VBscript to generate the report of Missing patches on servers

biplabmukh
biplabmukh used Ask the Experts™
on
Hello Team,

could you please help me out with the VBscript that will generate the report of pending patch information from the servers listed in textpad remotely.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Top Expert 2012

Commented:
You may download MBSA as per your OS version
Refer below link

Microsoft Baseline Security Analyzer 2.2 (for IT Professionals)
http://www.microsoft.com/en-in/download/details.aspx?id=7558

Author

Commented:
Thanks for your response. This process I already knew it but I am looking for Vbscript to automate the task. any suggestion.

Commented:
Here is the web site with a few examples for script options with MBSA for generating reports.

http://www.microsoft.com/en-us/download/confirmation.aspx?id=10750
Success in ‘20 With a Profitable Pricing Strategy

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Top Expert 2012

Commented:
Why don't you use widely used solution such as WSUS ..You may control things more efficiently with this and would get a good quality and hassle free reporting system
hirenvmajithiyaManager (System Administration)

Commented:
User MBSA as all stated above.

Author

Commented:
Thanks for your response but using the script in menionted in above link we can pull the pending patch information from local machine any other way we can pull the report of all the servers remotely. Like we can mention all the servers name in text & script can take this as input variable.

Author

Commented:
Thanks I executed the script & it wokes fine but this script give you the patch information which is installed on the machine. my requirement is to identify the patch which is require to be install (only security patch). can we modify this script to generate the report of pending patch.
Try below code ,

[void][reflection.assembly]::LoadWithPartialName(“Microsoft.UpdateServices.Administration”)
$global:wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::getUpdateServer(‘wsus ServerName Goes here’,$False,Port Number goes here of your WSUS)
$computerscope = New-Object Microsoft.UpdateServices.Administration.ComputerTargetScope
$updatescope = New-Object Microsoft.UpdateServices.Administration.UpdateScope
$s = Get-Content C:\Names.txt
$a = New-Object Microsoft.UpdateServices.Administration.ComputerTargetScope
$b = New-Object Microsoft.UpdateServices.Administration.UpdateScope
$c =  $wsus.getcomputertargets($a)
$id = @()
Foreach($Server in $s)
{
 $id += @($c | ? {$_.FulldomainName -like “$Server*”} | Select-Object -ExpandProperty ID)
}

$k = $wsus.GetSummariesPerComputerTarget($b,$a)
$k | Where-Object{$id -contains $_.ComputerTargetID} | ForEach {New-Object PSobject -Property @{
ComputerTarget = ($wsus.GetComputerTarget([guid]$_.ComputerTargetId)).FullDomainName
DownloadedCount = $_.DownloadedCount
FaliedCount = $_.FailedCount
}} | Export-Csv C:\PatchResult.csv -NoClobber -Force

Open in new window


Note -

$global:wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::getUpdateServer(‘wsus ServerName Goes here’,$False,Port Number goes here of your WSUS)

If you are using the default WSUS Port 80 then please no need of putting the WSUS Port number

The code will show the pending/Failed pathes on the list of servers.

List of servers are stoed in C:\Names.txt file.

Let me know if anything else is required.

More on this in my blog - http://prashant1987.wordpress.com/2012/11/21/powershell-script-to-query-wsus-for-downloadedfalied-patches-on-list-of-servers/

Hope this helps.

Regards,

_Prashant_

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial