Run wmic across forest DC's > dump to csv

This topic contains 4 replies, has 3 voices, and was last updated by  Jeff Taylor 1 year, 3 months ago.

  • Author
  • #62772

    Jeff Taylor

    If I can find all my DC's across the forest thus:

    foreach ($domain in ((get-adforest).domains)) { get-addomaincontroller -filter * -server $domain 
    | sort hostname  | select -Property hostname }

    ...and I have this one-liner to get all installed qfe's, locally:

    wmic qfe list full /format:texttablewsys > patches.txt can I leverage Powershell to dump all DCs info to an inventory collection, all in one file?

    Would it be something like

    Invoke-Command -Session $dc -ScriptBlock {wmic qfe list full /format:texttablewsys > patches.txt}


    I'm getting warmer with this:

    $DCs = foreach ($domain in ((get-adforest).domains)) { get-addomaincontroller -filter * -server $domain `
    | sort hostname  | select -Property hostname }
    $dc = New-PSSession -ComputerName $DCs -Credential $creds
    Invoke-Command -Session $dc -ScriptBlock {wmic qfe list full } | Out-File C:\temp\compliance\AllDC_patches.csv

    but 1) I'm doing something wrong with the $dc -computername parameter (my $DCs variable does contain FQDN strings of my DCs)
    and 2) The outfile isn't pretty, but does give me the wmic data.

    Thank you,

  • #62779

    Matt Howard

    Hey Jeff–

    If you change the Property parameter in your select statement to ExpandProperty, your $DCs variable will work.

    As it is, $DCs would look like this if you return it to the console:


    Using the -ExpandProperty variable your $DCs variable would be just a flat array instead of a generic object with a single property:

    You would need to do another foreach loop such as foreach ($name in $DCs.hostname) in order for your current variable to work. Using the -ExpandProperty parameter will make DCs an array of names, without the need to call a specific property from the variable.

  • #62806

    Richard Siddaway

    wmic should be avoided as it was deprecated in Server 2012. Use the CIM cmdlets instead

    Get-CimInstance -ClassName Win32_QuickFixEngineering

     wmic qfe is accessing the same class under the hood

    • #62889

      Jeff Taylor

      Hi Matt,

      the -expandProperty was the key and thanks. Along with Richard's suggestion for Get-CimInstance, I was able to get much better formatting, able to use export-csv and ultimately select the properties I want displayed.

      I didn't need to run a for-each but will play with that to perhaps get better output. The sorting with what I have is a bit strange as it's not entirely sequential (wanted: list all DC's and its qfe's per domain, then output next Domains' DC's)

      Revised code:

       $DCs = foreach ($domain in ((get-adforest).domains)) { get-addomaincontroller -filter * -server $domain `
      | sort hostname  | select -Property hostname -ExpandProperty hostname }
      $dc = New-PSSession -ComputerName $DCs -Credential $creds
      Invoke-Command -Session $dc -ScriptBlock {Get-CimInstance -ClassName Win32_QuickFixEngineering } `
       | Select -Property PSComputerName,HotFixID,InstalledOn,InstalledBy | Export-Csv C:\temp\compliance\AllDC_patches.csv -NoTypeInformation

      Thanks to you both


    • #62892

      Jeff Taylor

      Thank you Richard.

You must be logged in to reply to this topic.