Bu hafta sonunun en güncel sorusu için hızlı bir PS paylaşmak istiyorum;
$Hostname = hostname
$hotfixes = “KB4012212”, “KB4012217”, “KB4015551”, “KB4019216”, “KB4012216”, “KB4015550”, “KB4019215”, “KB4013429”, “KB4019472”, “KB4015217”, “KB4015438”, “KB4016635”, “KB4012213”, “KB4012212″
$hotfix = Get-HotFix -ComputerName $Hostname | Where-Object {$hotfixes -contains $_.HotfixID} | Select-Object -property “HotFixID”
if (Get-HotFix | Where-Object {$hotfixes -contains $_.HotfixID} )
{
“Found HotFix: ” + $hotfix.HotFixID
} else {
“Update yüklü değil.”
}
KB4012212 – Windows Server 2008
KB4012212 – Windows Server 2008 R2
KB4012217 KB4015551 KB4019216 – Windows Server 2012
KB4012216 KB4015550 KB4019215 KB4012213 – Windows Server 2012 R2
KB4013429 KB4019472 KB4015217 KB4015438 KB4016635 – Windows Server 2016
Kürşat ARI komut setini geliştirdi ve daha otomatik bir hal aldı, kendisine teşekkür ediyorum;
——Herhangi bir KBxxxx patch inin bir host üzerinde varolup olmadığının script ile kontrolü———–
Kaynak bir .txt üzerindeki hostlardan oluşuyorsa hostname.txt dosyamız aşağıdaki formatlardan birinde olmalı
Örnek hostname.txt dosyamızın içeriği
Pc1
Pc2
Pc3
Srv1
Srv2
Srv3
#####################################################################################################
cls
$Installed=@()
$NotInstalled=@()
$Serverlist=Get-Content c:\temp\hostname.txt
$hotfixes = “KB4012212”,“KB4012217”,“KB4015551”,“KB4019216”,“KB4012216”,“KB4015550”,“KB4019215”,“KB4013429”,“KB4019472”,“KB4015217”,“KB4015438”,“KB4016635”,”KB4012213″,”KB4012214″
foreach ($server in $Serverlist) {
$Hostname = $server
$hotfix = Get-HotFix -ComputerName $Hostname | Where-Object {$hotfixes -contains $_.HotfixID} | Select-Object -property “HotFixID”
if (Get-HotFix -ComputerName $Hostname | Where-Object {$hotfixes -contains $_.HotfixID} )
{
$Installed+=$Hostname
Write-Host “Bulunan Hotfix: $($hotfix.HotFixID) $Hostname Sunucusu için bir problem yok” -BackgroundColor Green
} else {
$NotInstalled+=$Hostname
Write-host “$hostname sunucusunda WannaCry için Update yüklü değil.” -BackgroundColor red
}
}
Write-host”Yuklu olanlar—————-”
$Installed
Write-host “—————————-”
Write-host “Yuklu olmayanlar————”
$NotInstalled
Write-host “—————————–”
#######################################################################################################
Kaynak Active directoryde bulunan hostlar ise
4.satırda bulunan ifade ;
Sadece Windows serverlar için à Get-ADComputer -filter {OperatingSystem -like “Windows Server*”}|Select-Object DNSHostName
Sadece Windows Clientlar için à Get-ADComputer -filter {OperatingSystem -notlike “Windows Server*”}|Select-Object DNSHostName
Tüm hostlar için à Get-ADComputer -filter * | Select-Object DNSHostName
Şeklinde olmalı
#######################################################################################################
cls
$Installed=@()
$NotInstalled=@()
$Serverlist= Get-ADComputer -filter {OperatingSystem -like “Windows Server*”}
$hotfixes = “KB4012212”,“KB4012217”,“KB4015551”,“KB4019216”,“KB4012216”,“KB4015550”,“KB4019215”,“KB4013429”,“KB4019472”,“KB4015217”,“KB4015438”,“KB4016635”,”KB4012213″,”KB4012214″
foreach ($server in $Serverlist) {
$Hostname = $server
$hotfix = Get-HotFix -ComputerName $Hostname.DNSHostName | Where-Object {$hotfixes -contains $_.HotfixID} | Select-Object -property “HotFixID”
if (Get-HotFix -ComputerName $Hostname.dnshostname | Where-Object {$hotfixes -contains $_.HotfixID} )
{
$Installed+=$Hostname.DNSHostName
Write-Host “Bulunan Hotfix: $($hotfix.HotFixID) $($Hostname.dnshostname) Sunucusu için bir problem yok” -BackgroundColor Green
} else {
$NotInstalled+=$Hostname.DNSHostName
Write-host “$($hostname.dnshostname) sunucusunda WannaCry için Update yüklü değil.” -BackgroundColor red
}
}
Write-host”Yuklu olanlar—————-”
$Installed
Write-host “—————————-”
Write-host “Yuklu olmayanlar————”
$NotInstalled
Write-host “—————————–”
#######################################################################################################