Thursday, October 21, 2021

WSUS Part 3: Tuning you WSUS server with Powershell

WSUS Server cleanup

Because the WSUS server uses a lot of storage, it can be useful to clean the WSUS server regularly. This works well if you starts with cleaning regularly after a clean install. When you wait to long and the WSUS server becomes bigger and bigger, it will take a long time to clean the server. In PowerShell you can use this cmdlet:

Invoke-WsusServerCleanUp 

Parameters:

-CleanupObsoleteComputers

Specifies that the cmdlet deletes obsolete computers from the database.

-CleanupObsoleteUpdates

Specifies that the cmdlet deletes obsolete updates from the database.

-CleanupUnneededContentFiles

Specifies that the cmdlet deletes unneeded update files.

-CompressUpdates

Specifies that the cmdlet deletes obsolete revisions to updates from the database.

-DeclineExpiredUpdates

Specifies that the cmdlet declines expired updates.

-DeclineSupersededUpdates

Specifies that the cmdlet declines superseded updates.

-UpdateServer

Specifies the object that contains the WSUS server. This value is obtained by calling the Get-WsusServer cmdlet and passing the resulting IUpdateServer object into this cmdlet.

Example I use for my script:

Invoke-WsusServerCleanUp -CleanUpObsoleteUpdates -CleanupUnneededContentFiles -CompressUpdates


Posted by at No comments:
Labels: , , , , ,

Wednesday, October 13, 2021

WSUS Part 2: Create a task for Patch Tuesday with Powershell

I found out that it is not possible to choose a monthly schedule on the second tuesday of the month with "New-ScheduledTaskTrigger". It is only possible to use a monthly or weekly schedule. Because of this, I used SCHTASKS to create a task for my WSUS PowerShell scripts:

For more information about "New-ScheduledTaskTrigger":


Posted by at No comments:
Labels: , , ,

Wednesday, October 6, 2021

WSUS Part 1: Synchronization updates and Approve/Deny updates with Powershell

You can use PowerShell for WSUS management. This example works on a Windows Server with Powershell 5.1 and the Powershell WSUS module installed from Server Manager. You can start the synchronization and approve the updates with the example below:

You can use this example if you like to deny older updates:

All updates are denied when they are older then 4 months.

Sometimes it is necessary to accept a license agreement for an update. You can use this code to accept all license agreements:

Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)