How to run Microsoft Baseline Security Analyzer (MBSA) on multiple servers remotly from DOS cmd?


I need to run MBSA (Microsoft Baseline Security Analyzer) on 150 Windows servers 2012 R2 to verify, if there are in compliance with all new critical security patches.

solved 0
hmunezero 4 years 2018-04-17T00:56:13+00:00 1 Answer 1870 views 0

Answer ( 1 )


    From DOS cmd in the fold where MBSA is installed run the command below:

    C:\Program Files\Microsoft Baseline Security Analyzer 2>mbsacli /listfile C:\temp\Reports\NewReports\ServerList.txt  /rd C:\temp\Reports

    See detail information below:

    /n  option Select which scans to NOT perform.
    All checks are performed by default.
    Valid values: “OS”, “SQL”, “IIS”, “Updates”,  “Password”, Can be concatenated with “+” (no  spaces).
    /listfile       file Scan named IP address or computer listed in the specified file. [C:\temp\Reports\NewReports\ServerList.txt ]
    /rd             directory Save or Retrieve reports from the specified directory [ C:\temp\Reports ]


    Best answer

Leave an answer