Lately, I have had to set up a number of computers from scratch (I know, I know, I should have updated my base image, but I didn’t…). As I was setting up the computers, I wanted to make sure their patch level was current.

Going to Windows Update (Microsoft Update) showed around 91 updates to download. I said to myself, “Self, I already downloaded all these updates to my Windows Server Update Services server. Isn’t there an easy way to make this computer update from there?”

In my environment, the location of the computer determines what Organizational Unit it is in my Active Directory, which in turn, says when it is scheduled to download updates.

A short Google search later, and I found a batch file which will cause a client computer to check with a local WSUS server (or MS Update if there is not an assigned local server) at Patchaholic – the WSUS Blog!

Since I’m a PowerShell fan, I though I should translate this simple batch file to PowerShell (and give it a more PowerShelly name).

#* FileName: Invoke-WindowsUpdate.ps1
#*================================================================
#* Script Name: [Invoke-WindowsUpdate]
#* Created: [12/10/07]
#* Author: Steven Murawski
#* Company:
#* Email: steve@acoupleofadmins.com
#* Web: http://www.acoupleofadmins.com
#* Reqrmnts:
#* Keywords:
#*===============================================================
#* Purpose: This script will force a computer to check for updates from
#* Microsoft Update or a local WSUS Server. This script is the
#* PowerShell version of the batch file found at Patchaholic – The WSUS Blog
#* http://msmvps.com/blogs/athif/pages/66375.aspx
#*===============================================================

Write-Host “This PowerShell script will Force the Update Detection from the AU client:”
Write-Host “1. Stops the Automatic Updates Service (wuauserv)”
Write-Host “2. Deletes the LastWaitTimeout registry key (if it exists)”
Write-Host “3. Deletes the DetectionStartTime registry key (if it exists)”
Write-Host “4. Deletes the NextDetectionTime registry key (if it exists)”
Write-Host “5. Restart the Automatic Updates Service (wuauserv)”
Write-Host “6. Force the detection”
Read-Host “Press enter to continue”

# Stop the local Windows Update Service
Stop-Service wuauserv

# Set the location of registry key
$AutoUpdate = “HKLM:\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update”

# PowerShell allows you to navigate the registry like a drive
# The various registry hives are like drives, the keys are like files
# and their values are shown as properties.

# The switch statement below checks to see if any of the values below are set and deletes them
# if they are present.
switch (Get-ItemProperty $AutoUpdate)
{
{$_.LastWaitTimeout} {Remove-ItemProperty -Path $AutoUpdate -name LastWaitTimeout}
{$_.DetectionStartTime} {Remove-ItemProperty -Path $AutoUpdate -name DetectionStartTime}
{$_.NextDetectionTime} {Remove-ItemProperty -Path $AutoUpdate -name NextDetectionTime}
}

# Restart the local Windows Update Service
Start-Service wuauserv

# Call the command line client to check for new updates
wuauclt /detectnow

Write-Host “This AU client will now check for the Updates on the Local WSUS Server.”
Read-Host “Press enter to continue”

Translating this script was good, as it allowed me to work hands-on with the registry through PowerShell, which I had not yet had an opportunity to do.

Invoke-WindowsUpdate.ps1

ForceUpdate.bat



Comments

  1. 1
    Paul Sylvester
    December 10th, 2007 at 8:16 pm

    Or you could make an ISO of the all the patches with this:
    http://www.technibble.com/repair-tool-of-the-week-offline-update/

    For when you have to re-install a system from scratch. It will save you time!!

  2. 2
    Lucifist
    April 21st, 2008 at 9:24 am

    Thats just resetting the client and doing a re-detect. If you really want to automate the patching from a WSUS server, check this out. (And its powershell)

    http://spaces.msn.com/lucifist

    It should still be on my front page.

  3. 3
    Tyler
    July 9th, 2009 at 2:35 pm

    Lucifist, that post “Powershell and the Windows Update API” contains one of the worst scripts I have seen so far.

    1) Storing values in form elements!
    2) Using a form
    3) That picture box?
    4) Calling `cmd /c $env:WinDir\System32\Shutdown.exe` instead of using `shutdown`
    5) …

  4. 4
    Steve
    July 13th, 2009 at 8:30 pm

    Tyler,
    I can appreciate your viewpoint, but how about some credit for him putting something out there?
    Rather than just tearing down his script, introduce an improved version. That way more people can learn from both of your experiences and knowledge.

  5. 5
    Lucifist
    August 15th, 2009 at 11:56 am

    I have posted an updated (and formless) version of the script.

    Thanks

Leave a Comment

You must be logged in to post a comment.

blank