# Ps1 script to compare computers in Active Directory and WSUS
cls
Import-Module ActiveDirectory

$out = "List of computers from AD that aren't listed in WSUS"

# WSUS has API for remote administration. You need to install WSUS administration console and configure access to WSUS.
$tmp1 = [reflection.assembly]::LoadWithPartialName("Microsoft.UpdateServices.Administration")
 
# Parameters: WSUS server name, $false - http, $true - https, 8530 - port  
$wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::GetUpdateServer("WSUSServerName", $fasle, 8530)
	 
# Get all computers registered on WSUS server
$WSUScomps = $wsus.GetComputerTargets()

# Get computer name from object and convert to upper case:
$WSUSCompNames = $WSUScomps | ForEach { $_.FullDomainName.ToUpper() }

# Get all computers from Active Directory
# (!userAccountControl:1.2.840.113556.1.4.803:=2) removes disabled computers 
$ADcomps = (new-object System.DirectoryServices.DirectorySearcher([ADSI] "LDAP://DC=yourdomain, DC=com","(&(objectCategory=computer)(!userAccountControl:1.2.840.113556.1.4.803:=2))")).findAll() 
 
# Get computer name from object and convert to upper case:
$ADCompNames = $ADcomps | ForEach {$_.GetDirectoryEntry().dNSHostName.ToString().ToUpper()}

# Get computers that are in Active Directory but aren't listed in WSUS
$NoWSUSCompNames = $ADCompNames | Where { $WSUSCompNames -notcontains $_ } |Sort-Object

foreach ($tmp in $NoWSUSCompNames) 
{
   $out = $out + "`r`n" + $tmp      
}
$out

# Send e-mail to admin
$EmailFrom = "info@yourdomain.com"
$EmailTo = "admin@yourdomain.com"
$Subject = "WSUS Compare AD"
$Body = $out
$SmtpServer = "127.0.0.1"
$smtp = New-Object net.mail.smtpclient($SmtpServer)
$smtp.Send($EmailFrom, $EmailTo, $Subject, $Body)