To Approve a list of updates in a file for a specific group in WSUS using PowerShell
This script will help to read the list of update ID from a file and then approve them for a specific group
#Change server name and port number and $True if it is on SSL
[String]$updateServer1 = "CMCAS"
[Boolean]$useSecureConnection = $False
[Int32]$portNumber =8530
#Group to which you need to approve
$groupname = "CMCAS-CG"
#File where update if for the updates to be installed are saved
$path = "C:\temp\Updateid.csv"
# Load .NET assembly
[void][reflection.assembly]::LoadWithPartialName("Microsoft.UpdateServices.Administration")
# Connect to WSUS Server
$updateServer = [Microsoft.UpdateServices.Administration.AdminProxy]::getUpdateServer($updateServer1,$useSecureConnection,$portNumber)
write-host "Connected sucessfully To WSUS server >>>...." -foregroundcolor "yellow"
Import-csv -path $path -Header updateid | foreach `
{
$approveupdate =$approveupdate =$_.updateID
$isavup= 'False'
$u = $updateServer.GetUpdates()
foreach ($u1 in $u )
{
$a=New-Object Microsoft.UpdateServices.Administration.UpdateRevisionId
$a=$u1.id
#checking if the update ID in question is to be approved if yes approve else loop through
if ($a.UpdateId -eq $approveupdate)
{
$isavup= 'True'
$group = $updateServer.GetComputerTargetGroups() | where {$_.Name -eq $groupname}
$isapp=$u1.GetUpdateApprovals($group)
#Checking if already approved and if not approve it
if ($isapp.action -eq 'Install')
{
write-host "Update ID: " $a.UpdateId "For Group :" $groupname "already approved" -foregroundcolor "yellow"
}
else
{
write-host "Approving update " $a.UpdateId "For Group :" $groupname -foregroundcolor "yellow"
$group = $updateServer.GetComputerTargetGroups() | where {$_.Name -eq $groupname}
$u1.Approve(“Install”,$group) | out-null
}
}
}
if ($isavup -eq 'False')
{
write-host "Update ID" $approveupdate "Not in WSUS Database" -foregroundcolor "yellow"
}
}
#This will help to catch the exception if any and display
trap
{
write-host "Error Occurred"
write-host "Exception Message: "
write-host $_.Exception.Message
write-host $_.Exception.StackTrace
exit
}
# EOF
Sample File for input update ID
Output will be like this
Sudheesh N
This posting /Script is provided "AS IS" with no warranties and confers no rights
Comments
- Anonymous
August 27, 2015
Thanks, i will try it, - Anonymous
February 22, 2016
Hi, how can i modify the script, if i have list of KB number eg
kb1111111
kb2222222
kb3333333 - Anonymous
July 12, 2016
The comment has been removed - Anonymous
September 27, 2017
hithanks for your helpful script.i need to approve list of update to list of computer group for example 10 computer groups.when i have placed to computer groups to this section ($groupname = "CMCAS-CG")i get error.what shall i do?