Share via

One-Liner: Domain Controller Patch Levels

  • Article

Before performing work against your Active Directoy, it's prudent to complete a few checks, e.g. is replication healthy, are my FSMOs up, do I have up-to-date, verified backups etc?

Here's a one-liner to give you a view of whether your patch levels are consistent:

Get-ADDomainController -Filter * | ForEach-Object {

$HotFixes = (Get-HotFix -ComputerName $_.Name).Count

Write-Host "$($_.Name): $($_.OperatingSystem) : $HotFixes HotFixes"

}

 

Remember, this is only a view, a starting point for further analysis...

 
"...One foot in sea, and one on shore,
To one thing constant never..."

Comments

  • Anonymous
    January 01, 2003
    @Turbomcp: thanks for making the one-liner v2-friendly. All of my examples are written in v4 BTW.

    1 hotfix?! ;)
  • Anonymous
    April 09, 2015
    great stuff
    thanks
  • Anonymous
    April 09, 2015
    Hi
    when I run it I see $hotfixes is blanked
    although I when I run it without .count I see there is one hotfix
  • Anonymous
    April 09, 2015
    maybe like this:
    Import-Module activedirectory
    Get-ADDomainController -Filter * | ForEach-Object {

    $HotFixes = ((Get-HotFix -ComputerName $.Name)|measure).count

    Write-Host "$($    .Name): $($_.OperatingSystem) : $($HotFixes) HotFixes"

    }
  • Anonymous
    April 10, 2015
    yeah I thought that was the cause so I ran it on my 2012 r2 and got same thing
    yeah its 1 hotfix:) some image I use no patches:) for testing
    Thanks, I always enjoy and learn something new
  • Anonymous
    August 23, 2016
    Very useful, thanks.