question

Jayjay221-1872 avatar image
0 Votes"
Jayjay221-1872 asked Jayjay221-1872 commented

Powershell script to run 20-30 updates at a time

Hi guys,

very new sysadmin here.

I've currently taken over WSUS management and have found that we haven't been updating client agent machines for several years now...
I went through the process of cleaning up superseded updates, but have found that each of my clients need around 60-70 updates.

I've tested downloading and installing all 70 at once on a test machine, but this just causes it to crash.

Is there a way in PowerShell to group updates into several batches e.g., 20-30 at a time * 3 times = 60 updates, so that my machines don't freak?

I'm considering using PSWindowsUpdate as I can simply use Get-WindowsUpdate to find available updates.

The next steps are to divide the updates into batches of 20-30, probably by using a Foreach loop, and then simply install those updates, restart my pc, and then repeat till the other batches are done too.

I think I have the logic behind this, but I am too inexperienced in scripting to even know how I would loop through these updates, what sort of objects they are and where/how I could find/reference them in my script.

Any help would be appreciated, thanks!

windows-server-powershellwindows-server-update-services
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MotoX80 avatar image
0 Votes"
MotoX80 answered Jayjay221-1872 commented

I referenced these web sites.

https://adamtheautomator.com/pswindowsupdate/
http://woshub.com/pswindowsupdate-module/


My test vm only needed 4 updates, so I installed the first 2 with this.

 #import-module PSWindowsUpdate
 $Updates = Get-WindowsUpdate      
 $InstallKB = ($Updates).KB | Select-Object -First 2
 $InstallKB
 Get-WindowsUpdate -KBArticleID $InstallKB -Install -Confirm -AcceptAll -IgnoreReboot 
 if ((Get-WURebootStatus -Silent)) {
     "We need to reboot"
 }        

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello Moto,

I may use this solution in the future if for some reason updates stack like this again.

I ended up having to run all these updates manually - 20-30 updates at a time for 25 machines.

Shouldn't encounter something like this again though as I've set up a script to detect/download/install updates on a daily basis.

Cheers!





0 Votes 0 ·
RitaHu-MSFT avatar image
0 Votes"
RitaHu-MSFT answered RitaHu-MSFT edited

@Jayjay-1872
Thanks for your posting on Q&A.

I've currently taken over WSUS management and have found that we haven't been updating client agent machines for several years now...

What is the windows Version and OS build version of the machines? We could run the winver command on the RUN to confirm.

I went through the process of cleaning up superseded updates, but have found that each of my clients need around 60-70 updates

In fact, a lot of superseded updates will shown as Needed on the WSUS console. But we should only install the latest updates. Because all the previous Cumulative Updates will included into the Latest Cumulative Update. Please make sure you have approve the indeed Needed updates. It will be better if you could provide the related screenshot :) Thanks for your cooperation in advance.

In addition, we could apply the Specify source service for specific classes of Windows Updates policy and push the clients to scan for updates from the Internet and then install all the Needed updates. Then we could convert to the configuration back.
Please review the link to know more about the policy.

I didn't found any PowerShell scripts which we group updates into several batches and deploy for the clients. I will research further and will come back as soon as possible if there are any good news.

Hope the above will be helpful. Have a great day.

Best regards,
Rita


If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Jayjay221-1872 avatar image
1 Vote"
Jayjay221-1872 answered

Hi @RitaHu-MSFT,

thanks for taking the time to respond. I very much appreciate it.

90% of the machines I need to update run Windows Server 2012.

I have run a PowerShell script in advance to delete the chains of superseded updates, leaving only the latest ones.

I am not too concerned as to whether or not we have received the right updates - the previous admin has set up client agents to only receive critical + security updates.
The only issues are the persistent crashing and time-sink of having to remote into each client agent, then push 20 or so updates at a time.

Are there any alternatives to this brute-force method?

Thanks again!




5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

campbellkerr avatar image
2 Votes"
campbellkerr answered

Could you use PS Remoting to the servers? Or PSExec? Then you could loop through a bunch of .MSUs (the windows update installers).

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Jayjay221-1872 avatar image
0 Votes"
Jayjay221-1872 answered RitaHu-MSFT converted comment to answer

Hi @campbellkerr

I am drafting out the logic for how I am going to loop through these MSU's.
At the moment I just have a list of updates

$ListUpdates = Get-ChildItem -Path C:\Windows\SoftwareDistribution\Download -Recurse -Filter *Windows*KB*.msu

How would I be able to get their names so I could loop through them?

After I figure this out I can probably just put it in an array and then make a ForEach loop to start wusa.exe for each of the .msu's.

Would this make sense, and how would I go about implementing this?









· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I don't think that you can do it like that because some of those updates may have already been installed. I think that you need to let Windows Update decide what it needs to install. So that it can resolve dependency issues. But since you are so far behind, I'm not sure what is the best way to do that.

I'll play around a bit, but I don't know if there is a good solution.


2 Votes 2 ·

Ah right, heard that trying to run updates that are already installed do cause some crashing too.

Thanks for the input :)

1 Vote 1 ·
RitaHu-MSFT avatar image
1 Vote"
RitaHu-MSFT answered 02137510 commented

@MotoX80
Thanks for your sharing on this forum. I totally agree with you. In my opinion, connecting to the Internet and scanning for the updates from the Internet is the best choice.

@Jayjay221-1872
In addition, the Windows Server 2012 servers are not the same. For example, the Server 1 installed the updates which Server 2 didn't. So it is difficult for us to run the PowerShell scripts to deploy the updates. In my opinion, the better choice is to let the server to choose and install the missed updates.

Hopefully I'll describe myself clearly.

Have a great day.

Best regards,
Rita


If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

شكرا لك

0 Votes 0 ·