-----------------------------------------------------
param ($siteSystem, $siteCode)
#Get the Client Name
$system = Get-WmiObject Win32_ComputerSystem
$systemName = $system.Name
#Query the Site Systems WMI for the Clients ResourceID
$sccmSystem = Get-WmiObject -computerName "$siteSystem" -namespace "root\sms\site_$siteCode" -class "SMS_R_System" -Filter "NetbiosName = '$systemName'"
$sccmID = $sccmSystem.ResourceID
#Query for the compliance status of the Client
$CIs = Get-WmiObject -computerName "$siteSystem" -namespace "root\sms\site_$siteCode" -class "SMS_UpdateComplianceStatus" -Filter "MachineID = '$sccmID'"
#Match the various Updates the client has reported to the details of the update
Foreach ($CI in $CIs) { $currCI = $CI.CI_ID
$update = Get-WmiObject -computerName "$siteSystem" -namespace "root\sms\site_$siteCode" -class "SMS_SoftwareUpdate" -Filter "CI_ID = '$currCI'"
#I have filtered for only security updates, hence the -like MS*
if ($update.BulletinID -like 'MS*')
{ if ($CI.Status -eq '3') { $tf = "Installed" }
else { $tf = "Applicable" }
$msNum = $update.BulletinID
$item = $update.LocalizedDisplayName
write-host $msNum
write-host $item
write-host $tf
write-host "-*-*-*-*-*-*-*-*-*-*-*-*-*-*-"
}
}
-----------------------------------------------------
To use this script, simply copy the text between the "------", paste it in to a text file (Notepad), and save it as "msUpdates.ps1". To run the script,
Open PowerShell
- Make sure that you have set the execution policy to at least remoteSigned
- cd to the directory where you've saved msUpdates.ps1
- Run the following: ./msUpdates "[SCCM Site System]" "[SCCM Site Code]"
I have provided variables so that you can output the results however you wish. Here, I have simply printed the output to the console.
