To Approve a list of updates in a file for a specific group in WSUS using PowerShell

 

This script will help to read the list of update ID from a file and then approve them for a specific group

#Change server name and port number and $True if it is on SSL
[String]$updateServer1 = "CMCAS"
[Boolean]$useSecureConnection = $False
[Int32]$portNumber =8530

#Group to which you need to approve
$groupname = "CMCAS-CG"
#File where update if for the updates to be installed are saved
$path = "C:\temp\Updateid.csv"

# Load .NET assembly
[void][reflection.assembly]::LoadWithPartialName("Microsoft.UpdateServices.Administration")

# Connect to WSUS Server
$updateServer = [Microsoft.UpdateServices.Administration.AdminProxy]::getUpdateServer($updateServer1,$useSecureConnection,$portNumber)
write-host "Connected sucessfully To WSUS server >>>...." -foregroundcolor "yellow"
Import-csv -path $path -Header updateid | foreach `
{
$approveupdate =$approveupdate =$_.updateID
$isavup= 'False'
$u = $updateServer.GetUpdates()
foreach ($u1 in $u )
{
$a=New-Object Microsoft.UpdateServices.Administration.UpdateRevisionId
$a=$u1.id

        #checking if the update ID in question is to be approved if yes approve else loop through
if ($a.UpdateId -eq $approveupdate)

            {
$isavup= 'True'
$group = $updateServer.GetComputerTargetGroups() | where {$_.Name -eq $groupname}
$isapp=$u1.GetUpdateApprovals($group)
#Checking if already approved and if not approve it
if ($isapp.action -eq 'Install')
{
write-host "Update ID: " $a.UpdateId "For Group :" $groupname "already approved" -foregroundcolor "yellow"
}
else
{
write-host "Approving update " $a.UpdateId "For Group :" $groupname -foregroundcolor "yellow"
$group = $updateServer.GetComputerTargetGroups() | where {$_.Name -eq $groupname}
$u1.Approve(“Install”,$group) | out-null
}
}
}
if ($isavup -eq 'False')
{
write-host "Update ID" $approveupdate "Not in WSUS Database" -foregroundcolor "yellow"
}
}

#This will help to catch the exception if any and display

trap
{
write-host "Error Occurred"
write-host "Exception Message: "
write-host $_.Exception.Message
write-host $_.Exception.StackTrace
exit
}
# EOF

Sample File for input update ID

image

Output will be like this

image

Sudheesh N

This posting /Script is provided "AS IS" with no warranties and confers no rights

UpdateApproval.zip

Comments

  • Anonymous
    August 27, 2015
    Thanks, i will try it,
  • Anonymous
    February 22, 2016
    Hi, how can i modify the script, if i have list of KB number eg
    kb1111111
    kb2222222
    kb3333333
  • Anonymous
    July 12, 2016
    The comment has been removed
  • Anonymous
    September 27, 2017
    hithanks for your helpful script.i need to approve list of update to list of computer group for example 10 computer groups.when i have placed to computer groups to this section ($groupname = "CMCAS-CG")i get error.what shall i do?