Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

How to list server which needs to be updated with WIndows Update and the total patch required ?

Posted on 2014-12-28
10
287 Views
Last Modified: 2015-01-12
Folks,

Can anyone here please suggest me with the powershell script of which server in a certain OU location that needs to be update with Windows Update and the total number of patch required?

here's my partial script:
# This script shows the last time that a successfull Windows Update was installed.
cls
#add-PSSnapin quest.activeroles.admanagement
$OnlineServers = @()

Get-QADComputer -SearchRoot 'domain.com/Data Center Servers' -OSName "Windows*Server*" | where {$_.accountisdisabled -eq $false} | % {
 
  $PingResult = Get-WmiObject -Query "SELECT * FROM win32_PingStatus WHERE address='$($_.Name)'"
 
  If ($PingResult.StatusCode -eq 0) {
     # Add the current name to the array
    $OnlineServers += "$($_.Name)"
  }
}

foreach ($Server in $OnlineServers ) {
            $key = “SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install”
            $keytype = [Microsoft.Win32.RegistryHive]::LocalMachine
            $RemoteBase = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($keytype,$Server)
            $regKey = $RemoteBase.OpenSubKey($key)
            $KeyValue = $regkey.GetValue(”LastSuccessTime”)
      
            $System = (Get-Date -Format "yyyy-MM-dd hh:mm:ss")
                  
            if      ($KeyValue -lt $System)      {
                  Write-Host " "
                  Write-Host $Server "Last time updates were installed was: " $KeyValue
            }
}

I was able to compile and modify the script to get the latest update applied but not the amount of Updates that is needed and then export the result to .CSV file.

Thanks.
0
Comment
  • 5
  • 4
10 Comments
 
LVL 37

Expert Comment

by:Neil Russell
ID: 40521458
Why not just use WSUS and its inbuilt reporting? Its free and it works.
0
 
LVL 24

Accepted Solution

by:
VB ITS earned 500 total points
ID: 40521675
Agree with Neilsr. I would recommend you just use WSUS as it has the ability to do what you are asking for and more.

Here's a guide for deploying WSUS on a Windows 2012/2012 R2 machine if you're interested in going down this route: http://technet.microsoft.com/en-us/library/hh852340.aspx

If you're set on sticking with PowerShell though you can have a look at this script. I haven't tested this myself but it seems to be able to do what you need it to do. You may even be able to take some sections out of the script and adapt it to your own.

All other PowerShell scripts I've found check the WSUS server for missing updates which probably doesn't help you in this scenario.
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40521700
Thanks guys.
Do I have to execute that script on my wsus server ?

Or can I execute that code in my powerGUI console on my laptop ?
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 24

Expert Comment

by:VB ITS
ID: 40521704
Wait - do you or do you not currently have a WSUS server as that changes the scope of the question significantly?
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40521722
Yes I do.
But only wsus 3.0 sp2
0
 
LVL 24

Assisted Solution

by:VB ITS
VB ITS earned 500 total points
ID: 40521729
In that case have a look at this script, as the previous script I linked checks against the actual Windows Update website and not your local WSUS server.

The same creator of this script has also created a very cool GUI which works quite nicely. See this article if you're interested: http://blogs.technet.com/b/heyscriptingguy/archive/2011/08/13/use-powershell-to-audit-and-install-windows-patches.aspx
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40521744
OK do i need to import some power shell module on my laptop before running on the powerGUI console ?
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40521754
Sorry I'm not familiar with PowerGUI so I can't answer that question. What I can tell you though is that you need to dot-source the script before running it. To do this you simply type in PowerShell . C:\Scripts\Get-PendingUpdate.ps1 (note the dot before the path to the PS1 file).

You will then be able to use the Get-PendingUpdate cmdlet in PowerShell to check for pending updates.
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40521763
Ah ok, powerGUI console is a freeware Powershell IDE.

So I assume that there is no need to do DLL import or load some assembly before running the script ?
0
 
LVL 24

Assisted Solution

by:VB ITS
VB ITS earned 500 total points
ID: 40521766
Yep I know of PowerGUI, just never used it so I can't give you any solid info on it :)

No need to load any modules before running the script, you just need to dot-source the script first as mentioned previously (also mentioned on the script download page) in order to load the functions into memory, otherwise the Get-PendingUpdate cmdlet won't work as expected.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to prepare an HTML email signature template file containing dynamic placeholders for users' Azure AD data. Furthermore, it explains how to use this file to remotely set up a department-wide email signature policy in Office …
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
The viewer will learn how to count occurrences of each item in an array.

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question