Monitor your BizTalk environment using PowerShell – Monitoring Windows Updates and Pending Restarts

Posted: October 22, 2013 in BizTalk
Tags: , , , ,

One of the principal needs for BizTalk Administrators is the ability to monitor the health of BizTalk environments and react promptly to possible problems, you can accomplished this by using certain tools such as: BizTalk Administration Console; BizTalk360; SCOM and many more… However, unfortunately many times, some of these tools are not available for us but we still need to accomplish this task.

Welcome back to this series of articles about Monitor your BizTalk environment using PowerShell that already have three previous editions:

Today we will talk about monitoring Windows Updates and Pending Restarts on the servers using PowerShell.

For me it’s very important that administrators deploy the latest Microsoft product updates to servers that are running the Windows operating system. By doing this they will address and solved known issues or vulnerabilities in Microsoft products and they will keep the environment constantly updated. However when we are working with several teams (system administrators, network administrator, BizTalk administrators and so on) or sometimes without system administrators teams this task normally are forgotten or postponed several times.

Although there are occasions when updates can cause a new issue to appear, generally speaking they will help solving problems. However, for this reason, you should install and tested this updates in developing or testing environment before you installed in production.

For this reasons I like to monitor and know if the servers that are running on my BizTalk environment has some updates available to install or for some reason they required a restart, so that I take actions without the need of constantly have to check this manually in all the servers.

So how can PowerShell help us?

With this script you can be able to monitoring Windows Updates and Pending Restarts on the servers running on your BizTalk environment using PowerShell. Servers that do not fall under these conditions will not be listed.

This script allows you to set:

  • A range of machines you need to monitor
#########################################################
# List of computers to be monitored
#########################################################
$Servers = Get-Content .\Machines.txt

The Machine.txt is a simple text file with the list of all machine names you want to monitor:
servername1.domain.local
servername2.domain.local
servername3.domain.local

  • And configure your email notification settings
#########################################################
# List of users who will receive the report
#########################################################
$mailto = "mail1@mail.net, mail2@mail.net"

#########################################################
# SMTP properties
#########################################################
$emailFrom = "suport@mail.net"
$smtpServer = "mySMTPServer" #SMTP Server.
$smtpUsername = "myUsername"
$smtpPassword = "myPassword"

The script will monitor all the servers with Windows Updates ready to be installed, Windows Updates configured to be checked manually or servers that required a reboot. Servers that do not fall under these conditions will not be listed.

$results = foreach ($Computer in $Servers)
{
	try
  	{
	  	$service = Get-WmiObject Win32_Service -Filter 'Name="wuauserv"' -ComputerName $Computer -Ea 0
		$WUStartMode = $service.StartMode
		$WUState = $service.State
		$WUStatus = $service.Status

		try{
			if (Test-Connection -ComputerName $Computer -Count 1 -Quiet)
			{
				#check if the server is the same where this script is running
				if($Computer -eq "$env:computername.$env:userdnsdomain")
				{
					$UpdateSession = New-Object -ComObject Microsoft.Update.Session
				}
				else { $UpdateSession = [activator]::CreateInstance([type]::GetTypeFromProgID("Microsoft.Update.Session",$Computer)) }
				$UpdateSearcher = $UpdateSession.CreateUpdateSearcher()
				$SearchResult = $UpdateSearcher.Search("IsAssigned=1 and IsHidden=0 and IsInstalled=0")
				$Critical = $SearchResult.updates | where { $_.MsrcSeverity -eq "Critical" }
				$important = $SearchResult.updates | where { $_.MsrcSeverity -eq "Important" }
				$other = $SearchResult.updates | where { $_.MsrcSeverity -eq $null }
				# Get windows updates counters
				$totalUpdates = $($SearchResult.updates.count)
				$totalCriticalUp = $($Critical.count)
				$totalImportantUp = $($Important.count)

				if($totalUpdates -gt 0)
				{
					$updatesToInstall = $true
				}
				else { $updatesToInstall = $false }
			}
			else
			{
				# if cannot connected to the server the updates are listed as not defined
				$totalUpdates = "nd"
				$totalCriticalUp = "nd"
				$totalImportantUp = "nd"
			}
		}
		catch
        {
			# if an error occurs the updates are listed as not defined
        	Write-Warning "$Computer`: $_"
         	$totalUpdates = "nd"
			$totalCriticalUp = "nd"
			$totalImportantUp = "nd"
			$updatesToInstall = $false
        }

        # Querying WMI for build version
        $WMI_OS = Get-WmiObject -Class Win32_OperatingSystem -Property BuildNumber, CSName -ComputerName $Computer -Authentication PacketPrivacy -Impersonation Impersonate

        # Making registry connection to the local/remote computer
        $RegCon = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey([Microsoft.Win32.RegistryHive]"LocalMachine",$Computer)

        # If Vista/2008 & Above query the CBS Reg Key
        if ($WMI_OS.BuildNumber -ge 6001)
        {
            $RegSubKeysCBS = $RegCon.OpenSubKey("SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\").GetSubKeyNames()
            $CBSRebootPend = $RegSubKeysCBS -contains "RebootPending"
        }
		else{
			$CBSRebootPend = $false
		}

        # Query WUAU from the registry
        $RegWUAU = $RegCon.OpenSubKey("SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\")
        $RegSubKeysWUAU = $RegWUAU.GetSubKeyNames()
        $WUAURebootReq = $RegSubKeysWUAU -contains "RebootRequired"

		if($CBSRebootPend –OR $WUAURebootReq)
		{
			$machineNeedsRestart = $true
		}
		else
		{
			$machineNeedsRestart = $false
		}

        # Closing registry connection
        $RegCon.Close()

		if($machineNeedsRestart -or $updatesToInstall -or ($WUStartMode -eq "Manual") -or ($totalUpdates -eq "nd"))
		{
			New-Object PSObject -Property @{
	           	Computer = $WMI_OS.CSName
                WindowsUpdateStatus = $WUStartMode + "/" + $WUState + "/" + $WUStatus
                UpdatesToInstall = $updatesToInstall
                TotalOfUpdates = $totalUpdates
                TotalOfCriticalUpdates = $totalCriticalUp
				TotalOfImportantUpdates = $totalImportantUp
                RebootPending = $machineNeedsRestart
        	}
		}
  	}
	catch
 	{
    	Write-Warning "$Computer`: $_"
  	}
}

Report sample:

Windows-Updates-and-Pending-Restarts-Report

Note: This type of script must be viewed as a complement to the tools mentioned above or used in the absence of them.

You have also to understand that I’m not PowerShell expert but I like to try things and play a little with PowerShell, so for me this script serves my purposes and has given me the chance to learn a little more. However you should also reuse other resources available in the community and use modules like Get-PendingReboot – Query Computer(s) For Pending Reboot State from Brian Wilhite

The script can be found and download on Microsoft TechNet Gallery:
Monitoring Windows Updates and Pending Restarts on the servers using PowerShell (13.1 KB)
Microsoft TechNet Gallery

About these ads
Comments
  1. kapil kumar says:

    Is it possible to manage remotely biztalk server through powershell ?

    for example powershell scripts will configure in Application server and BizTalk is not installed on this

    machine.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s