WSUS Offline Automation

The following scripts and utilities will streamline the automation of pushing out Windows Updates to several machines at once without an internet connection using WSUS Offline.

1. Download PsTools and extract to X:\PsTools on your server.

2. Download the WSUS Offline zip file and extract it to X:\wsusoffline

3. Run X:\wsusoffline\UpdateGenerator.exe, select your Windows and Office Updates and click Start to generate the update folder.  This will take several minutes depending on the selections you’ve made.

4. Share the wsusoffline folder as \\SERVER\wsusoffline.

5. Create the RunUpdate.bat initiation script using the command below and save it to the server’s desktop.

RunUpdate.bat

X:\pstools\psexec.exe \\computername1,computername2,computernameN -d -u DOMAIN\user -p password -i \\SERVER\wsusoffline\update.bat
  • The -d switch tells psexec to not wait for the client to return from the script.  This allows you to update multiple machines at once, rather than one at a time.
  • The -i switch tells psexec to run the script interactively, or in other words, on the current user’s desktop, allowing you to monitor the progress of the update.bat script run (below).
  • The update.bat file is the script the workstations will run to connect to the server and call the wsusoffline updater script.

6. Create the update script that the target computers to update will run.

update.bat

@echo off
net use w: \\SERVER\wsusoffline /persistent:no
w:
cd client\cmd
call doupdate.cmd /nobackup /updatercerts
shutdown -r -t 30

7. Run the script from the server to start the update.

8. The clients will run update.bat and begin automatically installing updates, then reboot upon completion.

9. Run the RunUpdate.bat script on the server after each update and reboot cycle to fully patch the target workstations, as it will do certain updates in batches.

4 thoughts on “WSUS Offline Automation

  1. Hi, I am using the wsusoffline tool, but we have OS enviroment from Windows 2008 onwards where I tried this way to automate on multiple servers but did not successfull, could you please help me to do this automation from powershell script.

    Like

      1. Thanks for your response, but that’s not the problem with version, I am looking for automate the process from powershell script as using this suggested method on this article using PSxec, not successfull on servers which are having windows 2008 onwards higher OS version. see below what I am trying to do..
        ========================================================
        $Servers = Get-Content “G:\GP\Script\Servers.txt”
        foreach ($c in $Servers)
        {{
        $files= get-content “G:\gp\Script\fileslist.txt”
        Foreach ($File in $Files)
        {Copy-Item $file -Destination \\$c\C$\ -force}}

        $sessions = New-PSSession -ComputerName $c -Credential $Cred

        Invoke-Command -Session $sessions -ScriptBlock { Invoke-Expression “cmd.exe /c C:\wsusupdate.CMD”} -ArgumentList wsusupdate.CMD -AsJob
        }

        $files= get-content “G:\gp\Script\fileslist.txt”
        Foreach ($File in $Files)
        {Copy-Item $file -Destination \\$c\C$\ -force}

        Id Name PSJobTypeName State HasMoreData Location Command
        — —- ————- —– ———– ——– ——-
        1 Job1 RemoteJob Running True Testsrv01 Invoke-Expression “cm…
        ========================================================
        So file “wsusupdate.CMD” is the batch file which is having below;
        ====================================================
        @echo off
        net use w: \\SERVER\wsus /persistent:no
        w:
        cd wsusoffline\client\cmd
        call doupdate.cmd /nobackup /updatercerts
        ====================================================

        So I can see in the PS screen that Job1 is started on “Testsrv01” but if I want to check it from Testsrv01 end, I need to login to server and once I logged ,, then it gets start, so there is login dependencies, which I dont need ..as its not completly automating the process. Hence I would require your assitence for the same.

        More appreciate for further inputs from your end.

        Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s