Get SP Info from AD

One of the things that is required when you roll out agents is to know that the minimum service pack has been installed. Of course you can find out by trying to deploy the agent. The install failing will tell you but that is not a great strategy. If the customer is really good then they can provide that information but quite often I have to find it out. Or they ask me! There are some ADSI scripts that I looked at in the Script Center which helped but did not give quite what I wanted plus I knew that PowerShell has a nice export to CSV option so pulling it into Excel would be a breeze.

I started with PowerGui as it is an easier way to find out the command line but to use the AD extensions you need to download and install Quest Active Roles (available in 32 and 64 bit).

I hoped that I could get all the computers that were servers in PowerGui and output that to a text file. And I did get part of the way there but it seemed to choke getting all the computer information for the number of servers. But as it has a tab to show the PowerShell command I was able to take those and build on it.

I did this on the RMS as it had PowerShell installed (no need to run this on a DC) and I used the normal PowerShell console rather than the OpsMgr one. You need to tell it to use the Quest Add-in.

Add-PSSnapin Quest.ActiveRoles.ADManagement

Then using the command that PowerGui built I found all servers that were servers and had no SP (useful if all servers are 2003).

Get-QADComputer -ErrorAction SilentlyContinue -SizeLimit 0 | where { $_.OSName  -like  ‘*Server*’ } | where { $_.OSServicePack  -eq  $null } | Select-Object -property “Name”,”Type”,”DN”

Instead of displaying the list I wanted it as a CSV file.

Get-QADComputer -ErrorAction SilentlyContinue -SizeLimit 0 | where { $_.OSName  -like  ‘*Server*’ } | where { $_.OSServicePack  -eq  $null } | export-csv c:\servers_nosp.csv

Now for all servers

Get-QADComputer -ErrorAction SilentlyContinue -SizeLimit 0 | where { $_.OSName  -like  ‘*Server*’ } | export-csv c:\servers.csv

There was too much information in the CSV although you can delete the columns. A quick look at the PDF for Active Roles and I found the fields that I wanted. The next line does all computers so if you need to do SCCM as well this is useful.

Get-QADComputer -ErrorAction SilentlyContinue -SizeLimit 0 | Select-Object -property “Name”,”OSName”,”OSVersion”,”OSServicePack”,”DN”} | export-csv c:\allcomputers.csv

I imported that into Excel and with a quick pivot table I had all the information I needed and as I included the Distinguished Name I could see which OUs these servers were in.

Note that this just provides the information from a single domain.

Now someone will tell me why didn’t I use x, y or z as they have been around for ages to do this. Well I either didn’t know or couldn’t find them and I wanted to extend my PowerShell knowledge.


Comments are closed.

%d bloggers like this: