The following scripts and utilities will streamline the automation of pushing out Windows Updates to several machines at once without an internet connection using WSUS Offline.
1. Download PsTools and extract to X:\PsTools on your server.
2. Download the WSUS Offline zip file and extract it to X:\wsusoffline
3. Run X:\wsusoffline\UpdateGenerator.exe, select your Windows and Office Updates and click Start to generate the update folder. This will take several minutes depending on the selections you’ve made.
4. Share the wsusoffline folder as \\SERVER\wsusoffline.
5. Create the RunUpdate.bat initiation script using the command below and save it to the server’s desktop.
X:\pstools\psexec.exe \\computername1,computername2,computernameN -d -u DOMAIN\user -p password -i \\SERVER\wsusoffline\update.bat
- The -d switch tells psexec to not wait for the client to return from the script. This allows you to update multiple machines at once, rather than one at a time.
- The -i switch tells psexec to run the script interactively, or in other words, on the current user’s desktop, allowing you to monitor the progress of the update.bat script run (below).
- The update.bat file is the script the workstations will run to connect to the server and call the wsusoffline updater script.
6. Create the update script that the target computers to update will run.
@echo off net use w: \\SERVER\wsusoffline /persistent:no w: cd client\cmd call doupdate.cmd /nobackup /updatercerts shutdown -r -t 30
7. Run the script from the server to start the update.
8. The clients will run update.bat and begin automatically installing updates, then reboot upon completion.
9. Run the RunUpdate.bat script on the server after each update and reboot cycle to fully patch the target workstations, as it will do certain updates in batches.