21 August 2018

Microsoft Store - Something happened on our end

Look familiar?









Probably a policy is preventing you from accessing the Microsoft store downloads.
Quick fix:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]
"DoNotConnectToWindowsUpdateInternetLocations"=dword:00000000

17 August 2018

Get notified by email about pending Windows Updates

This all started life by Boe Prox, he created the basic script.
You can find it on his site Learn PowerShell
I added things from comments other blogs and stuff from my own.

Schedule this to run once a week or once a month to receive an email about the number of updates that are pending on the servers that you specify.

You could schedule it for all Exchange servers, or all Skype servers, or the product group you want to see or are responsible for.

Edit the logpath, the product and the email settings and you're good to go.
And remove the spaces around style (Blogger formatting thingy).

The email will look like this:

























Here's the script:


Function Get-PendingUpdate {             
    <#    
      .SYNOPSIS   
        Retrieves the updates waiting to be installed from WSUS   
      .DESCRIPTION   
        Retrieves the updates waiting to be installed from WSUS  
      .PARAMETER Computername 
        Computer or computers to find updates for.   
      .EXAMPLE   
       Get-PendingUpdate
    
       Description 
       ----------- 
       Retrieves the updates that are available to install on the local system 
      .NOTES 
      Author: Boe Prox                                           
                                        
    #>             
                  
    #Requires -version 3.0               
    [CmdletBinding(             
        DefaultParameterSetName = 'computer'             
        )]             
    param(             
        [Parameter(ValueFromPipeline = $True)]             
            [string[]]$Computername = $env:COMPUTERNAME            
        )                 
    Process {             
        ForEach ($computer in $Computername) {             
            If (Test-Connection -ComputerName $computer -Count 1 -Quiet) {             
                Try {             
                #Create Session COM object             
                    Write-Verbose "Creating COM object for WSUS Session"             
                    $updatesession =  [activator]::CreateInstance([type]::GetTypeFromProgID("Microsoft.Update.Session",$computer))             
                    }             
                Catch {             
                    Write-Warning "$($Error[0])"             
                    Break             
                    }             
             
                #Configure Session COM Object             
                Write-Verbose "Creating COM object for WSUS update Search"             
                $updatesearcher = $updatesession.CreateUpdateSearcher()             
             
                #Configure Searcher object to look for Updates awaiting installation             
                Write-Verbose "Searching for WSUS updates on client"             
                $searchresult = $updatesearcher.Search("IsInstalled=0")                 
                         
                #Verify if Updates need installed             
                Write-Verbose "Verifing that updates are available to install"             
                If ($searchresult.Updates.Count -gt 0) {             
                    #Updates are waiting to be installed             
                    Write-Verbose "Found $($searchresult.Updates.Count) update\s!"             
                    #Cache the count to make the For loop run faster             
                    $count = $searchresult.Updates.Count             
                             
                    #Begin iterating through Updates available for installation             
                    Write-Verbose "Iterating through list of updates"             
                    For ($i=0; $i -lt $Count; $i++) {             
                        #Create object holding update             
                        $Update = $searchresult.Updates.Item($i)            
                        [pscustomobject]@{            
                            Computername = $Computer            
                            Title = $Update.Title            
                            KB = $($Update.KBArticleIDs)            
                            SecurityBulletin = $($Update.SecurityBulletinIDs)            
                            MsrcSeverity = $Update.MsrcSeverity            
                            IsDownloaded = $Update.IsDownloaded            
                            Url = $($Update.MoreInfoUrls)            
                            Categories = ($Update.Categories | Select-Object -ExpandProperty Name)            
                            BundledUpdates = @($Update.BundledUpdates)|ForEach{            
                               [pscustomobject]@{            
                                    Title = $_.Title            
                                    DownloadUrl = @($_.DownloadContents).DownloadUrl            
                                }            
                            }            
                        }             
                    }            
                }             
                Else {             
                    #Nothing to install at this time             
                    Write-Verbose "No updates to install."             
                }            
            }             
            Else {             
                #Nothing to install at this time             
                Write-Warning "$($c): Offline"             
            }              
        }            
    }              
}            
            
$output = Get-Pendingupdate -Verbose -ComputerName sr-xxxx,sr-xxxx,sr-xxxx,sr-xxxx,sr-xxxx,sr-xxxx,sr-xxxx | Group-Object ComputerName | Foreach-Object {            
 $_ | Select-Object @{Name='ComputerName';Expr={$_.Name}},            
  @{Name='TotalUpdates';Expr={$_.Count}},            
  @{Name='Critical'; Expr={$_.Group| where MsrcSeverity -eq 'Critical'  | measure | select -expand Count}},            
  @{Name='Important';Expr={$_.Group| where MsrcSeverity -eq 'Important' | measure | select -expand Count}},            
  @{Name='Moderate'; Expr={$_.Group| where MsrcSeverity -eq 'Moderate'  | measure | select -expand Count}},            
  @{Name='NonRated'; Expr={$_.Group| where MsrcSeverity -eq $null       | measure | select -expand Count}}            
} | Select-Object Computername, Totalupdates, Critical, Important, Moderate, Nonrated            
            
# Change variables to your environment            
$Date = Get-Date -Format dd-MM-yyyy              
$logPath = "C:\_Scripts\"            
$product = "Exchange"            
            
# Build table for html files, remove spaces around style            
$style = "< style >BODY{font-family: Arial; font-size: 10pt;}"                                    
$style = $style + "TABLE{border: 1px solid black; border-collapse: collapse;}"                                    
$style = $style + "TH{border: 1px solid black; background: #dddddd; padding: 5px; }"                                    
$style = $style + "TD{border: 1px solid black; padding: 5px; }"                                    
$style = $style + "</ style >"                                    
# End HTML Output file style               
            
#SMTP options for sending the report email                        
$smtpServer = "smtp.domain.lan"                        
$smtpFrom = "Get-PendingWindowsUpdates@domain.nl"                        
$smtpTo = "recipient@domain.nl"                        
$messageSubject = "Windowsupdates available for $product"            
                        
#$body = $output | ConvertTo-Html -head $style -body "Get Windows Updates"            
$output | ConvertTo-HTML -head $style -body "
Windows Updates for $product Servers
" | Out-File "$logPath\output-$date.html"                
            
Send-Mailmessage -To $smtpto -From $smtpfrom -SmtpServer $smtpserver -Subject $messagesubject -Body (Get-Content $logpath\output-$date.html | Out-String) -BodyasHtml            
            
# Remove all html files to prevent filling the disk                        
Remove-Item "$logPath\output-$date.html"

03 August 2018

Block .NET 4.7.2 on Exchange 2013 and 2016

As you probably know the exchange teams has decided to skip .net 4.7.2 support for all exchange versions.
Here's a simple way to block .net 4.7.2 from auto installing on your remote exchange servers

From an elevated command prompt run:

REG ADD "\\SERVERNAME\HKLM\SOFTWARE\Microsoft\NET Framework Setup\NDP\WU" /v "BlockNetFramework472" /t REG_DWORD /d "00000001"

Or if you want to create your own reg file:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\WU] "BlockNetFramework472"=dword:00000001