PowerShell Script: get latest patch level per server

A while back I created a powershell script for retrieving several pieces of information about patch levels on servers inside an Active Directory domain.
Actually the script below uses a textfile as input. Just stating each server name right below eachother.
First i execute a test-connection in order to verify if the server is online.
If the server is online get the OS version and the latest update applied.
This way you can easily scan you environment and determine the patch level on each server/device.
The output is then written to a csv file, which can then be easily edited and filtered for your own needs.

function Get-PatchLevel1{
# delete or edit select-object 1 in the hotfix parameter to scope the output
param (
$serverlist = (get-content -path ‘c:\temp\test1.txt’),
[string]$ErrorLog = ‘c:\temp\retry.txt’,
[Array]$Collection = foreach ($server in $serverlist){
$ping = Test-Connection -quiet -computername $server

If($ping -eq $True)
$os = Get-ADComputer –identity $server –Property * | select OperatingSystem,OperatingSystemServicePack
$AD = Get-ADComputer $server |fl name
$hotfix = Get-HotFix -ComputerName $server | where-object {$_.hotfixid -ne “file 1″} |Select hotfixid,description,installedby,@{label=”InstalledOn”;e={[DateTime]::Parse($_.psbase.properties[“installedon”].value,$([System.Globalization.CultureInfo]::GetCultureInfo(“en-US”)))}} | Sort-Object -Property InstalledOn | Select-Object -Last 1 –Property InstalledOn

New-Object -TypeName PSObject -Property @{
Computername = $server
OnlineStatus = $ping
OSVersion = $os
Hotfix = $hotfix

$Collection | Export-Csv c:\temp\PatchLevelAdServers1.csv -NoTypeInformation

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *