Archive for December 10th, 2007

Forcing Windows Updates with PowerShell

Patches, Scripting December 10th, 2007

Lately, I have had to set up a number of computers from scratch (I know, I know, I should have updated my base image, but I didn’t…). As I was setting up the computers, I wanted to make sure their patch level was current.

Going to Windows Update (Microsoft Update) showed around 91 updates to download. I said to myself, “Self, I already downloaded all these updates to my Windows Server Update Services server. Isn’t there an easy way to make this computer update from there?”

In my environment, the location of the computer determines what Organizational Unit it is in my Active Directory, which in turn, says when it is scheduled to download updates.

A short Google search later, and I found a batch file which will cause a client computer to check with a local WSUS server (or MS Update if there is not an assigned local server) at Patchaholic – the WSUS Blog!

Since I’m a PowerShell fan, I though I should translate this simple batch file to PowerShell (and give it a more PowerShelly name).

#* FileName: Invoke-WindowsUpdate.ps1
#* Script Name: [Invoke-WindowsUpdate]
#* Created: [12/10/07]
#* Author: Steven Murawski
#* Company:
#* Email:
#* Web:
#* Reqrmnts:
#* Keywords:
#* Purpose: This script will force a computer to check for updates from
#* Microsoft Update or a local WSUS Server. This script is the
#* PowerShell version of the batch file found at Patchaholic – The WSUS Blog

Write-Host “This PowerShell script will Force the Update Detection from the AU client:”
Write-Host “1. Stops the Automatic Updates Service (wuauserv)”
Write-Host “2. Deletes the LastWaitTimeout registry key (if it exists)”
Write-Host “3. Deletes the DetectionStartTime registry key (if it exists)”
Write-Host “4. Deletes the NextDetectionTime registry key (if it exists)”
Write-Host “5. Restart the Automatic Updates Service (wuauserv)”
Write-Host “6. Force the detection”
Read-Host “Press enter to continue”

# Stop the local Windows Update Service
Stop-Service wuauserv

# Set the location of registry key
$AutoUpdate = “HKLM:\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update”

# PowerShell allows you to navigate the registry like a drive
# The various registry hives are like drives, the keys are like files
# and their values are shown as properties.

# The switch statement below checks to see if any of the values below are set and deletes them
# if they are present.
switch (Get-ItemProperty $AutoUpdate)
{$_.LastWaitTimeout} {Remove-ItemProperty -Path $AutoUpdate -name LastWaitTimeout}
{$_.DetectionStartTime} {Remove-ItemProperty -Path $AutoUpdate -name DetectionStartTime}
{$_.NextDetectionTime} {Remove-ItemProperty -Path $AutoUpdate -name NextDetectionTime}

# Restart the local Windows Update Service
Start-Service wuauserv

# Call the command line client to check for new updates
wuauclt /detectnow

Write-Host “This AU client will now check for the Updates on the Local WSUS Server.”
Read-Host “Press enter to continue”

Translating this script was good, as it allowed me to work hands-on with the registry through PowerShell, which I had not yet had an opportunity to do.