PowerCLI

I am trying to find a script that will allow me to use vSphere PowerCLI to list ONLY VMs that are running Windows Operating Systems whether they are powered on or not. I also want to see if those OS's require patching. Does anyone have any idea what script will work best?

Good Morning!

Here is a start. One question I have is whether or not you are running WSUS on your network or not.  Personally I think it would be better to use powershell to query your WSUS server with the vmname vs. querying the Machine.  The reason being that WSUS is your central management location and should be your system of record for the patches.

Here is a way to get the list of VM's that are windows with their power state.

$vms = get-vm
foreach($vm in $vms) {
$vmview = $vm | get-view
if ($vmview.Summary.Config.GuestFullName -like "*Windows*"){
  $vm
  }
}

Now, when/if you want to search for the patch info, you have two options with  line 5.

1. Use the $vm name to then invoke a script on the VM to determine patch actions.

2. Use the $vm name to query your WSUS server.

Let me know if you have more questions.

Thanks! But how can I run updates on all my machines at once? I am running WSUS by the way, so would I be telling my WSUS to force patching?

Well again, you can force this via Group Policy (assuming your machines are on a domain) or you can run Different types of scripts that can force machines to update.

.vbs - https://msdn.microsoft.com/en-us/library/aa387102(VS.85).aspx

.ps1 http://www.gregorystrike.com/2011/04/07/force-windows-automatic-updates-with-powershell/ or http://www.itnotes.eu/?p=1882

It kinda depends on your comfort level. 

Will this force updates to Machines that are also powered off?

No, Windows VM's must be turned on in order to install updates.  You could add the logic to your script to power a vm on, if it's power-state is off.

What would that look like? I'm not too familiar with scripting..

"LucD Its not liking Get-VM -Name (Missing an argument for parameter 'Name'. Specify a parameter of type 'System.String[]' and try again."

Which version of PowerCLI do you have installed? Have you imported the module/snapin?

"Get-WmiObject win32_operatingsystem | Select-Object Name,ServicePackMajorVersion,ServicePackMinorVersion"

"What would that look like? I'm not too familiar with scripting.."

This would give you the OS name and SP version installed. You can try it out in powershell on your desktop to see the result.

If you're using WSUS, I would go with jpsider‌'s suggestion to update servers.

Try something like this, but be warned that querying the Update status can take a long time.

The script uses Invoke-VMscript, so VMware Tools shall be installed on the VMs

LucD Its not liking Get-VM -Name (Missing an argument for parameter 'Name'. Specify a parameter of type 'System.String[]' and try again.

Hi

Try this command

Get-WmiObject win32_operatingsystem | Select-Object Name,ServicePackMajorVersion,ServicePackMinorVersion

You can install Windows WSUS and create a GPO to point to WSUS that will report this.  WSUS is free.  It's actually built into Server 2012.