is update approved for specific group via powershell?

-

hello, 

i have script auto approves updates based on release date specific groups. script checks see if update has been approved (e.g. isapproved) , either skips if it's been approved or approves specific group (e.g. $update.approve("install",$wsus_group)). problem i'm running if approve update1 groupa, later check update1's isapproved see whether or not need approve groupb, update1's isapproved $true , therefor script skips approving groupb. i've checked update's object , don't see multi-valued var groups been approved for. i've started poke around other microsoft.updateservices.administration namespaces don't see 1 has info i'm looking for. 

so, how can view updates have been approved groupa vs groupb?

thanks! 

hi joey,

if want approve updates multiple groups, , want check if updates have been approved groups, please check script below:

can examine 1 computergroup , find updates not approved 1 or multiple other computer groups.

$servername="localhost" $targetcomputergroup="baselinegroup" $checkformissing="missinggroup1,missinggroup2"  [void][reflection.assembly]::loadwithpartialname("microsoft.updateservices.administration") $wsus=[microsoft.updateservices.administration.adminproxy]::getupdateserver($servername,$false) $computergroup=$wsus.getcomputertargetgroups()|foreach-object -process {if ($_.name -eq $targetcomputergroup) {$_}} $updatescope=new-object microsoft.updateservices.administration.updatescope $updatescope.approvedstates="any" $updatescope.approvedcomputertargetgroups.add($computergroup) $approvals = $wsus.getupdateapprovals($updatescope)  #at point have of updates assigned $targetcomputergroup  $report= @() write-host "querying updates approved $targetcomputergroup"  foreach ($approval in $approvals) {    $record=""|select-object computergroup,updatename, updateid    $record.computergroup=$wsus.getcomputertargetgroup($approval.computertargetgroupid).name    $record.updatename=$wsus.getupdate($approval.updateid).title    $record.updateid=$wsus.getupdate($approval.updateid).id.updateid    $report +=$record    }  #now group results updatename $gr=$report|group -property updatename  $checkformissing=$checkformissing.split(",")   foreach ($entry in $gr) {     $groups=@()     foreach ($g in $entry.group) {         $groups += $g.computergroup         }     foreach ($missing in $checkformissing) {         if ($groups -contains $missing) {}         else{             new-object psobject -property @{             name = $entry.name             updateid = $entry.group[0].updateid             groupmissing = $missing             }         }     } }

reference from:

wsus report approvals group

i hope helps.



Windows Server  >  Windows PowerShell



Comments

Post a Comment

Popular posts from this blog

Schannel Issue

-
hello there, i have windows 2008 r2 machine. , have hosted sharepoint 2010 on it. i have site have published on internet. i don't know whether it's related , getting error unable resolve or come conclusion. it's pretty frequent. my server patched latest updates. log name:      system source:        schannel date:          8/12/2011 3:49:43 pm event id:      36887 task category: none level:         error keywords:      user:          system computer:      mycomp.domain.com description: following fatal alert received: 42.   the above error doesn't provide info . could please me identify issue , possible solution ? there have been lot of posts one. i believe can safely ignored...
Read more

Indexing Server

-
just quick question - 2008 have indexing server? can't see option - , want setup web based search engine using indexing server catalogs , asp.net....   it availble? does not based on - http://technet2.microsoft.com/windowsserver2008/en/library/82bac070-bee4-452e-a783-3ce31b5e1d0f1033.mspx?mfr=true Windows Server  >  Management
Read more

oclist /xml or /?

-
oclist have qualifiers? can behaviour changed, example output xml?   given previous comments andrew m , comments in forums , blogs think answer no, it’s simple app calling underlying api, thought i'd ask can't seem find anything.   why asking question? i'd @ least 2 things oclist (apart nicer looking output [which i'm not going get], dependances listed [dicussed in forum , ruled out], , refrushing add ad componets , telling use dcpromo [which in banner know]): - whether installing component cuase / require reboot (currently believe qwave , printing services require reboot)   - xml output, can't justify team looking see if can commality with full server   fwiw :j   hi,   oclist not have qualifiers or ways change output. when iis came in late, make oclist output longer, unfortunately late make significant changes.   i'll take feedback , add our list next version.   thanks,   andrew   ...
Read more