Here's a wickedly useful function I threw together based on a strong need to push emergency patches to thousands of servers without the standard route of using a patching deployment system like SCCM, WSUS, Altiris, or HPSA. All of these tools have their strengths and are generally considered superior to just manually pushing patches, but the sheer versatility of ease of being able to quickly deploy patches is what I required to make tight patching deadlines.
I recommend using this function with Get-HotFix, or Get-WmiObject -class Win32_product for a list of installed patches/software to determine if installation is needed and/or was successful. You can also come in after the push and look at the log files on the servers in an automated fashion to see how things went.
This script does require PSRemoting to be enabled on target servers, which is true by default on all Windows Server 2012 R2 installs, but needs to be turned on either by GPO or by hand on previous versions. There's a built in workaround if you pull down PSExec which will work on older servers without PSRemoting.
Monday, August 10, 2015
Tuesday, August 4, 2015
Powershell Script - Get-LocalUsers - Remotely query all local users and details
Here's a lovely script that runs with parallel pipeline queries using the [ADSI] .NET class to remotely query SAM to build nice object outputs which are great for security audits. Here's some sample output:
And the code:
PS C:\> 'Server1','Server2' | Get-LocalUsers Server : Server1 UserName : Administrator Active : True PasswordExpired : False PasswordAgeDays : 16 LastLogin : 6/3/2015 6:34:27 PM Groups : Administrators Description : Built-in account for administering the computer/domain Server : Server1 UserName : Guest Active : False PasswordExpired : False PasswordAgeDays : 0 LastLogin : Groups : Guests Description : Built-in account for guest access to the computer/domain Server : Server2 UserName : Administrator Active : True PasswordExpired : False PasswordAgeDays : 1 LastLogin : 3/5/2015 7:28:14 PM Groups : Administrators Description : Built-in account for administering the computer/domain Server : Server2 UserName : Guest Active : False PasswordExpired : False PasswordAgeDays : 0 LastLogin : Groups : Guests Description : Built-in account for guest access to the computer/domain PS C:\>
And the code:
Subscribe to:
Posts (Atom)