One of the principal needs for BizTalk Server Administrators is the ability to monitor the health of BizTalk environments and react promptly to possible problems, you can accomplish this by using certain tools such as BizTalk Administration Console; BizTalk360; SCOM, and much more… However, unfortunately, many times, some of these tools are not available for us but we still need to accomplish this task.
Welcome back to this series of articles about Monitor your BizTalk environment using PowerShell that already have three previous editions:
- Monitor your BizTalk environment using PowerShell – Disk Space Monitoring
- Monitor your BizTalk environment using PowerShell – SQL Agent Jobs Monitoring
- Monitor your BizTalk environment using PowerShell – Suspended instance monitoring by Jeroen Hendriks
Today we will talk about monitoring Windows Updates and Pending Restarts on the servers using PowerShell.
For me, it’s very important that administrators deploy the latest Microsoft product updates to servers that are running the Windows operating system. By doing this they will address and solved known issues or vulnerabilities in Microsoft products and they will keep the environment constantly updated. However when we are working with several teams (system administrators, network administrators, BizTalk administrators, and so on) or sometimes without system administrators teams these tasks normally are forgotten or postponed several times.
Although there are occasions when updates can cause a new issue to appear, generally speaking, they will help you with solving problems. However, for this reason, you should install and tested these updates in a developing or testing environment before you installed them in production.
For these reasons I like to monitor and know if the servers that are running on my BizTalk environment have some updates available to install or for some reason, they required a restart, so that I take actions without the need to constantly have to check this manually on all the servers.
So how can PowerShell help us?
With this script, you can be able to monitor Windows Updates and Pending Restarts on the servers running on your BizTalk environment using PowerShell. Servers that do not fall under these conditions will not be listed.
This script allows you to set:
- A range of machines you need to monitor
######################################################### # List of computers to be monitored ######################################################### $Servers = Get-Content .\Machines.txt
The Machine.txt is a simple text file with the list of all machine names you want to monitor:
servername1.domain.local
servername2.domain.local
servername3.domain.local
- And configure your email notification settings
######################################################### # List of users who will receive the report ######################################################### $mailto = "mail1@mail.net, mail2@mail.net" ######################################################### # SMTP properties ######################################################### $emailFrom = "suport@mail.net" $smtpServer = "mySMTPServer" #SMTP Server. $smtpUsername = "myUsername" $smtpPassword = "myPassword"
The script will monitor all the servers with Windows Updates ready to be installed, Windows Updates configured to be checked manually or servers that required a reboot. Servers that do not fall under these conditions will not be listed.
$results = foreach ($Computer in $Servers)
{
try
{
$service = Get-WmiObject Win32_Service -Filter 'Name="wuauserv"' -ComputerName $Computer -Ea 0
$WUStartMode = $service.StartMode
$WUState = $service.State
$WUStatus = $service.Status
try{
if (Test-Connection -ComputerName $Computer -Count 1 -Quiet)
{
#check if the server is the same where this script is running
if($Computer -eq "$env:computername.$env:userdnsdomain")
{
$UpdateSession = New-Object -ComObject Microsoft.Update.Session
}
else { $UpdateSession = [activator]::CreateInstance([type]::GetTypeFromProgID("Microsoft.Update.Session",$Computer)) }
$UpdateSearcher = $UpdateSession.CreateUpdateSearcher()
$SearchResult = $UpdateSearcher.Search("IsAssigned=1 and IsHidden=0 and IsInstalled=0")
$Critical = $SearchResult.updates | where { $_.MsrcSeverity -eq "Critical" }
$important = $SearchResult.updates | where { $_.MsrcSeverity -eq "Important" }
$other = $SearchResult.updates | where { $_.MsrcSeverity -eq $null }
# Get windows updates counters
$totalUpdates = $($SearchResult.updates.count)
$totalCriticalUp = $($Critical.count)
$totalImportantUp = $($Important.count)
if($totalUpdates -gt 0)
{
$updatesToInstall = $true
}
else { $updatesToInstall = $false }
}
else
{
# if cannot connected to the server the updates are listed as not defined
$totalUpdates = "nd"
$totalCriticalUp = "nd"
$totalImportantUp = "nd"
}
}
catch
{
# if an error occurs the updates are listed as not defined
Write-Warning "$Computer`: $_"
$totalUpdates = "nd"
$totalCriticalUp = "nd"
$totalImportantUp = "nd"
$updatesToInstall = $false
}
# Querying WMI for build version
$WMI_OS = Get-WmiObject -Class Win32_OperatingSystem -Property BuildNumber, CSName -ComputerName $Computer -Authentication PacketPrivacy -Impersonation Impersonate
# Making registry connection to the local/remote computer
$RegCon = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey([Microsoft.Win32.RegistryHive]"LocalMachine",$Computer)
# If Vista/2008 & Above query the CBS Reg Key
if ($WMI_OS.BuildNumber -ge 6001)
{
$RegSubKeysCBS = $RegCon.OpenSubKey("SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\").GetSubKeyNames()
$CBSRebootPend = $RegSubKeysCBS -contains "RebootPending"
}
else{
$CBSRebootPend = $false
}
# Query WUAU from the registry
$RegWUAU = $RegCon.OpenSubKey("SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\")
$RegSubKeysWUAU = $RegWUAU.GetSubKeyNames()
$WUAURebootReq = $RegSubKeysWUAU -contains "RebootRequired"
if($CBSRebootPend –OR $WUAURebootReq)
{
$machineNeedsRestart = $true
}
else
{
$machineNeedsRestart = $false
}
# Closing registry connection
$RegCon.Close()
if($machineNeedsRestart -or $updatesToInstall -or ($WUStartMode -eq "Manual") -or ($totalUpdates -eq "nd"))
{
New-Object PSObject -Property @{
Computer = $WMI_OS.CSName
WindowsUpdateStatus = $WUStartMode + "/" + $WUState + "/" + $WUStatus
UpdatesToInstall = $updatesToInstall
TotalOfUpdates = $totalUpdates
TotalOfCriticalUpdates = $totalCriticalUp
TotalOfImportantUpdates = $totalImportantUp
RebootPending = $machineNeedsRestart
}
}
}
catch
{
Write-Warning "$Computer`: $_"
}
}
Report sample:
Note: This type of script must be viewed as a complement to the tools mentioned above or used in the absence of them.
Download
THIS POWERSHELL IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND.
You can download Monitoring Windows Updates and Pending Restarts on the servers using PowerShell from GitHub here:
Is it possible to manage remotely biztalk server through powershell ?
for example powershell scripts will configure in Application server and BizTalk is not installed on this
machine.