User Tools

Site Tools


userspace:windows_updates

This is an old revision of the document!


WSUS Updates

Mit diesem Script wird bei jedem Start per always.ins (wahlweise auch nur einmalig oder bei der Neuinstallation per setup.ins) der interne WSUS Server nach neuen Updates gefragt. So kann ein Client schon bei der Installation durchgepatcht werden. Evtl funktioniert das script auch ohne WSUS. Habe ich allerdings nicht getestet. Als Betriebssystem habe ich Windows XP SP3 verwendet.

  • Tested with opsi 4.0.2
  • Tested with Winst Version 4.11.2.5
  • Tested with Windows XP SP3

By — Scorcher 2012/10/04 14:05

always.ins

always.ins
[Initial]
setLogLevel=9
;  Log Errors in Logfile but don't abort:
ExitOnError=false
; Show syntax errors in the script:
ScriptErrorMessages=on
; Dont trace step by step through the script:
TraceMode=off
; let started programs run in front of the winst window
StayOnTop=false
 
 
[Actions]
requiredWinstVersion >= "4.10.8.6"
 
DefVar $ProductId$
DefVar $Version$
DefVar $LogDir$
DefVar $Inst_Cmd32$
DefVar $Inst_Prg$
DefVar $MinimumSpace$
DefVar $INST_architecture$
DefVar $INST_SystemType$
DefVar $LicenseRequired$
DefVar $LicensePool$
DefVar $Uninst_Prg$
 
Set $INST_SystemType$ = GetSystemType
set $INST_architecture$ = GetProductProperty("install_architecture","system specific")
Set $LogDir$ = "%SystemDrive%\tmp"
 
; ----------------------------------------------------------------
; - Please edit the following values                             -
; ----------------------------------------------------------------
;$ProductId$ should be the name of the product in opsi
; therefore please: only lower letters, no umlauts,
; no white space use '-' as a seperator
Set $ProductId$       = "Windows Updates - WSUS"
Set $Version$         = "1.0"
Set $MinimumSpace$    = "500 MB"
Set $LicenseRequired$ = "false"
Set $LicensePool$     = "p_" + $ProductId$
Set $Inst_Prg$        = "script.cmd"
Set $Uninst_Prg$      = ""
Set $Inst_Cmd32$      = ""
 
; ----------------------------------------------------------------
 
if not(HasMinimumSpace ("%SystemDrive%", $MinimumSpace$))
        LogError "Not enough space on %SystemDrive%, " + $MinimumSpace$ + " on drive %SystemDrive% needed for " + $ProductId$
        isFatalError
        ; Stop process and set installation status to failed
else
        comment "Show product picture"
        ShowBitmap "%ScriptPath%\" + $ProductId$ + ".png" $ProductId$
 
		if $LicenseRequired$ = "true"
                comment "Licensing required, reserve license and get license key"
                Sub_get_licensekey
        endif
 
        comment "installing"
 
        if (($INST_SystemType$ = "x86 System") and ($INST_architecture$ = "system specific")) or ($INST_architecture$ = "both") or ($INST_architecture$ = "32 only")
                Message "Installing " + "Windows Updates" + " - This may take a lot of time..."
                comment "Start setup program. This may take a lot of time ..."
                Winbatch_install_32
        endif
 
endif
 
[Winbatch_install_32]
%ScriptPath%\$Inst_Prg$
 
ExitWindows /Reboot

Start einer Command auf dem Zielsystem (damit der Befehl in einer cmd ausgeführt wird und der Nutzer auch sieht was an seinem PC passiert ;) )

script.cmd

script.cmd
cscript.exe P:\95_wsusupdates\wsus_updates.vbs

Über die script.cmd wird die Datei wsus_updates.vbs aufgerufen

wsus_updates.vbs

wsus_updates.vbs
Set updateSession = CreateObject("Microsoft.Update.Session")
Set updateSearcher = updateSession.CreateupdateSearcher()
 
WScript.Echo "Searching for updates..." & vbCRLF
 
Set searchResult = _
updateSearcher.Search("IsInstalled=0 and Type='Software'")
 
 
WScript.Echo "List of applicable items on the machine:"
 
For I = 0 To searchResult.Updates.Count-1
    Set update = searchResult.Updates.Item(I)
    WScript.Echo I + 1 & "> " & update.Title
Next
 
If searchResult.Updates.Count = 0 Then
	WScript.Echo "There are no applicable updates."
	WScript.Quit
Else
	Set WSHShell = WScript.CreateObject("WScript.Shell")
	WScript.Echo "STOP SAV..." & vbCRLF
	WshShell.Run "net stop SAVService", TRUE
	WScript.Sleep 10000
 
End If
 
 
WScript.Echo vbCRLF & "Creating collection of updates to download:"
 
Set updatesToDownload = CreateObject("Microsoft.Update.UpdateColl")
 
For I = 0 to searchResult.Updates.Count-1
    Set update = searchResult.Updates.Item(I)
    WScript.Echo I + 1 & "> adding: " & update.Title 
    updatesToDownload.Add(update)
Next
 
WScript.Echo vbCRLF & "Downloading updates..."
 
Set downloader = updateSession.CreateUpdateDownloader() 
downloader.Updates = updatesToDownload
downloader.Download()
 
WScript.Echo  vbCRLF & "List of downloaded updates:"
 
For I = 0 To searchResult.Updates.Count-1
    Set update = searchResult.Updates.Item(I)
    If update.IsDownloaded Then
       WScript.Echo I + 1 & "> " & update.Title 
    End If
Next
 
Set updatesToInstall = CreateObject("Microsoft.Update.UpdateColl")
 
WScript.Echo  vbCRLF & _
"Creating collection of downloaded updates to install:" 
 
For I = 0 To searchResult.Updates.Count-1
    set update = searchResult.Updates.Item(I)
    If update.IsDownloaded = true Then
       WScript.Echo I + 1 & "> adding:  " & update.Title 
       updatesToInstall.Add(update)	
    End If
Next
 
	WScript.Echo "Installing updates..."
	Set installer = updateSession.CreateUpdateInstaller()
	installer.Updates = updatesToInstall
	Set installationResult = installer.Install()
 
	'Output results of install
	WScript.Echo "Installation Result: " & _
	installationResult.ResultCode 
	WScript.Echo "Reboot Required: " & _ 
	installationResult.RebootRequired & vbCRLF 
	WScript.Echo "Listing of updates installed " & _
	 "and individual installation results:" 
 
	For I = 0 to updatesToInstall.Count - 1
		WScript.Echo I + 1 & "> " & _
		updatesToInstall.Item(i).Title & _
		": " & installationResult.GetUpdateResult(i).ResultCode 		
	Next
 
If installationResult.RebootRequired = true Then
	WScript.Echo "" & vbCRLF
	WScript.Echo "System reboot now" & vbCRLF
	Set WSHShell = WScript.CreateObject("WScript.Shell")
	WshShell.Run "wuauclt /reportnow"
	WScript.Sleep 10000
	WshShell.Run "C:\WINDOWS\system32\shutdown.exe -r -t 10"
Else 
	WScript.Echo "" & vbCRLF
	WScript.Echo "No reboot needed" & vbCRLF
	Set WSHShell = WScript.CreateObject("WScript.Shell")
	WScript.Echo "START SAV" & vbCRLF
	WshShell.Run "net start SAVService", TRUE
	WshShell.Run "wuauclt /reportnow", TRUE
End If

Den Code für die wsus_updates.vbs habe ich aus dem Internet zusammengesucht. Bei der Installation wird zusätzlich (zur besseren Performance) der Symantec Antivirus Dienst angehalten. Bei mir funktioniert das so sehr gut.

Verbesserungsvorschläge und Optimierungen sind jederzeit willkommen.

Windows Updates (Alternative)

Ich habe eine weitere Variante entwickelt um Updates automatisiert nach der OS Installation auf den Client zu bringen. Mein Script basiert auf dem Programm WUInstall (http://wuinstall.com/) getestet und entwickelt habe ich das Script mit der Pro Version - ich denke es wird auch mit der Free Version funktionieren.

Update: The option /use_wsus is only available in WuInstallPRO!

Das Script startet WUInstall welches ALLE Updates vom WSUS installiert alternativ auch aus dem Internet. Anschließend überprüft das Script ob weitere Updates ausstehen und startet den Rechner bei Bedarf neu um anschließend erneut Updates nach Updates zu suchen.

Das Script ist getestet auf Windows 7 x64 und x86 sollte aber auch auf Windows XP funktionieren wenn dort die Powershell installiert ist!

[ACTIONS]
DefVar $Flag$
DefVar $WinstRegKey$
DefVar $RebootRegVar$
DefStringList $counterString$
DefVar $CounterVar$
DefVar $trim$
DefVar $INST_SystemType$ 
 
Set $INST_SystemType$ = GetSystemType
 
 
 
;--------------------------------------------------------------------------------
; InstallUpdates
;--------------------------------------------------------------------------------
if ($INST_SystemType$ = "64 Bit System")
	DOSBatch_install_updates_x64
else
	DOSBatch_install_updates_x86
endif
 
;--------------------------------------------------------------------------------
; Check & Reboot
;--------------------------------------------------------------------------------
winbatch_psactivate
set $counterString$ = getOutStreamFromSection('execWith_powershell "Powershell"')
 
set $CounterVar$ = takeString(0,$CounterString$)
set $trim$ = trim($CounterVar$)
 
 
if $trim$ =  "0"
	comment "Keine Updates Verfügbar"
	ExitWindows /Reboot
 
else
	ExitWindows /ImmediateReboot
	comment weitere Updates verfügbar reboot wurde initialisiert !
 
endif
 
 
 
 
[DOSBatch_install_updates_x64]
%scriptpath%/WUInstallX64.exe /install /use_wsus http://yourwsus.de /logfile_append c:/tmp/wuinstall.log 
 
 
[DOSBatch_install_updates_x86]
%scriptpath%/WUInstallX86.exe /install /use_wsus http://yourwsus.de /logfile_append c:/tmp/wuinstall.log 
 
[winbatch_psactivate]
powershell Set-ExecutionPolicy RemoteSigned
 
 
 
[execWith_powershell]
$Session= New-Object -ComObject Microsoft.Update.Session
$Searcher = $Session.CreateUpdateSearcher()
$list = $Searcher.Search('IsInstalled = 0 and IsHidden = 0')
write-host $list.updates.count
userspace/windows_updates.1360615436.txt.gz · Last modified: 2021/08/23 08:37 (external edit)