Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 752
  • Last Modified:

WSUS and patching with Powershell

Hello,

I'm setting up a WSUS server to patch my Windows servers, but the problem I am running into is actually scheduling the patches to coincide with our maintenance window once a month.  WSUS doesn't allow for that type of schedule so I thought a way around this would be to have the servers check into the WSUS for patches and download them but not install automatically.  Then on our maintenance window I can schedule a task to run a Powershell script to initiate the install and reboot at the appropriate times.  I've tried to find a solution to this but have been unsuccessful.

Has anyone worked around this limitation in WSUS, or know of a way to kick off the install with Powershell?  I want to be able to start the tasks on the servers from one central server.

I appreciate any help you can give.  Thanks!
0
flatleyld
Asked:
flatleyld
  • 4
  • 2
3 Solutions
 
Donald StewartNetwork AdministratorCommented:
...but the problem I am running into is actually scheduling the patches to coincide with our maintenance window once a month.  WSUS doesn't allow for that type of schedule...

???

Option  4 - Auto download and schedule the install

http://technet.microsoft.com/en-us/library/cc512630.aspx
0
 
SubsunCommented:
There is a PowerShell utility PoshPAIG.tool, you can check and see if it works for you..

http://blogs.technet.com/b/heyscriptingguy/archive/2011/08/13/use-powershell-to-audit-and-install-windows-patches.aspx
0
 
Donald StewartNetwork AdministratorCommented:
4 - Auto download and schedule the install
This policy option works very well in environments where known business hours and maintenance windows are fairly stable and predictable. For systems in an environment with predictable usage schedules, downloading in the background and setting a scheduled installation to occur at specific hours after core business works well for environments with static systems that are left on or in energy-saving modes. If this policy is enabled, the default time for the scheduled install is 3:00 A.M. once a day. If an update requires a reboot in order to complete installation, the client will automatically reboot. If an administrative user happens to be logged on during this time, they will see a restart notification and have the option to delay the reboot. Non-administrative users will see the notification (enabling them to save their work). They will not be able to delay the restart, but they can initiate the reboot.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
Donald StewartNetwork AdministratorCommented:
Sorry...missed that you wanted once a month :(
0
 
Donald StewartNetwork AdministratorCommented:
This is a good option for you

http://www.wuinstall.com/
0
 
flatleyldAuthor Commented:
I found a program called BatchPatch This gets me around my issue of scheduling the installs to take place.
0
 
flatleyldAuthor Commented:
It provided the best work around to my original issue.  It didn't solve it how I wanted, but works another way.
0

Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now