Was recently tasked with writing an audit script of what servers we control that were not currently in WSUS. Following is a script that generates 2 text files. The first one will be a list of servers in the specific OU that we are concerned with are in WSUS and the second will be a listing of those that are not.
Shout out to Jonathan Medd for showing the way with his WSUS PowerPack.
function Get-WSUSComputers(){ [void][reflection.assembly]::LoadWithPartialName("Microsoft.UpdateServices.Administration") $wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::getUpdateServer('WSUS_Server',$false)$wsus.GetComputerTargets()
}
$ServerList = 'c:\ProductionScripts\Servers.txt'$WSUSList = 'c:\ProductionScripts\WSUS.txt'$InWSUS = 'c:\ProductionScripts\FirstInSecond.txt'$NotInWSUS = 'c:\ProductionScripts\FirstNotInSecond.txt'# Export out a list of all serversGet-QADComputer -OSName *Server* `
-SearchRoot 'OU=Your OU,OU=Your Company,DC=Company,DC=com' |`Sort-Object DNSName | `
Select-Object DNSName | `
Out-File -FilePath $ServerList -Force
# Export out a list of all servers# listed in WSUSGet-WSUSComputers | Sort FullDomainName |`
Select FullDomainName | `
Out-File -FilePath $WSUSList -Force
$Servers = get-content $ServerList
$WSUS = get-content $WSUSList
New-Item $InWSUS -Type file -Force
New-Item $NotInWSUS -Type file -Force
Foreach ($Server in $Servers){If ($WSUS -contains $Server)
{Add-content $InWSUS $Server
}
Else
{Add-content $NotInWSUS $Server
}
}
Enjoy!
1 comment:
The WSUS stuff, am I wrong or does it not account for Replica servers?
Post a Comment