function Get-WIAStatusValue($value) { switch -exact ($value) { 0 {"NotStarted"} 1 {"InProgress"} 2 {"Succeeded"} 3 {"SucceededWithErrors"} 4 {"Failed"} 5 {"Aborted"} } } $needsReboot = $false $UpdateSession = New-Object -ComObject Microsoft.Update.Session $UpdateSearcher = $UpdateSession.CreateUpdateSearcher() Write-Host " - Searching for Updates" $SearchResult = $UpdateSearcher.Search("IsAssigned=1 and IsHidden=0 and IsInstalled=0") Write-Host " - Found [$($SearchResult.Updates.count)] Updates to Download and install" Write-Host foreach($Update in $SearchResult.Updates) { # Add Update to Collection $UpdatesCollection = New-Object -ComObject Microsoft.Update.UpdateColl if ( $Update.EulaAccepted -eq 0 ) { $Update.AcceptEula() } $UpdatesCollection.Add($Update) | out-null # Download Write-Host " + Downloading Update $($Update.Title)" $UpdatesDownloader = $UpdateSession.CreateUpdateDownloader() $UpdatesDownloader.Updates = $UpdatesCollection $DownloadResult = $UpdatesDownloader.Download() $Message = " - Download {0}" -f (Get-WIAStatusValue $DownloadResult.ResultCode) Write-Host $message # Install Write-Host " - Installing Update" $UpdatesInstaller = $UpdateSession.CreateUpdateInstaller() $UpdatesInstaller.Updates = $UpdatesCollection $InstallResult = $UpdatesInstaller.Install() $Message = " - Install {0}" -f (Get-WIAStatusValue $DownloadResult.ResultCode) Write-Host $message Write-Host $needsReboot = $installResult.rebootRequired } if($needsReboot) { restart-computer }Remember I did not write this script but I got it from the internet, but it does work beautifully when you are local
I know I am connecting to the box and connecting well. I can get info about that computer, and the updates search returns the updates list for that could only be for that computer. But as you can see the createUpdateDownloader and createUpdateInstaller both give an error that according to MSDN is because I am running them from a remote computer
Hi,
Have you tried PsExec tool? If not, please try to use it to execute remote script to test. You can run "psexec \\remotecomputer powershell wu.ps1"
http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx
If there is any error, please let us know the detailed error message.
Thanks.
http://blogs.technet.com/heyscriptingguy/archive/2010/02/17/hey-scripting-guy-february-17-2010a.aspx
Maybe if you are using 2003, you may have the same type of issue.
looking forward for running this script on all of my Win2003 OU.
Cheers !
This script works great but I would like to make a suggestion.
Add $VerbosePreference = "Continue" to the top and then change all Write-Host with Write-Progress. It has the same effect except instead of saying that it is downloading an update it is giving you a progress bar as well. Updated script below.
$VerbosePreference = "Continue"
$DebugPreference = "Stop"
function Get-WIAStatusValue($value)
{
switch -exact ($value)
{
0 {"NotStarted"}
1 {"InProgress"}
2 {"Succeeded"}
3 {"SucceededWithErrors"}
4 {"Failed"}
5 {"Aborted"}
}
}
$needsReboot = $false
$UpdateSession = New-Object -ComObject Microsoft.Update.Session
$UpdateSearcher = $UpdateSession.CreateUpdateSearcher()
Write-Progress " - Searching for Updates"
$SearchResult = $UpdateSearcher.Search("IsAssigned=1 and IsHidden=0 and IsInstalled=0")
Write-Verbose " - Found [$($SearchResult.Updates.count)] Updates to Download and install"
foreach($Update in $SearchResult.Updates)
{
# Add Update to Collection
$UpdatesCollection = New-Object -ComObject Microsoft.Update.UpdateColl
if ( $Update.EulaAccepted -eq 0 ) { $Update.AcceptEula() }
$UpdatesCollection.Add($Update) | out-null
# Download
Write-Progress " + Downloading Update $($Update.Title)"
$UpdatesDownloader = $UpdateSession.CreateUpdateDownloader()
$UpdatesDownloader.Updates = $UpdatesCollection
$DownloadResult = $UpdatesDownloader.Download()
$Message = " - Download {0}" -f (Get-WIAStatusValue $DownloadResult.ResultCode)
Write-Verbose $message
# Install
Write-Progress " - Installing Update"
$UpdatesInstaller = $UpdateSession.CreateUpdateInstaller()
$UpdatesInstaller.Updates = $UpdatesCollection
$InstallResult = $UpdatesInstaller.Install()
$Message = " - Install {0}" -f (Get-WIAStatusValue $DownloadResult.ResultCode)
Write-Verbose $message
$needsReboot = $installResult.rebootRequired
}
if($needsReboot)
{
Write-Debug "Restarting Computer please close all open apps"
restart-computer
}
Carlos,
I am glad you liked the script, the reasons I used write-host and not show a progress bar is this script was intended to run on remote machines (QA Machines) in the middle of the night with no users logged in. It is meant as part of an automation framework and progress bars would only break the system.
Hi,
this is a security Feature, Windows Update with Powershell Remoting do not work.
But here is a work a round:
- save your Update Script on a Network Share
- create remote on each System a Update Task with the Task sheduler
SCHTASKS /Create /S $Computer /RU "{User}" /RP "{PASSWORT}" /RL HIGHEST /SC ONCE /ST 05:30 /TR 'powershell.exe -noProfile -ExecutionPolicy Bypass -File "\\{SHARE}\{Path}\{Script}" /TN "{TaskName}"
This Task can you now start remote
SCHTASKS /Run /S $Computer /TN "{TaskName}"You can use for >SCHTASKS< in Powershell 3.0 the TaskScheduler CMDLETS for create the Tasks.
Beste regards
brima
did you ever figure out why remoting didn't work? does it have to do with needing admin rights on the remote client to install updates?
PowerShell remoting doesn't work because it is still detected as a remote COM object creation, which is by design for security reasons. If you view the $host.name properties while using PowerShell remoting, comes back with ServerRemoteHost. A couple of options include using PSexec.exe (do not supply credentials as it goes across the network as cleartext) or creating a scheduled job like brima has shown. More information about these COM objects and the ones that are and are not "remote capable" are at the link below.
http://msdn.microsoft.com/en-us/library/aa387288(v=vs.85).aspx
This whole concept is beyond odd. I'm a domain admin, I'm properly authenticated, I've gone to the effort to enable powershell remoting in the first place - and I'm not allowed to run updates. How is this any different than a Linux admin using ssh to connect and run 'apt-get' or 'yum' or whatever is appropriate to the distro?
I'm connected as an admin, I can already do all kinds of damage so I'm not sure how this 'security feature' is implementing any real security. Makes me wonder if this isn't come thinly veiled attempt to block this kind of usage and 'encourage' us to purchase whatever part of System Center will do this for me.
Annoying...