Script Dumpster: Find duplicate entries over multiple reports

Another day at the office..

Thanks to our friends who wrote the NotPetya worm, I received an email from our monitoring vendor to run reports to see if our machines are up-to-date on their patching.

Unfortunately their reporting tool doesn’t properly distinguish between Windows Server 2008 and Windows 2008 R2, as well as Windows 2012 and Windows 2012 R2.

Long story short,  I had to create 4 separate reports, telling me if I had or had not installed the proper KB item on each machine.

Because of this flaw I also had to join the reports and check the “Highlight Duplicates” option in Excel to see whether or not servers had their respective Hotfix installed (if the server had a duplicate entry, it meant that it didn’t have either the standard or R2 patch installed, meaning vulnerable).

Each report also came with a 3 row header with random junk that needed to be removed, so a simple Ctrl + A , Ctrl + C, Ctrl + V wouldn’t suffice.

PowerShell to the rescue!

I looked at the email from the vendor and went “Hell no, I’m not going to do that…” and opened up PowerShell ISE.

Having dumped the reports in the folder c:\Temp\NotPetya , I came up with the following script:

While the coding took a little bit longer, the execution was swift and perfect.

Geeks and Automation


Happy scripting! 🙂


You’ve got the Power!! plan….

Today I was playing around on some machines on which I noticed the Power Plans were set incorrect, Balanced on a server :'(

Now of course I can do this manually, or I can use PowerShell instead!

Tools not scripts

Since I want to use this more often and want to create my own “toolbelt” [aka module with common tools], I’ve decided to make the solution as advanced functions, not just scripts.

This means that if you simply copy/paste them, you will need to dot source them first in order to use them.
Dutch PowerShell MVP Jeff Wouters has a good article on this in case you want some more info on this.

Quick info:

to the directory in which you have the .ps1 files in case you have them saved seperately and dot source them using

The following functions are provided:

  • Get-AllPowerPlan
  • Get-ActivePowerPlan
  • Set-ActivePowerPlan

I’m guessing the names sort speak for themselves, but do take into account that the Set-ActivePowerPlan relies on the other functions to… well… function 🙂

The Code


Happy Scripting! 🙂


SCCM: Code breakdown – Deploy Application to Device Collection

As you might have noticed, I’m having fun playing around with SCCM lately and have really noticed that PowerShell is king here.

While the application has great potential, I personally feel that the GUI is lacking functionality which you can only obtain through PowerShell.
Of course this isn’t a problem, merely a challenge in some cases, but I feel that they could’ve stepped up a bit.
It at least explains why I see so many SCCM admins playing around with PowerShell.

For today I thought I’d break down my code and reasoning behind it a bit more, so in case you’re just here for the code, scroll down 🙂

The problem

Well, it’s not really a problem, but more of a speed related issue that I’ve decided to make this script:
If you have created an application, you want to deploy this to a collection because well… that’s simply how it’s used 🙂

Now the problem with the GUI for me was that I can’t deploy multiple applications to multiple collections at the same time because… I have no reason why not!

The solution

I’m sure it’s not the most elegant solution and I still have some fine tuning to do, but so far Out-GridView is my poison of choice 🙂

Let’s start

We start off with the default start of an Advanced Function or Script

[CmdletBinding()] allows us to transform our Script/Function to an Advanced version, giving it access to Common Parameters such as -Verbose -WhatIf and more.
I’ve also described this in a previous post, so in case you want some more theory on how/what/why there, please be sure to read up there.

Now I need to make sure that I actually get a parameter value included by the user and if you want you can manually specify the Device Collection to which you want to Deploy applications. For this I use the [ValidateNotNullOrEmpty()] Validation Attribute, which does exactly what it says.

Last but not least, while you CAN enter your own Device Collection name, I have provided a built-in solution using Out-GridView , that allows you to select one or multiple Device Collections, which it automatically looks up for you.

The best part here is the -PassThru parameter, which takes the information selected and passes it through to whatever you want to do with it next!

Now we begin {}

As expected, we’re now starting the begin statement to define some default information we can use throughout the script and report some information back.

Here I’m simply getting the available Distribution Group [I simply have 1 DG with 4 nodes, so in case you have multiple, you might want to hardcode that one for now, as I’ve not made this compatible with multiple] and the available Applications and writing them to variables.

I’m also writing some Verbose output, which can come in handy when troubleshooting the script.
I have picked up this habit by looking at a lot of code from Jeffery Hicks.

One of the handy tips that I’d recommend using is the following bit

2 Bits to use here:

  1. In case you want to refer to a Property of a Variable, without having to store it in its own variable, you can use $
    However, if you want to refer to this within your script, it won’t work “out of the box” or it won’t display the expected value.
    You will need to use sub-expressions, as explained by Stefan Stranger here.
  2. $MyInvocation.MyCommand displays the currently executed command.
    The MyInvocation variable is one of the selection of Automatic variables, which will always be available to you.
    $MyInvocation has various interesting values which you can use when troubleshooting remotely, so I would advise playing around with it 🙂

On to the Process {}

Once you get used to the coding, things aren’t all that difficult, so while the bulk of the code resides in the process {} block, it’s not even too hard to read/comprehend:

Here I simply get a list of all the applications available, so I can simple select whichever one I need to deploy [using Ctrl + click or Shift + click you can select multiple Applications, just as with the Device Collections].

Now for each of the applications selected, I will distribute the content so it’s available, and then deploy the application to the selected Device Collection(s).

Last but not least, once I’ve deployed the application, I will enforce that the Device Collection will need to request their machine policy ASAP.

As mentioned before, this bit of code isn’t difficult or complex, you just need to know which cmdlet does what and you’re golden.

Known issues

As mentioned before, there still needs to be some polishing done to clean everything up, but as far as I am aware, these are the 2 known “issues”:

  • The script currently takes into account 1 single Distribution Group.
    If you have more than 1, either make your own adaptation to the script, or hard code the required Distribution Group.
  • Currently on Content distribution, you will receive an “error” message if the application has already been deployed.
    Luckily the error message tells you that this is the case, but it’s still red text that I’d prefer to have replaced in a later version of the script in order to make it more userfriendly.

Final Code

In case you didn’t care for all the explanation above, come get the script here 🙂
In case you’ve read all of the above, I hope it helped you a bit!


Happy Scripting! 🙂