Solved

WSUS and patching with Powershell

Posted on 2013-11-25
7
692 Views
Last Modified: 2016-02-20
Hello,

I'm setting up a WSUS server to patch my Windows servers, but the problem I am running into is actually scheduling the patches to coincide with our maintenance window once a month.  WSUS doesn't allow for that type of schedule so I thought a way around this would be to have the servers check into the WSUS for patches and download them but not install automatically.  Then on our maintenance window I can schedule a task to run a Powershell script to initiate the install and reboot at the appropriate times.  I've tried to find a solution to this but have been unsuccessful.

Has anyone worked around this limitation in WSUS, or know of a way to kick off the install with Powershell?  I want to be able to start the tasks on the servers from one central server.

I appreciate any help you can give.  Thanks!
0
Comment
Question by:flatleyld
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 39676091
...but the problem I am running into is actually scheduling the patches to coincide with our maintenance window once a month.  WSUS doesn't allow for that type of schedule...

???

Option  4 - Auto download and schedule the install

http://technet.microsoft.com/en-us/library/cc512630.aspx
0
 
LVL 40

Assisted Solution

by:Subsun
Subsun earned 150 total points
ID: 39676093
There is a PowerShell utility PoshPAIG.tool, you can check and see if it works for you..

http://blogs.technet.com/b/heyscriptingguy/archive/2011/08/13/use-powershell-to-audit-and-install-windows-patches.aspx
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 39676095
4 - Auto download and schedule the install
This policy option works very well in environments where known business hours and maintenance windows are fairly stable and predictable. For systems in an environment with predictable usage schedules, downloading in the background and setting a scheduled installation to occur at specific hours after core business works well for environments with static systems that are left on or in energy-saving modes. If this policy is enabled, the default time for the scheduled install is 3:00 A.M. once a day. If an update requires a reboot in order to complete installation, the client will automatically reboot. If an administrative user happens to be logged on during this time, they will see a restart notification and have the option to delay the reboot. Non-administrative users will see the notification (enabling them to save their work). They will not be able to delay the restart, but they can initiate the reboot.
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 
LVL 47

Expert Comment

by:Donald Stewart
ID: 39676100
Sorry...missed that you wanted once a month :(
0
 
LVL 47

Assisted Solution

by:Donald Stewart
Donald Stewart earned 150 total points
ID: 39676104
This is a good option for you

http://www.wuinstall.com/
0
 

Accepted Solution

by:
flatleyld earned 0 total points
ID: 39690040
I found a program called BatchPatch This gets me around my issue of scheduling the installs to take place.
0
 

Author Closing Comment

by:flatleyld
ID: 39702867
It provided the best work around to my original issue.  It didn't solve it how I wanted, but works another way.
0

Featured Post

The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question