{"id":260,"date":"2019-02-26T04:56:06","date_gmt":"2019-02-26T09:56:06","guid":{"rendered":"http:\/\/itblog.ldlnet.net\/?p=260"},"modified":"2019-02-26T05:01:38","modified_gmt":"2019-02-26T10:01:38","slug":"check-windows-updates-installed-via-powershell","status":"publish","type":"post","link":"https:\/\/itblog.ldlnet.net\/index.php\/2019\/02\/26\/check-windows-updates-installed-via-powershell\/","title":{"rendered":"Check Windows Updates Installed via PowerShell"},"content":{"rendered":"\n

I had an issue last night where a server lost Secure Channel Connection to the PDC Emulator (NETLOGON Event IDs 5719 and 5783). All tests to test the secure channel via PowerShell were failing. (i.e. <\/a>nltest<\/a><\/em> or <\/a>Test-ComputerSecureChannel<\/a><\/em> cmdlets)<\/a> The server essentially needed to be rebooted. I had a dumb dumb in my brain and forgot to check to see if there were any pending Windows Updates, because those need to be installed at the proper time and to a schedule. So, when I ran the following command to reboot:<\/p>\n\n\n

shutdown.exe \/r \/t 000 \/c \"Rebooting DC01 Due To NETLOGON Errors\"<\/pre>\n\n\n\n
The Windows Updates were installed inadvertently which could have caused even more issues if they were NOT approved or caused another failure on the server. TO NOT DO THIS IN THE FUTURE, remember to run the following command to shut off the Windows Update Service BEFORE initiating the reboot of the server:<\/p>\n\n\n
net stop wuauserv\n\nOR\n\nStop-Service wuauserv<\/pre>\n\n\n\n
But, the deed was done. NOW, I had to find out quickly what updates WERE installed via PowerShell so that I could alert the proper folks and give them a heads up on possible issues. Luckily, the server did NOT have any issues and the initial problem with NETLOGON was resolved. Here is the command I ran to find out the installed hotfixes filtered by today’s date:<\/p>\n\n\n
wmic qfe where \"InstalledOn = '2\/26\/2019'\" list full<\/pre>\n\n\n\n
Here was the Output:

Caption=http:\/\/support.microsoft.com\/?kbid=4480960 
CSName=DC01
Description=Security Update 
FixComments= 
HotFixID=KB4480960 
InstallDate= 
InstalledBy=NT AUTHORITY\\SYSTEM 
InstalledOn=2\/26\/2019 
Name= 
ServicePackInEffect= 
Status= 

Caption=http:\/\/support.microsoft.com\/?kbid=4480965 
CSName=DC01 
Description=Security Update 
FixComments= 
HotFixID=KB4480965 
InstallDate= 
InstalledBy=NT AUTHORITY\\SYSTEM 
InstalledOn=2\/26\/2019 
Name= 
ServicePackInEffect= 
Status=<\/font>  <\/p>\n\n\n\n
Since there were no issues, I was able to resolve the incident. I did notify the account team though of the inadvertent installation so that they could revert the changes if necessary. <\/p>\n\n\n\n
Remember, troubleshooting to resolution is a methodical process, and when in an enterprise environment, you MUST be aware of all factors of change process, even when the resolution is a simple reboot of the affected server.<\/em><\/strong><\/p>\n\n\n\n
HAPPY TROUBLESHOOTING!
I LOVE COMMENTS! THANKS FOR READING!<\/h2>\n\n\n\n
References:<\/strong><\/em>
Methods of generating installed updates via PowerShell<\/a><\/em><\/strong>
Check Windows Update History via PowerShell<\/a><\/em><\/strong>
Disable or Bypass Windows Update Installation During Reboot\/Shutdown of a Server<\/a><\/em><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"
I had an issue last night where a server lost Secure Channel Connection to the PDC Emulator (NETLOGON Event IDs 5719 and<\/p>\n
Read More<\/a><\/p>\n","protected":false},"author":1,"featured_media":147,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2,3,16],"tags":[44,45,54,8,123,13,125,124,122,121,120,126],"class_list":["post-260","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","category-powershell","category-windows","tag-44","tag-45","tag-netlogon","tag-powershell","tag-reboot","tag-script","tag-shutdown","tag-shutdown-exe","tag-updates","tag-windows-update","tag-windows-updates","tag-wmic","odd"],"_links":{"self":[{"href":"https:\/\/itblog.ldlnet.net\/index.php\/wp-json\/wp\/v2\/posts\/260","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/itblog.ldlnet.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/itblog.ldlnet.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/itblog.ldlnet.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/itblog.ldlnet.net\/index.php\/wp-json\/wp\/v2\/comments?post=260"}],"version-history":[{"count":4,"href":"https:\/\/itblog.ldlnet.net\/index.php\/wp-json\/wp\/v2\/posts\/260\/revisions"}],"predecessor-version":[{"id":265,"href":"https:\/\/itblog.ldlnet.net\/index.php\/wp-json\/wp\/v2\/posts\/260\/revisions\/265"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/itblog.ldlnet.net\/index.php\/wp-json\/wp\/v2\/media\/147"}],"wp:attachment":[{"href":"https:\/\/itblog.ldlnet.net\/index.php\/wp-json\/wp\/v2\/media?parent=260"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/itblog.ldlnet.net\/index.php\/wp-json\/wp\/v2\/categories?post=260"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/itblog.ldlnet.net\/index.php\/wp-json\/wp\/v2\/tags?post=260"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}