One of the principal needs for BizTalk Server Administrators is the ability to monitor the health of BizTalk environments and react promptly to possible problems. You can accomplish this by using certain tools such as BizTalk Administration Console, BizTalk360, SCOM, and much more… However, unfortunately, many times, some of these tools are not available to us, but we still need to accomplish this task.
Welcome back to this series of articles about monitoring your BizTalk environment using PowerShell that already has three previous editions:
- Monitor your BizTalk environment using PowerShell – Disk Space Monitoring
- Monitor your BizTalk environment using PowerShell – SQL Agent Jobs Monitoring
- Monitor your BizTalk environment using PowerShell – Suspended instance monitoring by Jeroen Hendriks
Today, we will talk about monitoring Windows Updates and Pending Restarts on the servers using PowerShell.
📝 One-Minute Brief
Don’t let unapplied Windows Updates or ghost pending restarts crash your BizTalk high availability. This PowerShell-based monitoring solution automates the check across your entire BizTalk group. It identifies missing critical updates and detects the “Pending Restart” flag that often prevents BizTalk services from behaving correctly. Receive automated email alerts before a forced reboot disrupts your message flow.
For me, it’s very important that administrators deploy the latest Microsoft product updates to servers that are running the Windows operating system. By doing this, they will address and solve known issues or vulnerabilities in Microsoft products, and they will keep the environment constantly updated. However, when we are working with several teams (system administrators, network administrators, BizTalk administrators, and so on) or sometimes without system administrator teams, these tasks are normally forgotten or postponed several times.
Although there are occasions when updates can cause a new issue to appear, generally speaking, they will help you with solving problems. However, for this reason, you should install and test these updates in a developing or testing environment before you install them in production.
For these reasons, I like to monitor and know if the servers that are running on my BizTalk environment have some updates available to install or, for some reason, they required a restart, so that I can take action without the need to constantly check this manually on all the servers.
So how can PowerShell help us?
With this script, you can monitor Windows Updates and Pending Restarts on the servers running in your BizTalk environment using PowerShell. Servers that do not fall under these conditions will not be listed.
This script allows you to set:
- A range of machines you need to monitor
#########################################################
# List of computers to be monitored
#########################################################
$Servers = Get-Content .\Machines.txt
The Machine.txt is a simple text file with the list of all machine names you want to monitor:
servername1.domain.local
servername2.domain.local
servername3.domain.local
- And configure your email notification settings
#########################################################
# List of users who will receive the report
#########################################################
$mailto = "mail1@mail.net, mail2@mail.net"
#########################################################
# SMTP properties
#########################################################
$emailFrom = "suport@mail.net"
$smtpServer = "mySMTPServer" #SMTP Server.
$smtpUsername = "myUsername"
$smtpPassword = "myPassword"
The script will monitor all the servers with Windows Updates ready to be installed, Windows Updates configured to be checked manually, or servers that require a reboot. Servers that do not fall under these conditions will not be listed.
$results = foreach ($Computer in $Servers)
{
try
{
$service = Get-WmiObject Win32_Service -Filter 'Name="wuauserv"' -ComputerName $Computer -Ea 0
$WUStartMode = $service.StartMode
$WUState = $service.State
$WUStatus = $service.Status
try{
if (Test-Connection -ComputerName $Computer -Count 1 -Quiet)
{
#check if the server is the same where this script is running
if($Computer -eq "$env:computername.$env:userdnsdomain")
{
$UpdateSession = New-Object -ComObject Microsoft.Update.Session
}
else { $UpdateSession = [activator]::CreateInstance([type]::GetTypeFromProgID("Microsoft.Update.Session",$Computer)) }
$UpdateSearcher = $UpdateSession.CreateUpdateSearcher()
$SearchResult = $UpdateSearcher.Search("IsAssigned=1 and IsHidden=0 and IsInstalled=0")
$Critical = $SearchResult.updates | where { $_.MsrcSeverity -eq "Critical" }
$important = $SearchResult.updates | where { $_.MsrcSeverity -eq "Important" }
$other = $SearchResult.updates | where { $_.MsrcSeverity -eq $null }
# Get windows updates counters
$totalUpdates = $($SearchResult.updates.count)
$totalCriticalUp = $($Critical.count)
$totalImportantUp = $($Important.count)
if($totalUpdates -gt 0)
{
$updatesToInstall = $true
}
else { $updatesToInstall = $false }
}
else
{
# if cannot connected to the server the updates are listed as not defined
$totalUpdates = "nd"
$totalCriticalUp = "nd"
$totalImportantUp = "nd"
}
}
catch
{
# if an error occurs the updates are listed as not defined
Write-Warning "$Computer`: $_"
$totalUpdates = "nd"
$totalCriticalUp = "nd"
$totalImportantUp = "nd"
$updatesToInstall = $false
}
# Querying WMI for build version
$WMI_OS = Get-WmiObject -Class Win32_OperatingSystem -Property BuildNumber, CSName -ComputerName $Computer -Authentication PacketPrivacy -Impersonation Impersonate
# Making registry connection to the local/remote computer
$RegCon = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey([Microsoft.Win32.RegistryHive]"LocalMachine",$Computer)
# If Vista/2008 & Above query the CBS Reg Key
if ($WMI_OS.BuildNumber -ge 6001)
{
$RegSubKeysCBS = $RegCon.OpenSubKey("SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\").GetSubKeyNames()
$CBSRebootPend = $RegSubKeysCBS -contains "RebootPending"
}
else{
$CBSRebootPend = $false
}
# Query WUAU from the registry
$RegWUAU = $RegCon.OpenSubKey("SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\")
$RegSubKeysWUAU = $RegWUAU.GetSubKeyNames()
$WUAURebootReq = $RegSubKeysWUAU -contains "RebootRequired"
if($CBSRebootPend –OR $WUAURebootReq)
{
$machineNeedsRestart = $true
}
else
{
$machineNeedsRestart = $false
}
# Closing registry connection
$RegCon.Close()
if($machineNeedsRestart -or $updatesToInstall -or ($WUStartMode -eq "Manual") -or ($totalUpdates -eq "nd"))
{
New-Object PSObject -Property @{
Computer = $WMI_OS.CSName
WindowsUpdateStatus = $WUStartMode + "/" + $WUState + "/" + $WUStatus
UpdatesToInstall = $updatesToInstall
TotalOfUpdates = $totalUpdates
TotalOfCriticalUpdates = $totalCriticalUp
TotalOfImportantUpdates = $totalImportantUp
RebootPending = $machineNeedsRestart
}
}
}
catch
{
Write-Warning "$Computer`: $_"
}
}
Report sample:
Note: This type of script must be viewed as a complement to the tools mentioned above or used in their absence.
Download
THIS POWERSHELL IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND.
You can download Monitoring Windows Updates and Pending Restarts on the servers using PowerShell from GitHub here:
Hope you find this helpful! If you liked the content or found it useful and would like to support me in writing more, consider buying (or helping to buy) a Star Wars Lego set for my son.
Is it possible to manage remotely biztalk server through powershell ?
for example powershell scripts will configure in Application server and BizTalk is not installed on this
machine.