Tuesday, April 7, 2009

Powershell function to check last patches

This function uses WMI to connect to a remote host and retrieve the three last patches and their installation date. It uses the WQL (WMI query language) to fetch just the last three installed patches and not all of them.


You need an array named $computerlist containing a list of computers, i.e.
$computers = "host01","host02","host03"

And you need your credentials stored in a secure $creds variable.

You could have used the registry, but in Powershell 1.0 you must une a .NET class which doesn't support remote autenthication in a different security context (i.e. a different AD domain).

Please note that the Win32_QuickFixEngineering WMI class has a know bug and not all the pathces are listed... this is a very old problem.

This is the code:

#* Function: QFE
#* Arguments: $Comp
#* Output: $patchid01/02/03 and $patchdate01/02/03
#* Purpose: Retrieve the 3 last patches
function QFE
$global:checkkb = gwmi Win32_QuickFixEngineering -ComputerName $args[0] -credential $creds | ? { $_.InstalledOn } | sort installedon | select -Last 3 #| ft hotfixid, installedon
$global:patchid01 = $global:checkkb.syncroot[0].hotfixid
$global:patchdate01 = $global:checkkb.syncroot[0].installedon
$global:patchid02 = $global:checkkb.syncroot[1].hotfixid
$global:patchdate02 = $global:checkkb.syncroot[1].installedon
$global:patchid03 = $global:checkkb.syncroot[2].hotfixid
$global:patchdate03 = $global:checkkb.syncroot[2].installedon
$global:patchid01 + " " + $global:patchdate01
$global:patchid02 + " " + $global:patchdate02
$global:patchid03 + " " + $global:patchdate03
$global:checkkb = $null
foreach ($comp in $computerlist) {QFE}

No comments:

Post a Comment