Friday, February 27, 2009

PowerShell and WSUS

Was recently tasked with writing an audit script of what servers we control that were not currently in WSUS. Following is a script that generates 2 text files. The first one will be a list of servers in the specific OU that we are concerned with are in WSUS and the second will be a listing of those that are not.

Shout out to Jonathan Medd for showing the way with his WSUS PowerPack.



function Get-WSUSComputers()
{
    [void][reflection.assembly]::LoadWithPartialName("Microsoft.UpdateServices.Administration")
    $wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::getUpdateServer('WSUS_Server',$false)
    $wsus.GetComputerTargets()
}
 
$ServerList = 'c:\ProductionScripts\Servers.txt'
$WSUSList = 'c:\ProductionScripts\WSUS.txt'
$InWSUS = 'c:\ProductionScripts\FirstInSecond.txt'
$NotInWSUS = 'c:\ProductionScripts\FirstNotInSecond.txt'
 
# Export out a list of all servers
Get-QADComputer -OSName *Server* `
    -SearchRoot 'OU=Your OU,OU=Your Company,DC=Company,DC=com' |`
    Sort-Object DNSName | `
    Select-Object DNSName | `
    Out-File -FilePath $ServerList -Force
 
# Export out a list of all servers
# listed in WSUS
Get-WSUSComputers | Sort FullDomainName |`
    Select FullDomainName | `
    Out-File -FilePath $WSUSList -Force
 
$Servers = get-content $ServerList
$WSUS = get-content $WSUSList 
 
New-Item $InWSUS -Type file -Force
New-Item $NotInWSUS -Type file -Force
 
Foreach ($Server in $Servers)
{
    If ($WSUS -contains $Server)
    {
        Add-content $InWSUS $Server
    }
    Else
    {
        Add-content $NotInWSUS $Server
    }
}


Enjoy!

1 comment:

Anonymous said...

The WSUS stuff, am I wrong or does it not account for Replica servers?