabmukh
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +3
10 Comments
 
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 38734716
You may download MBSA as per your OS version
Refer below link

Microsoft Baseline Security Analyzer 2.2 (for IT Professionals)
http://www.microsoft.com/en-in/download/details.aspx?id=7558
0
 

Author Comment

by:biplabmukh
ID: 38734719
Thanks for your response. This process I already knew it but I am looking for Vbscript to automate the task. any suggestion.
0
 
LVL 11

Expert Comment

by:netballi
ID: 38734849
Here is the web site with a few examples for script options with MBSA for generating reports.

http://www.microsoft.com/en-us/download/confirmation.aspx?id=10750
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 38734861
Why don't you use widely used solution such as WSUS ..You may control things more efficiently with this and would get a good quality and hassle free reporting system
0
 
LVL 7

Expert Comment

by:hirenvmajithiya
ID: 38735526
User MBSA as all stated above.
0
 
LVL 1

Expert Comment

by:wasimak
ID: 38735598
0
 

Author Comment

by:biplabmukh
ID: 38735671
Thanks for your response but using the script in menionted in above link we can pull the pending patch information from local machine any other way we can pull the report of all the servers remotely. Like we can mention all the servers name in text & script can take this as input variable.
0
 
LVL 1

Expert Comment

by:wasimak
ID: 38735715
0
 

Author Comment

by:biplabmukh
ID: 38735890
Thanks I executed the script & it wokes fine but this script give you the patch information which is installed on the machine. my requirement is to identify the patch which is require to be install (only security patch). can we modify this script to generate the report of pending patch.
0
 
LVL 10

Accepted Solution

by:
Prashant Girennavar earned 500 total points
ID: 38736082
Try below code ,

[void][reflection.assembly]::LoadWithPartialName(“Microsoft.UpdateServices.Administration”)
$global:wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::getUpdateServer(‘wsus ServerName Goes here’,$False,Port Number goes here of your WSUS)
$computerscope = New-Object Microsoft.UpdateServices.Administration.ComputerTargetScope
$updatescope = New-Object Microsoft.UpdateServices.Administration.UpdateScope
$s = Get-Content C:\Names.txt
$a = New-Object Microsoft.UpdateServices.Administration.ComputerTargetScope
$b = New-Object Microsoft.UpdateServices.Administration.UpdateScope
$c =  $wsus.getcomputertargets($a)
$id = @()
Foreach($Server in $s)
{
 $id += @($c | ? {$_.FulldomainName -like “$Server*”} | Select-Object -ExpandProperty ID)
}

$k = $wsus.GetSummariesPerComputerTarget($b,$a)
$k | Where-Object{$id -contains $_.ComputerTargetID} | ForEach {New-Object PSobject -Property @{
ComputerTarget = ($wsus.GetComputerTarget([guid]$_.ComputerTargetId)).FullDomainName
DownloadedCount = $_.DownloadedCount
FaliedCount = $_.FailedCount
}} | Export-Csv C:\PatchResult.csv -NoClobber -Force

Open in new window


Note -

$global:wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::getUpdateServer(‘wsus ServerName Goes here’,$False,Port Number goes here of your WSUS)

If you are using the default WSUS Port 80 then please no need of putting the WSUS Port number

The code will show the pending/Failed pathes on the list of servers.

List of servers are stoed in C:\Names.txt file.

Let me know if anything else is required.

More on this in my blog - http://prashant1987.wordpress.com/2012/11/21/powershell-script-to-query-wsus-for-downloadedfalied-patches-on-list-of-servers/

Hope this helps.

Regards,

_Prashant_
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Get people started with the process of using Access VBA to control Excel using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Excel. Using automation, an Access application can laun…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question