How to run Microsoft Baseline Security Analyzer (MBSA) on multiple servers remotly from DOS cmd?

Question

I need to run MBSA (Microsoft Baseline Security Analyzer) on 150 Windows servers 2012 R2 to verify, if there are in compliance with all new critical security patches.

solved 0
hmunezero 3 years 1 Answer 1809 views 0

Answer ( 1 )

  1. From DOS cmd in the fold where MBSA is installed run the command below:

    C:Program FilesMicrosoft Baseline Security Analyzer 2>mbsacli /listfile C:tempReportsNewReportsServerList.txt  /rd C:tempReports

    See detail information below:

    /n  option Select which scans to NOT perform.
    All checks are performed by default.
    Valid values: “OS”, “SQL”, “IIS”, “Updates”,  “Password”, Can be concatenated with “+” (no  spaces).
    /listfile       file Scan named IP address or computer listed in the specified file. [C:tempReportsNewReportsServerList.txt ]
    /rd             directory Save or Retrieve reports from the specified directory [ C:tempReports ]

     

    Best answer

Leave an answer