Friday, February 27, 2009

PowerShell and WSUS

Was recently tasked with writing an audit script of what servers we control that were not currently in WSUS. Following is a script that generates 2 text files. The first one will be a list of servers in the specific OU that we are concerned with are in WSUS and the second will be a listing of those that are not.

Shout out to Jonathan Medd for showing the way with his WSUS PowerPack.

function Get-WSUSComputers()
    $wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::getUpdateServer('WSUS_Server',$false)
$ServerList = 'c:\ProductionScripts\Servers.txt'
$WSUSList = 'c:\ProductionScripts\WSUS.txt'
$InWSUS = 'c:\ProductionScripts\FirstInSecond.txt'
$NotInWSUS = 'c:\ProductionScripts\FirstNotInSecond.txt'
# Export out a list of all servers
Get-QADComputer -OSName *Server* `
    -SearchRoot 'OU=Your OU,OU=Your Company,DC=Company,DC=com' |`
    Sort-Object DNSName | `
    Select-Object DNSName | `
    Out-File -FilePath $ServerList -Force
# Export out a list of all servers
# listed in WSUS
Get-WSUSComputers | Sort FullDomainName |`
    Select FullDomainName | `
    Out-File -FilePath $WSUSList -Force
$Servers = get-content $ServerList
$WSUS = get-content $WSUSList 
New-Item $InWSUS -Type file -Force
New-Item $NotInWSUS -Type file -Force
Foreach ($Server in $Servers)
    If ($WSUS -contains $Server)
        Add-content $InWSUS $Server
        Add-content $NotInWSUS $Server


1 comment:

jkavanagh58 said...

The WSUS stuff, am I wrong or does it not account for Replica servers?