Sometimes I have a server or workstation that for whatever reason I need to update outside of its scheduled maintenance window. Instead of having to RDP in and update manually I have this SCCM script. To create approve and add SCCM Scripts see this post. This script can be run directly on a workstation but it is meant to be run out of SCCM. I’ll share another version of this that can be used outside of SCCM. The magic behind this script is a module called PSWindowsupdate. Awesome module that lets you kick off updates from powershell. This will log the updates that were installed in a file on the C:\ drive names PSWindowsupdatelog-date.log. If you are “watching” this you can psremote into the endpoint and run this command to tail the log file and watch the progress:

type C:\PSWindowsupdate-date.log -wait

Script:

This one will get all available updates from Microsoft.

 try {                
            Import-Module PSWindowsupdate -ErrorAction 1 -verbose                
            }
            catch {
                Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
                Install-Module PSWindowsupdate -force -Confirm:$false -verbose
                Import-Module PSWindowsUpdate
            }

Import-Module PSWindowsUpdate
$updatelist = 0

$updatelist = Invoke-Command -ScriptBlock {Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope Process;get-windowsupdate -WindowsUpdate -verbose}

Invoke-Command -ScriptBlock {Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope Process;$date = get-date -f MM-dd-yyyy-HH-mm-ss;Invoke-WUJob -runnow -Script "Set-ExecutionPolicy -ExecutionPolicy Bypass;ipmo PSWindowsUpdate;get-windowsupdate -MicrosoftUpdate -verbose; Install-WindowsUpdate -Microsoftupdate -AcceptAll -autoreboot | Out-File C:\PSWindowsUpdate-$date.log" -Confirm:$false -Verbose} -Verbose

This one will get all the updates that have been approved through SCCM.

 try {                
            Import-Module PSWindowsupdate -ErrorAction 1 -verbose                
            }
            catch {
                Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
                Install-Module PSWindowsupdate -force -Confirm:$false -verbose
                Import-Module PSWindowsUpdate
            }

Import-Module PSWindowsUpdate
$updatelist = 0

$updatelist = Invoke-Command -ScriptBlock {Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope Process;get-windowsupdate -verbose}

Invoke-Command -ScriptBlock {Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope Process;$date = get-date -f MM-dd-yyyy-HH-mm-ss;Invoke-WUJob -runnow -Script "Set-ExecutionPolicy -ExecutionPolicy Bypass;ipmo PSWindowsUpdate;get-windowsupdate -verbose; Install-WindowsUpdate -AcceptAll -autoreboot | Out-File C:\PSWindowsUpdate-$date.log" -Confirm:$false -Verbose} -Verbose

Tagged : force windows update powershell / powershell windows update / sccm / windows update SCCM