WSUS Script To Add List Of Computers To A Group In WSUS

Menu Skip to content

• Home
• About

  For a project at a client that uses WSUS 3.0 for server patch management, it was sometimes handy to be able to add machines to a certain group in WSUS automatically. They sometimes need to change membership for a large list of servers for a patch roll-out (like with the KB958644 critical hotfix). Also this enables you to schedule the script if you need to do this at a period when you normally like to sleep. This would otherwise require selecting them all manually in the WSUS Console from the ‘All Computers’ groups and changing the membership.   Feel free to copy and comment !   #Script to add machines to a WSUS group automatically:#The script needs Admin credentials and the WSUS Administration Console installed on the machine where it runs   $wsusgroup="TestGroup"$wsusparentgroup="All Computers"$serverlist=Get-Content ".\srvlist.txt" $date=get-date$date = [string]$date.day + $date.month + $date.year + $date.hour + $date.minute$succeslog=".\logs\" +$date +"_success.log"$errorlog=".\logs\" + $date +"_errors.log" #Initialization$WindowsUpdateServer= "wsus01" #Required WSUS Assembly – auto installed with WSUS Administration Tools[void][reflection.assembly]::LoadWithPartialName("Microsoft.UpdateServices.Administration") if (!$wsus) {        $wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::GetUpdateServer($WindowsUpdateServer,$False)} $UpdateGroups=$Wsus.GetComputerTargetGroups() $updategroup=$UpdateGroups | Where-Object{$_.Name -eq $wsusgroup} | Where-Object{$_.getparenttargetgroup().name -eq $wsusparentgroup} $computerScope = new-object Microsoft.UpdateServices.Administration.ComputerTargetScope$computerScope.IncludedInstallationStates = [Microsoft.UpdateServices.Administration.UpdateInstallationStates]::All $computers = $wsus.GetComputerTargets($computerScope) $WsusServers=@()$WsusServersShortNames=@() #Create arrays with shortname and FQDN of all servers in WSUSWrite-Host "Collecting Server List from WSUS…"$computers | foreach-object {  $WsusServer=$_.FullDomainName #cut off DNS suffix and store shortname $WsusServerShortName=$WsusServer.split(‘.’)[0] $WsusServers += $WsusServer $WsusServersShortNames += $WsusServerShortName } #loop to add servers to groupForEach ($server in $serverlist)  {  #Check if server Netbios name is present in WSUS, if present move to group – if not log an error $WsusComputer=($WsusServersShortNames -eq $server) If ($WsusComputer) {  $WsusComputer=($WsusServers -like "$server*" )  If ($wsuscomputer.count -eq 1) {   Write-Host "$WsusComputer will be added to $($updategroup.name) group"   $computer=$wsus.GetComputerTargetByName($WsusComputer)   $updategroup.AddComputerTarget($computer)   out-file -append -inputobject "$Server added to $($updategroup.name) group" -filepath $succeslog          } Else     {     #there are two servers in WSUS with ambiguous name – this should never happen but in that case an error is logged     write-host "count $($wsuscomputer.count)"     Out-File -append -inputobject "$Server has ambiguous name – check server in WSUS and add to group manually" -filepath $errorlog     }  }Else {  Write-Host "$Server not found in WSUS" out-file -append -inputobject "$Server not found in WSUS" -filepath $errorlog}    }  

Share this:

• Facebook
• X

Like Loading...

Related

3 responses to “WSUS Script to add List of Computers to a Group in WSUS”

1. Hi, thanks for publishing this script 🙂  I have used it and works fine, but I have one tiny problem. I use Rapid Deployment from HP (Altiris)to manage my servers and created a job that exports the servername to the srvlist.txt. The problem is that all servernames are stored in uppercase i Rapid Deployment and the script/WSUS don\’t like that. The logfile says: Machinename not found in WSUS.Is it in some way possible to have the script convert/read the list in lowercase?I have zero knowledge of powershell and would be very thankful for any advice. Thanks,Toby

   Reply

2. Is it possible to have the script just look at the unassigned container and if the computer name start with a certain naming convention then move to an appropriate container?

   Reply

3. This script was quite useful for me last night. I did have some problems running the script under PowerShell 2, and had to update some of the code.

   The “add servers” loop uses some comparison operators to generate boolean matches which do not appear to work as designed. I replaced these with “$object | where-object” clauses instead. I also eliminated (or reduced) the chances of multiple server name matches by using the “-match” (Regular Expression) comparison operator, instead of “-like”, which allows for ambiguity.

   Finally, I added casting to the variables to prevent confusion, and cleaned up the indentation. The updated script can be found here: http://blog.uvm.edu/jgm/2011/05/06/wsus-programatic-access/

   Reply

Leave a comment Cancel reply

Δ

Windows Powered via RSS

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use. To find out more, including how to control cookies, see here: Cookie Policy

• Comment
• Reblog
• Subscribe Subscribed
  • WindowsPowered
  Sign me up
  • Already have a WordPress.com account? Log in now.
• • WindowsPowered
  • Subscribe Subscribed
  • Sign up
  • Log in
  • Copy shortlink
  • Report this content
  • View post in Reader
  • Manage subscriptions
  • Collapse this bar

%d Design a site like this with WordPress.comGet started