ValidateMDA User Guide
ValidateMDA User Guide
ValidateMDA User Guide
The information presented in these guidelines reflects Microsoft Corporation’s views as of the date of
publication. These views can and probably will change in response to changing market conditions.
Microsoft makes no warranties or guarantees, implicit or explicit, in or by virtue of this document.
Unless otherwise permitted by law, no part of this document may be copied without Microsoft’s prior
written permission.
Switch Description
-installedupdates Outputs all the updates installed on a system based on the –console, -text and
–xml switches. ValidateMDA does not take an XML database as input when
the -installedupdates switch is used.
<input_file> The cumulative XML database of MDA Milestone 3 required updates.
-console Outputs the results of the scan to the console.
-text <output_file> Outputs the results of the scan to the text file specified. Results will not be
output to the console unless –console is specified in addition to –text.
-xml <output_xml_file> Outputs the results of the scan to the xml file specified. Results will not be
output to the console unless –console is specified in addition to –text.
-installed Outputs the list of installed MDA Milestone 3 required updates based on the –
console, -text and –xml switches. Installed updates are included in the scan
but not included in the scan results without this switch.
-missing Outputs the list of missing MDA Milestone 3 required updates and updates
that are not applicable to the system based on the –console, -text and –xml
switches. Missing and not applicable updates are included in the scan but not
included in the scan results without this switch.
-from <MM-YYYY> Specifies the start of a date range to include in the scan. Only MDA Milestone
3 required updates released within this date range will be included in the
scan. Also requires the –to <MM-YYYY> switch. ValidateMDA will scan for all
updates in the cumulative XML database regardless of their release date if the
–from and –to switches are not specified. The –from switch cannot be used
Audit Mode
The –audit switch simplifies the process of running ValidateMDA for auditing purposes. ValidateMDA
will do the following when run in audit mode.
Complaint/Non-Compliant Result
ValidateMDA will return a Complaint/Non-Complaint result in the output of the scan (console, text and
xml) based on the following conditions.
1. The date found in csup.txt, for example, if all MDA Milestone 3 required updates are installed on the
system for January and February of 2007, ValidateMDA will return Complaint in the output and DOS
error level if the csup.txt date were 05-01-2007.
2. ValidateMDA will return Non-Compliant if the date found in csup.txt does not match the MM-DD-
YYYY format or if csup.txt is missing from %systemroot% (for example, c:\windows).
3. ValidateMDA will return Non-Complaint in both the output and DOS error level if any updates are
not found on the system in the date range being scanned.
4. Updates that are found to not be applicable to the system (for example because of SKU version,
language, binary version number and so on) or that have been superseded by another update are
The following are important notes to consider when running ValidateMDA in audit mode.
When ValidateMDA is not run in audit mode, it will not include the Complaint/Non-Complaint result
in the output. Only the list of installed, not-applicable and missing updates will be listed based on
the use of the –installed and –missing switches.
ValidateMDA considers updates that are pending install (updates that require a reboot which has
not occurred to complete installation) as installed. ValidateMDA also considers updates that are
pending uninstall (updates that require a reboot which has not occurred to complete uninstallation)
as uninstalled.
Complaint/Non-Complaint DOS error level codes are returned when ValidateMDA is run with the –
audit switch only. Any codes returned without the –audit switch do not indicate a compliant or non-
compliant result.
<MDA AuditStartDate="01-2007">
…
</MDA>
You can change the start date of the audit switch by changing the value of this attribute. The default
value in the XML database provided by Microsoft is 01-2007.
<Package
Identity="Package_1_for_KB941568~31bf3856ad364e35~amd64~~6.0.1.0"
Keyword="KB941568" MinSP="0" MaxSP="0" SKU="" MDAReleaseDate="12-2007"
MDARequired="false">
Important Changing the MDARequired attribute value for an update in the XML database will affect the
result of the -audit, -installed and -missing switches.
Important The table above applies to DOS Error Level codes returned when ValidateMDA is run with
the –audit switch only. Any codes returned without the –audit switch do not indicate a compliant or
non-compliant result.
The DOS error level enables ValidateMDA to be included in scripts. The following is an example script
that can be used to catch the DOS error level returned by ValidateMDA.
@ECHO OFF
:BEGIN
ValidateMDA.exe ..\UpdateDatabase.xml -audit -text result.txt
IF ERRORLEVEL ==2 GOTO TWO
IF ERRORLEVEL ==1 GOTO ONE
IF ERRORLEVEL ==0 GOTO ZERO
GOTO END
:TWO
ECHO EXIT CODE 2 (ERROR)
GOTO END
:ONE
ECHO EXIT CODE 1 (NOT-COMPLIANT)
GOTO END
:ZERO
ECHO EXIT CODE 0 (COMPLIANT)
:END
Version: 1.0.0.7
INSTALLED UPDATES
=======================
Update #1:
Identity: Package_1_for_KB941568~31bf3856ad364e35~x86~~6.0.1.0
Keyword: KB941568
State: Installed
...
=======================
Update #40:
Identity: Package_for_KB931768~31bf3856ad364e35~x86~~6.0.1.5
Keyword: KB931768
State: Absent
Update #44:
Identity: Package_1_for_KB931174~31bf3856ad364e35~x86~~6.0.1.1
State: Superseded
MISSING UPDATES
=======================
Update #18:
Identity: Package_for_KB933360~31bf3856ad364e35~x86~~6.0.1.0
Keyword: KB933360
State: Absent
The following is an example of xml output (an example of console and text file output can be found in
the previous example). The same information output to the console is output to the text and xml files
specified.
Important ValidateMDA will include a Result element in the XML output when run in audit mode that
includes the complaint or non-complaint result of the scan. For example
<Result>Complaint</Result>. This is not included in the example below because ValidateMDA
is not being run in audit mode.
<MDA>
<Version>1.0.0.7</Version>
<Installed>
<Update>
<Identity>Package_1_for_KB941568~31bf3856ad364e35~x86~~6.0.1.0</Identi
ty>
<Keyword>KB941568</Keyword>
<MDAReleaseDate>2007-12</MDAReleaseDate>
<InstallDate>12-18-2007</InstallDate>
</Update>
</Installed>
<NotApplicable>
<Update>
<Identity>Package_1_for_KB941229~31bf3856ad364e35~x86~~6.0.2.2</Identi
ty>
<Keyword>KB941229</Keyword>
<MDAReleaseDate>2007-11</MDAReleaseDate>
<State>Absent</State>
</Update>
<Update>
<Identity>Package_1_for_KB931174~31bf3856ad364e35~x86~~6.0.1.1</Identi
ty>
<Keyword>KB931174</Keyword>
<MDAReleaseDate>2007-04</MDAReleaseDate>
<State>Superseded</State>
</Update>
</NotApplicable>
<Missing>
<Update>
<Identity>Package_for_KB933360~31bf3856ad364e35~x86~~6.0.1.0</Identity
>
<Keyword>KB933360</Keyword>
<MDAReleaseDate>2007-09</MDAReleaseDate>
<State>Absent</State>
</Missing>
</MDA>
Audit Switch
The following example produces the same output as the previous example but uses the –audit switch
which automatically adds the –from, -to, -installed and –missing switches. Like the previous example,
this example is restricted to MDA Milestone 3 required updates released in January and February of
2007 (the audit date in this example is 05-01-2007 which is found in csup.txt on the system being
scanned).
Offline Switch
The –offline switch must be used when ValidateMDA is run offline, for example in the Microsoft
Windows Pre-installation Environment (Windows PE). The –offline switch takes the boot drive letter and
the path to the Windows directory on the computer as input.
The following are important notes to consider when using the offline switch.
The –offline switch can only be used when ValidateMDA is run offline in WinPE.
The cbscore.dll, wcp.dll, cbsmsg.dll and dpx.dll files must be included in the same folder as
ValidateMDA when using the –offline switch.
ValidateMDA will only run offline from a Windows Vista version of WinPE.
You must use the same architecture version of ValidateMDA as the architecture version of WinPE.
For example, the x86 version of ValidateMDA with the x86 version of WinPE.
The following example produces the same output as the Console, Text, XML, Installed, Missing, From
and To Switches example above but run in offline mode.