Monday, October 23, 2023

Get Installed Windows Updates and Reporting

This PowerShell script appears to be designed for checking for updates on remote computers within an Active Directory domain. It retrieves a list of computer names and checks for installed updates on each computer. Here is a breakdown of the script's main components:

  1. Script Header:
    • The script begins with a header section that includes a synopsis, description, author, version, requirements, and notes. It provides information about the purpose of the script and how to use it.
  2. Output Paths:
    • Two variables, $updatesOutputPath and $errorsOutputPath, are defined to specify the file paths for saving updates data and error messages.
  3. Computer List:
    • The script retrieves a list of computer names from either an Organizational Unit (OU) in Active Directory or a text file. The default is to use a text file ("C:\temp\Patches\Servers.txt") as the source of computer names.
  4. Processing Loop:
    • The script iterates through each computer in the list.
    • Inside the loop, it attempts to establish a PowerShell remote session with the target computer using New-PSSession.
    • It retrieves the last boot-up time and installed updates on the remote computer.
    • If updates are found, the data is stored in the $updatesData array, including computer name and last reboot time.
    • If an error occurs during any of these steps, the error message is logged to both the console and the $errors array.
  5. Cleanup:
    • After processing each computer, the script removes the PowerShell remote session using Remove-PSSession.
  6. Exporting Results:
    • After processing all computers, the script checks if any updates data was collected. If so, it exports the data to a CSV file at the specified path.
    • It also checks if any connection errors occurred and, if so, exports those errors to a text file.
  7. Final Output:
    • The script provides informative messages in the console about the progress and the location of exported data or errors.

You can customize the script by modifying the $updatesOutputPath and $errorsOutputPath variables and specify your own list of computers. Make sure to run this script with appropriate permissions and consider security best practices when using PowerShell remoting.

It's essential to have the Active Directory module installed for AD queries, and PowerShell version 5.1 or later is required for this script.




<#

.SYNOPSIS

    This PowerShell script checks for updates on remote computers in an Active Directory domain and saves the results to a CSV file.

.DESCRIPTION

    This script retrieves a list of computer names from the "Domain Controllers" organizational unit (OU) and checks for installed updates on each computer.

    The update information is saved to a CSV file, and any errors encountered during the process are logged to a text file.

 

    Author: Navinya Ambre

    Date: 10/10/2023

 

.VERSION

    Script Version: 1.0

 

.REQUIREMENTS

    - PowerShell 5.1 or later

    - Active Directory module installed (for AD queries)

 

.NOTES

    - Modify the $updatesOutputPath and $errorsOutputPath variables to specify the output file paths.

    - Ensure that the user running this script has the necessary permissions to create remote PowerShell sessions and retrieve information from remote computers.

    - Consider security best practices when using PowerShell remoting (e.g., WinRM) in your environment.

 

#>

 

 

$updatesOutputPath = "C:\temp\Patches\updates.csv"  # Path for the updates output file

$errorsOutputPath = "C:\temp\Patches\errors.txt"  # Path for the errors output file


$computers = Get-Content -Path "C:\temp\Patches\Servers.txt"

 

$updatesData = @()

$errors = @()

 

foreach ($computer in $computers) {

    Write-Host "Checking updates on $computer..."

 

    try {

        $session = New-PSSession -ComputerName $computer -ErrorAction Stop

        $rebootTime = Invoke-Command -Session $session -ScriptBlock {

            (Get-CimInstance -ClassName Win32_OperatingSystem).LastBootUpTime

        } -ErrorAction Stop

 

        $updates = Invoke-Command -Session $session -ScriptBlock {

            Get-WmiObject -Class Win32_QuickFixEngineering | Select-Object -Property HotFixID, InstalledOn

        } -ErrorAction Stop

 

        if ($updates) {

            $updatesData += $updates | Select-Object *, @{Name='ComputerName'; Expression={$env:COMPUTERNAME}}, @{Name='LastRebootTime'; Expression={$rebootTime}}

        }

    }

    catch {

        $errorMessage = "Failed to retrieve updates on $computer. Error: $($_.Exception.Message)"

        Write-Host $errorMessage

        $errors += $errorMessage

    }

    finally {

        if ($session) {

            Remove-PSSession -Session $session

        }

    }

}

if ($updatesData) {

    $updatesData | Export-Csv -Path $updatesOutputPath -NoTypeInformation

    Write-Host "Updates data exported to: $updatesOutputPath"

} else {

    Write-Host "No updates found on any of the remote computers."

}

 

if ($errors) {

    $errors | Out-File -FilePath $errorsOutputPath

    Write-Host "Connection errors exported to: $errorsOutputPath"

} else {

    Write-Host "No connection errors occurred."

}





Please consider this an open forum for sharing your thoughts, modifications, and suggestions regarding the script. Your input and feedback are highly encouraged and valued.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)