[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Pull updates from WSUS manually

Posted on 2006-05-25
13
Medium Priority
?
10,917 Views
Last Modified: 2009-08-11
I have around 100 laptops with XXP to configure that will not be used in a domain setting. I need to apply all MS hotfixes through Windows Update but I would like to save on time and bandwidth. Can I pull the hotfixes manually off of the WSUS server when I am setting up the laptops? Can WSUS work like a cache in this regard as opposed to having it push out the updates through GP?
0
Comment
Question by:aschosta
13 Comments
 
LVL 38

Expert Comment

by:younghv
ID: 16760481
If you set up the registry in each box to look at the IP of your WSUS server, that is where they will look for their 'Windows Update'.
I have the key here somewhere and will post it in a couple of minutes.
Vic
0
 
LVL 38

Expert Comment

by:younghv
ID: 16760506
To verify that the client is pointed to it, open the registry and go to key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
Make sure that in that key you see WUServer: http://SERVERNAME:PORT
0
 

Author Comment

by:aschosta
ID: 16760669
Can I enter the IP address and port right from the IE address line or does it have to be a registry hack?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 38

Expert Comment

by:younghv
ID: 16760742
Wow - great question!
I just tried it on ours but got a permissions error - that may just be the way we are configured.
Try yours and see if it works.
One of the smart guys around here is bound to check in soon and may have the answer/method of how to make that work.
Nice idea.
Vic
0
 

Author Comment

by:aschosta
ID: 16760757
I need to complete setup of WSUS on this domain, first. ISA 2000 server had the cache for these updates and when I upgraded to ISA 2004, they did not include that any longer. I look forward to your answer and I will work here, too.
0
 
LVL 10

Expert Comment

by:Walter Padrón
ID: 16760891
Hi aschosta,

Modify this settings, copy to a .reg file and import, the laptops then pull the updates off the wsus server.

cheers

--------
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]
"WUServer"="http://yourserver.local"
"WUStatusServer"="http://yourserver.local"

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
"NoAutoUpdate"=dword:00000000
"AUOptions"=dword:00000004
"ScheduledInstallDay"=dword:00000000
"ScheduledInstallTime"=dword:0000000d
"NoAutoRebootWithLoggedOnUsers"=dword:00000001
"AutoInstallMinorUpdates"=dword:00000001
"UseWUServer"=dword:00000001
"RescheduleWaitTimeEnabled"=dword:00000001
"RescheduleWaitTime"=dword:0000001e
"RebootRelaunchTimeoutEnabled"=dword:00000001
"RebootRelaunchTimeout"=dword:0000003c
0
 
LVL 7

Expert Comment

by:pegasys
ID: 16760892
Why not just copy the downloaded patches from the hidden (temoprary) windows update folder which is created while a windows update is being executed, and put those files on CD and run them that way?

its usually alot faster.

Regards

Pgx()
0
 

Author Comment

by:aschosta
ID: 16761267
What is the name of the temp folder so I can search for it?
0
 
LVL 6

Expert Comment

by:bkoehler-mpr
ID: 16761337
Take a look at Rob Dunn's [WSUS MVP] vbscript to do this:
http://www.vbshf.com/vbshf/forum/forums/thread-view.asp?tid=199&start=1
0
 
LVL 1

Accepted Solution

by:
daze71 earned 1000 total points
ID: 16761648
I am unsure of the source of my script, but it works great once client is configured for wsus. I pretty much figured that you will have a wsus running? There are absolutely no advantages using Windows Update, so set up a wsus which is reachable outside your firewall for those laptops.

I usually run this script remotely in Dameware NT Utilities through psexec on clients when updates needs to be done right away as opposed to the install time configured in wsus-settings. Windows update is way to slow and requires several reboots.

I use this script for every single laptop that comes out of Dell boxes :)

Configure client for wsus as usually, then run the script below to fetch and install all updates without a single extra reboot. Aplpy Office and other MS-apps prior to running the script to get updates for those as well.

It is a real time saver.

/N
Set updateSession       = CreateObject("Microsoft.Update.Session")
Set updateSearcher       = updateSession.CreateupdateSearcher()
Set searchResult       = updateSearcher.Search("IsInstalled=0 and Type='Software'")
Set File                   = CreateObject("Scripting.FileSystemObject")
logOutput                   = 1

If logOutput > 1 Then
      Set LogFile = File.OpenTextFile("c:\WUSforceupdate.log", 8, True)
      LogFile.WriteLine("***************************************************************")
      LogFile.WriteLine( "START TIME : " & now)
      LogFile.WriteLine( "Searching for updates..." & vbCRLF)
      LogFile.WriteLine( "List of applicable items on the machine:")
End If

If logOutput > 0 Then
WScript.echo("***************************************************************")
WScript.echo( "START TIME : " & now)
WScript.echo( "Searching for updates..." & vbCRLF)
WScript.echo( "List of applicable items on the machine:")
End If

For I = 0 To searchResult.Updates.Count-1
      Set update = searchResult.Updates.Item(I)
            
If logOutput > 1 Then LogFile.WriteLine( I + 1 & "> " & update.Title)
If logOutput > 0 Then wscript.echo ( I + 1 & "> " & update.Title)

Next

If searchResult.Updates.Count = 0 Then
      If logOutput > 1 Then LogFile.WriteLine( "There are no applicable updates.")
      If logOutput > 0 Then WScript.echo( "There are no applicable updates.")
      
      WScript.Quit
End If

If logOutput > 1 Then LogFile.WriteLine( VbCrLf & "Creating collection of updates to download:")
If logOutput > 0 Then WScript.echo( VbCrLf & "Creating collection of updates to download:")

Set updatesToDownload = CreateObject("Microsoft.Update.UpdateColl")

For I = 0 to searchResult.Updates.Count-1
      Set update = searchResult.Updates.Item(I)
            If logOutput > 1 Then LogFile.WriteLine( I + 1 & "> adding: " & update.Title )
            If logOutput > 0 Then WScript.Echo ( I + 1 & "> adding: " & update.Title )
            updatesToDownload.Add(update)
Next

If logOutput > 1 Then LogFile.WriteLine( vbCRLF & "Downloading updates...")
If logOutput > 0 Then WScript.Echo ( vbCRLF & "Downloading updates...")

Set downloader = updateSession.CreateUpdateDownloader()
      downloader.Updates = updatesToDownload
      downloader.Download()

      If logOutput > 1 Then LogFile.WriteLine( vbCRLF & "List of downloaded updates:")
      If logOutput > 0 Then WScript.Echo ( vbCRLF & "List of downloaded updates:")

For I = 0 To searchResult.Updates.Count-1
      Set update = searchResult.Updates.Item(I)
            If update.IsDownloaded Then
                  
                  If logOutput > 1 Then LogFile.WriteLine( I + 1 & "> " & update.Title )
                  If logOutput > 0 Then WScript.Echo ( I + 1 & "> " & update.Title )
            End If
Next

Set updatesToInstall = CreateObject("Microsoft.Update.UpdateColl")


      If logOutput > 1 Then LogFile.WriteLine( vbCRLF & "Creating collection of downloaded updates to install:" )
      If logOutput > 0 Then WScript.Echo ( vbCRLF & "Creating collection of downloaded updates to install:" )

For I = 0 To searchResult.Updates.Count-1
      set update = searchResult.Updates.Item(I)
            If update.IsDownloaded = true Then
                  If logOutput > 1 Then LogFile.WriteLine( I + 1 & "> adding: " & update.Title )
                  If logOutput > 0 Then WScript.Echo ( I + 1 & "> adding: " & update.Title )
                  updatesToInstall.Add(update)
            End If
Next


      If logOutput > 1 Then logFile.WriteLine( "Installing updates...")
      If logOutput > 0 Then WScript.Echo ( "Installing updates...")

Set installer = updateSession.CreateUpdateInstaller()
      installer.Updates = updatesToInstall
            Set installationResult = installer.Install()
            If logOutput > 0 Then
            'Output results of install to screen
                  WScript.echo( "Installation Result: " & installationResult.ResultCode )
                  WScript.echo( "Reboot Required: " & installationResult.RebootRequired & VbCrLf )
                  WScript.echo( "Listing of updates installed " & "and individual installation results:" )
            End If
            
            If logOutput > 1 Then
            'Output results of install to file
                  LogFile.WriteLine( "Installation Result: " & installationResult.ResultCode )
                  LogFile.WriteLine( "Reboot Required: " & installationResult.RebootRequired & VbCrLf )
                  LogFile.WriteLine( "Listing of updates installed " & "and individual installation results:" )
            End if
            
            For I = 0 To updatesToInstall.Count - 1
                  If logOutput > 1 Then LogFile.WriteLine( I + 1 & "> " & updatesToInstall.Item(i).Title & ": " & installationResult.GetUpdateResult(i).ResultCode )
                  If logOutput > 0 Then WScript.Echo ( I + 1 & "> " & updatesToInstall.Item(i).Title & ": " & installationResult.GetUpdateResult(i).ResultCode )
            Next

'//Need to reboot?
if installationResult.RebootRequired = -1 Then
      If logOutput > 1 Then LogFile.WriteLine( "reboot the machine")
      If logOutput > 0 Then WScript.Echo ( "reboot the machine")
end If

If logOutput > 1 Then
      LogFile.WriteLine( "STOP TIME : " & now)
      LogFile.WriteLine("***************************************************************")
      LogFile.Close
End If

If logOutput > 0 Then
      WScript.Echo ( "STOP TIME : " & now)
      WScript.Echo ("***************************************************************")
End if

0
 

Author Comment

by:aschosta
ID: 16761924
This looks like it will work great. Do you still have to approve or accept updates on WSUS or will declined ones still be pulled?
0
 
LVL 38

Expert Comment

by:younghv
ID: 16762028
You control the WSUS server, so what you want - the network gets.
0
 

Expert Comment

by:supportservices
ID: 22852533
When I saved the script posted as a .vbs file it looks like it is running well  but I get a line 3 character 1 error while it is running any idea what might be going wrong?
0

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction Often we come across situations wherein our batch files would be needing to reboot Windows for a variety of reasons. A few of them would be like: (1) Setup files have been updated whose changes can take effect only after a reboot …
Just about everyone has an old PC laying around.  Ask anyone in the IT industry, whether they are a professional or play in it as a hobby.  From outdated Desktops to cheap "throwaway" laptops, they are all around and not as hard to "fix up" as you m…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.
Suggested Courses

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question