I quickly mashed this script together today to check our desktop fleet. Other Sysadmins may want to re-use this script.
Enjoy!
btw… don’t have time to check if others have already posted a similar solution, if so I apologise and mods feel free to remove if that’s the case.
Import-Module ActiveDirectory # Get workstations from AD $workstations = Get-ADComputer -Filter {OperatingSystem -Notlike "Windows *Server*"} foreach ($workstation in $workstations) { if((Test-Connection -CN $workstation.dnshostname -Count 1 -BufferSize 16 -Quiet)) { #Report workstation is up write-host -ForegroundColor green $workstation.Name "is online!" #Invoke powershell remoting and check for hotfix Invoke-Command -ComputerName $workstation.dnshostname -ScriptBlock { # Known Windows Patches for wcry $hotfixes = @(‘KB4012598’, ‘KB4012212’, ‘KB4012215’, ‘KB4015549’, ‘KB4019264’, ‘KB4012213’, ‘KB4012216’, ‘KB4015550’, ‘KB4019215’, ‘KB4012214’, ‘KB4012217’, ‘KB4015551’, ‘KB4019216’, ‘KB4012606’, ‘KB4015221’, ‘KB4016637’, ‘KB4019474’, ‘KB4013198’, ‘KB4015219’, ‘KB4016636’, ‘KB4019473’, ‘KB4013429’, ‘KB4015217’, ‘KB4015438’, ‘KB4016635’, ‘KB4019472’, ‘KB4018466’) # Search installed hotfixes # See if the HotFix was found if ($hotfix = Get-HotFix | Where-Object {$hotfixes -contains $_.HotfixID}) {write-host -foregroundcolor cyan “Found hotfix” $hotfix.HotfixID "on" $env:computername } else { write-host -foregroundcolor magenta “Didn’t find hotfix on” $env:computername } } } else { Write-host -ForegroundColor gray $workstation.Name "is offline" } } submitted by /u/IWantsToBelieve
[link] [comments]
The post More wcry… yawn – but seriously here’s a nifty script to check your AD fleet for the known hotfixes. (Requires WinRM enabled on your workstations) appeared first on How to Code .NET.
