How to run Microsoft Baseline Security Analyzer (MBSA) on multiple servers remotly from DOS cmd?

Question

I need to run MBSA (Microsoft Baseline Security Analyzer) on 150 Windows servers 2012 R2 to verify, if there are in compliance with all new critical security patches.

solved 0
hmunezero 1 year 1 Answer 630 views 0

Answer ( 1 )

  1. From DOS cmd in the fold where MBSA is installed run the command below:

    C:\Program Files\Microsoft Baseline Security Analyzer 2>mbsacli /listfile C:\temp\Reports\NewReports\ServerList.txt  /rd C:\temp\Reports

    See detail information below:

    /n 
    option
    Select which scans to NOT perform.
    All checks are performed by default.
    Valid values: “OS”, “SQL”, “IIS”, “Updates”,  “Password”, Can be concatenated with “+” (no  spaces).

    /listfile
          file
    Scan named IP address or computer listed in the specified file. [C:\temp\Reports\NewReports\ServerList.txt ]

    /rd            
    directory
    Save or Retrieve reports from the specified directory [ C:\temp\Reports ]

     

    Best answer

Leave an answer