PowerShell to check Automatic Windows services after patch Tuesday
I did not get this idea all by my self, a customer I was at for a couple of weeks ago showed me a small script he had to check the services set to automatic after patching to see that they actually was running again.
I thought this could be somewhat more sophisticated done, so I created a script function that can handle single servers or an array of servers and in the script you can either start all services that are stopped or select just the ones you want, you can also in the function add services that you know are not important.
As you can see, I can get the servers from the Active Directory, In this example I have created a OU that contains the servers I want to check. I can also check for example in VMware with PowerCLI and getting an array of running VM´s. This can also be done on my Hyper-V environment with SCVMM. The different arrays I collect is just to get the server names and then I do an Get-wmiObject on the servers.
Here in this screen dump I check the computers in my AD, As you can see I select (N)o and that mean that I want all services that are not running and set to automatic to be started
In this next example I check the VM´s in my VMware vSphere environment
In this last example where i query a SCVMM server for the VM´s on the Hyper-V cluster I use the -AutoRestart parameter to start up all the services that the function finds.
And here is the powershell function, the tricky part here was to get the starting of services remote working and I had to use the -InputObject command as I did not get the pipeline of Get-Service -Computer xyz -Name Spooler | Start-Service to work.
function Check-Service{ <# .SYNOPSIS Check if Autostart Services has not started after patching .DESCRIPTION Use this function to check that all autostart services have started on the servers after patching .PARAMETER xyz .NOTES Author: Niklas Akerlund / RTS Date: 2012-05-28 #> param ( [Parameter(Position=0,Mandatory=$true,HelpMessage="A server", ValueFromPipeline=$True)] $Servers, [switch]$AutoRestart ) $report = @() $IgnoreServices = "ShellHWDetection","clr_optimization_v4.0.30319_32","clr_optimization_v4.0.30319_64","sppsvc" if ($Servers.GetType().Name -eq "String"){ $Services = Get-WmiObject -ComputerName $Servers -Class win32_service -ErrorAction SilentlyContinue | where {$_.Startmode -EQ "Auto" -and $_.State -NE "Running"} if ($Services -ne $null) { foreach ($Service in $Services){ if(!($IgnoreServices -contains $Service.Name)){ $data = New-Object PSObject -property @{ Server = $Servers Name = $Service.Name StartMode = $Service.StartMode State = $Service.State } $report +=$data } } } }else{ foreach ($Server in $Servers){ $Services = Get-WmiObject -ComputerName $Server.Name -Class win32_service -ErrorAction SilentlyContinue | where {$_.Startmode -EQ "Auto" -and $_.State -NE "Running"} if ($Services -ne $null) { foreach ($Service in $Services){ if(!($IgnoreServices -contains $Service.Name)){ $data = New-Object PSObject -property @{ Server = $Server.Name Name = $Service.Name StartMode = $Service.StartMode State = $Service.State } $report +=$data } } } else { Write-Host "Could not query server: $Server" } } } $report if($AutoRestart){ $report |%{ Start-Service -InputObject (Get-Service -ComputerName $_.Server -Name $_.Name)} }else{ if($report -ne $null){ Write-Host "Do you want to select which services to start? (Y) (N) (Q):" $select = Read-Host if ($select -eq "Y"){ foreach ($item in $report){ Write-Host "Start service " $item.Name " on server" $item.Server " (Y) (N)" $restart = Read-Host if ($restart -eq "Y"){ Start-Service -InputObject (Get-Service -ComputerName $item.Server -Name $item.Name) } } }elseif($select -eq "N"){ $report |%{ Start-Service -InputObject (Get-Service -ComputerName $_.Server -Name $_.Name)} } } } }
Good luck in finding services that should be running in your environment 🙂
Comments
Wohooo! Asgrymt ju. Nu ska jag bara få kollegan att lyfta vårt AD till 2008 så…
/R
Hi niklas,
need to collect which servers running still automatic update, suppose automatic service running on that server need to disable through powercli for many machines … can help on this ..
Hi Niklas.
Found your great function when searching for a solution to check services after Windows patching. I made some modifications:
– services with “SAP” in name can be excluded
– a little bit more output on the console
– a timeout can be configured to cancel starting each Service
I posted the updated function on our German Blog:
http://doitcloudy.blogspot.de/2014/07/scriptgesteuerter-neustart-von-windows.html
Andreas