Hi folks,
I had a little challange from a customer today.
He wants to ensure that all servers has the same patch level.
With the lack of an WSUS I decided to write a short powershell script.
The question was which attribute, item or value I can query to get the current patch level.
Microsoft introduce with windows 10 and Server 2016 a registry key called UBR (Update Build Revision)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
Key: UBR
We simple need to iterate through all computers we want to see the patch level and read the registry value from this key
Here you can see the quick and dirty script snippet.
$servers = @("server1","server2")
$results = @()
foreach ($Server in $servers) {
$PSSess = New-PSSession -ComputerName $Server
$results += New-Object -TypeName psobject -Property @{Host = $server
PatchLevel = Invoke-Command -Session $PSSess -ScriptBlock {
(Get-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion').CurrentBuildNumber + "." + (Get-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion').UBR}
}
Remove-PSSession -Session $PSSess
}
$results
the result is as follows
Stay tuned
Simon