Pull updates from WSUS manually

I have around 100 laptops with XXP to configure that will not be used in a domain setting. I need to apply all MS hotfixes through Windows Update but I would like to save on time and bandwidth. Can I pull the hotfixes manually off of the WSUS server when I am setting up the laptops? Can WSUS work like a cache in this regard as opposed to having it push out the updates through GP?
aschostaAsked:
Who is Participating?
 
daze71Commented:
I am unsure of the source of my script, but it works great once client is configured for wsus. I pretty much figured that you will have a wsus running? There are absolutely no advantages using Windows Update, so set up a wsus which is reachable outside your firewall for those laptops.

I usually run this script remotely in Dameware NT Utilities through psexec on clients when updates needs to be done right away as opposed to the install time configured in wsus-settings. Windows update is way to slow and requires several reboots.

I use this script for every single laptop that comes out of Dell boxes :)

Configure client for wsus as usually, then run the script below to fetch and install all updates without a single extra reboot. Aplpy Office and other MS-apps prior to running the script to get updates for those as well.

It is a real time saver.

/N
Set updateSession       = CreateObject("Microsoft.Update.Session")
Set updateSearcher       = updateSession.CreateupdateSearcher()
Set searchResult       = updateSearcher.Search("IsInstalled=0 and Type='Software'")
Set File                   = CreateObject("Scripting.FileSystemObject")
logOutput                   = 1

If logOutput > 1 Then
      Set LogFile = File.OpenTextFile("c:\WUSforceupdate.log", 8, True)
      LogFile.WriteLine("***************************************************************")
      LogFile.WriteLine( "START TIME : " & now)
      LogFile.WriteLine( "Searching for updates..." & vbCRLF)
      LogFile.WriteLine( "List of applicable items on the machine:")
End If

If logOutput > 0 Then
WScript.echo("***************************************************************")
WScript.echo( "START TIME : " & now)
WScript.echo( "Searching for updates..." & vbCRLF)
WScript.echo( "List of applicable items on the machine:")
End If

For I = 0 To searchResult.Updates.Count-1
      Set update = searchResult.Updates.Item(I)
            
If logOutput > 1 Then LogFile.WriteLine( I + 1 & "> " & update.Title)
If logOutput > 0 Then wscript.echo ( I + 1 & "> " & update.Title)

Next

If searchResult.Updates.Count = 0 Then
      If logOutput > 1 Then LogFile.WriteLine( "There are no applicable updates.")
      If logOutput > 0 Then WScript.echo( "There are no applicable updates.")
      
      WScript.Quit
End If

If logOutput > 1 Then LogFile.WriteLine( VbCrLf & "Creating collection of updates to download:")
If logOutput > 0 Then WScript.echo( VbCrLf & "Creating collection of updates to download:")

Set updatesToDownload = CreateObject("Microsoft.Update.UpdateColl")

For I = 0 to searchResult.Updates.Count-1
      Set update = searchResult.Updates.Item(I)
            If logOutput > 1 Then LogFile.WriteLine( I + 1 & "> adding: " & update.Title )
            If logOutput > 0 Then WScript.Echo ( I + 1 & "> adding: " & update.Title )
            updatesToDownload.Add(update)
Next

If logOutput > 1 Then LogFile.WriteLine( vbCRLF & "Downloading updates...")
If logOutput > 0 Then WScript.Echo ( vbCRLF & "Downloading updates...")

Set downloader = updateSession.CreateUpdateDownloader()
      downloader.Updates = updatesToDownload
      downloader.Download()

      If logOutput > 1 Then LogFile.WriteLine( vbCRLF & "List of downloaded updates:")
      If logOutput > 0 Then WScript.Echo ( vbCRLF & "List of downloaded updates:")

For I = 0 To searchResult.Updates.Count-1
      Set update = searchResult.Updates.Item(I)
            If update.IsDownloaded Then
                  
                  If logOutput > 1 Then LogFile.WriteLine( I + 1 & "> " & update.Title )
                  If logOutput > 0 Then WScript.Echo ( I + 1 & "> " & update.Title )
            End If
Next

Set updatesToInstall = CreateObject("Microsoft.Update.UpdateColl")


      If logOutput > 1 Then LogFile.WriteLine( vbCRLF & "Creating collection of downloaded updates to install:" )
      If logOutput > 0 Then WScript.Echo ( vbCRLF & "Creating collection of downloaded updates to install:" )

For I = 0 To searchResult.Updates.Count-1
      set update = searchResult.Updates.Item(I)
            If update.IsDownloaded = true Then
                  If logOutput > 1 Then LogFile.WriteLine( I + 1 & "> adding: " & update.Title )
                  If logOutput > 0 Then WScript.Echo ( I + 1 & "> adding: " & update.Title )
                  updatesToInstall.Add(update)
            End If
Next


      If logOutput > 1 Then logFile.WriteLine( "Installing updates...")
      If logOutput > 0 Then WScript.Echo ( "Installing updates...")

Set installer = updateSession.CreateUpdateInstaller()
      installer.Updates = updatesToInstall
            Set installationResult = installer.Install()
            If logOutput > 0 Then
            'Output results of install to screen
                  WScript.echo( "Installation Result: " & installationResult.ResultCode )
                  WScript.echo( "Reboot Required: " & installationResult.RebootRequired & VbCrLf )
                  WScript.echo( "Listing of updates installed " & "and individual installation results:" )
            End If
            
            If logOutput > 1 Then
            'Output results of install to file
                  LogFile.WriteLine( "Installation Result: " & installationResult.ResultCode )
                  LogFile.WriteLine( "Reboot Required: " & installationResult.RebootRequired & VbCrLf )
                  LogFile.WriteLine( "Listing of updates installed " & "and individual installation results:" )
            End if
            
            For I = 0 To updatesToInstall.Count - 1
                  If logOutput > 1 Then LogFile.WriteLine( I + 1 & "> " & updatesToInstall.Item(i).Title & ": " & installationResult.GetUpdateResult(i).ResultCode )
                  If logOutput > 0 Then WScript.Echo ( I + 1 & "> " & updatesToInstall.Item(i).Title & ": " & installationResult.GetUpdateResult(i).ResultCode )
            Next

'//Need to reboot?
if installationResult.RebootRequired = -1 Then
      If logOutput > 1 Then LogFile.WriteLine( "reboot the machine")
      If logOutput > 0 Then WScript.Echo ( "reboot the machine")
end If

If logOutput > 1 Then
      LogFile.WriteLine( "STOP TIME : " & now)
      LogFile.WriteLine("***************************************************************")
      LogFile.Close
End If

If logOutput > 0 Then
      WScript.Echo ( "STOP TIME : " & now)
      WScript.Echo ("***************************************************************")
End if

0
 
younghvCommented:
If you set up the registry in each box to look at the IP of your WSUS server, that is where they will look for their 'Windows Update'.
I have the key here somewhere and will post it in a couple of minutes.
Vic
0
 
younghvCommented:
To verify that the client is pointed to it, open the registry and go to key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
Make sure that in that key you see WUServer: http://SERVERNAME:PORT
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
aschostaAuthor Commented:
Can I enter the IP address and port right from the IE address line or does it have to be a registry hack?
0
 
younghvCommented:
Wow - great question!
I just tried it on ours but got a permissions error - that may just be the way we are configured.
Try yours and see if it works.
One of the smart guys around here is bound to check in soon and may have the answer/method of how to make that work.
Nice idea.
Vic
0
 
aschostaAuthor Commented:
I need to complete setup of WSUS on this domain, first. ISA 2000 server had the cache for these updates and when I upgraded to ISA 2004, they did not include that any longer. I look forward to your answer and I will work here, too.
0
 
Walter PadrónCommented:
Hi aschosta,

Modify this settings, copy to a .reg file and import, the laptops then pull the updates off the wsus server.

cheers

--------
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]
"WUServer"="http://yourserver.local"
"WUStatusServer"="http://yourserver.local"

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
"NoAutoUpdate"=dword:00000000
"AUOptions"=dword:00000004
"ScheduledInstallDay"=dword:00000000
"ScheduledInstallTime"=dword:0000000d
"NoAutoRebootWithLoggedOnUsers"=dword:00000001
"AutoInstallMinorUpdates"=dword:00000001
"UseWUServer"=dword:00000001
"RescheduleWaitTimeEnabled"=dword:00000001
"RescheduleWaitTime"=dword:0000001e
"RebootRelaunchTimeoutEnabled"=dword:00000001
"RebootRelaunchTimeout"=dword:0000003c
0
 
pegasysCommented:
Why not just copy the downloaded patches from the hidden (temoprary) windows update folder which is created while a windows update is being executed, and put those files on CD and run them that way?

its usually alot faster.

Regards

Pgx()
0
 
aschostaAuthor Commented:
What is the name of the temp folder so I can search for it?
0
 
bkoehler-mprCommented:
Take a look at Rob Dunn's [WSUS MVP] vbscript to do this:
http://www.vbshf.com/vbshf/forum/forums/thread-view.asp?tid=199&start=1
0
 
aschostaAuthor Commented:
This looks like it will work great. Do you still have to approve or accept updates on WSUS or will declined ones still be pulled?
0
 
younghvCommented:
You control the WSUS server, so what you want - the network gets.
0
 
supportservicesCommented:
When I saved the script posted as a .vbs file it looks like it is running well  but I get a line 3 character 1 error while it is running any idea what might be going wrong?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.