Windows Update - Execute Windows Update via PowerShell Install-Module (PS 5.0+ version) - superseded
0 Votes |
Versioning - This is an older version.
1 | Windows Update - Download modules and trigger run via PowerShell | 6/13/2018 2:46:37 PM |
2 | Windows Update - Download modules and run via PowerShell | 6/13/2018 3:00:00 PM |
3 | Windows Update - Execute Windows Update via modules and PowerShell | 6/13/2018 3:09:41 PM |
4 | Windows Update - Execute Windows Update via PowerShell Install-Module (PS 5.0+ version) | 6/18/2018 11:20:04 AM |
5 | Windows Update - Execute Windows Update via PowerShell Install-Module (PS 5.0+ version) | 6/18/2018 12:07:16 PM |
6 | Windows Update - Execute Windows Update via PowerShell Install-Module (PS 5.0+ version) | 4/11/2019 12:43:27 PM |
Description
This install the latest Windows updates.
Tested on Windows 10 v1709 with Powershell 5.1. This version requires PS 5.0+ due to module usage.
- Checks for existing scripting policy LGPO registry item (cannot override GPO)
- If exists, back up and disable existing policy
- Install prerequisite: NuGet 2.8.5.201+
- Install Windows Update PowerShell Module v2.0.0.4 (tested, feel free to drop that requirement)
- Run Windows Update via newly added module
- (Optionally) Uninstall Windows Update PowerShell Module
It will not ask questions, and not provide options - it will simply install everything it is able to install in one round.
This version will NOT install Windows Feature Updates, such as Windows 10 updating version 1709 to version 1803.
By running this task you accept the Microsoft TechNet terms of use.
Module Credit Michal Gajda, source: https://gallery.technet.microsoft.com/scriptcenter/2d191bcd-3308-4edd-9de2-88dff796b0bc/
Property Details
25527 | |
Beta - Preliminary testing ready for more | |
Windows Update - Execute Windows Update via PowerShell Install-Module (PS 5.0+ version) | |
Internal | |
6/13/2018 12:00:00 AM | |
Windows Update Powershell Module MichalGajda | |
True | |
rdshift on 6/18/2018 11:20:04 AM | |
rdshift on 6/18/2018 11:24:20 AM | |
3112 Views / 1 Download | |
* Average over 0 ratings. ** Log In or Register to add your rating. |
Relevance
Used in 3 fixlets | * Results in a true/false |
Used in 3 fixlets | * Results in a true/false |
Actions
Action 1 (default)
// Set Powershell
parameter "PowerShellexe"="{value "Path" of key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell" of x64 registry}"
// Disable script protection
if {exist (value "EnableScripts" of it = "0") of key "HKLM\Software\Policies\Microsoft\Windows\PowerShell" of native registry}
wait cmd /c reg delete "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScripts" /f
wait cmd /c reg add "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScriptsBackup" /t REG_DWORD /d 00000001 /f
endif
// Disable execution policy in scope of current user (system)
waithidden "{parameter "PowerShellexe"}" Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy Unrestricted -Force
// Install PowerShell Modules from PSGallery
waithidden "{parameter "PowerShellexe"}" "Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force"
waithidden "{parameter "PowerShellexe"}" "Install-Module -Name PSWindowsUpdate -RequiredVersion 2.0.0.4 -Force"
waithidden "{parameter "PowerShellexe"}" "Import-Module -Name PSWindowsUpdate -Force"
// Check for and install Windows Updates
waithidden "{parameter "PowerShellexe"}" -ExecutionPolicy Bypass -Command "Get-WindowsUpdate -Install -MicrosoftUpdate -AcceptAll -IgnoreReboot -Confirm:$false"
// Restrict execution policy
waithidden "{parameter "PowerShellexe"}" Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy Restricted -Force
// Re-enable script protection
if {exist (value "EnableScriptsbackup" of it = "1") of key "HKLM\Software\Policies\Microsoft\Windows\PowerShell" of native registry}
wait cmd /c reg delete "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScriptsBackup" /f
wait cmd /c reg add "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScripts" /t REG_DWORD /d 00000000 /f
endif
This action will be considered successful when the applicability relevance evaluates to false.
Action 2
// Set Powershell
parameter "PowerShellexe"="{value "Path" of key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell" of x64 registry}"
// Disable script protection
if {exist (value "EnableScripts" of it = "0") of key "HKLM\Software\Policies\Microsoft\Windows\PowerShell" of native registry}
wait cmd /c reg delete "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScripts" /f
wait cmd /c reg add "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScriptsBackup" /t REG_DWORD /d 00000001 /f
endif
// Disable execution policy in scope of current user (system)
waithidden "{parameter "PowerShellexe"}" Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy Unrestricted -Force
// Install PowerShell Modules from PSGallery
waithidden "{parameter "PowerShellexe"}" "Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force"
waithidden "{parameter "PowerShellexe"}" "Install-Module -Name PSWindowsUpdate -RequiredVersion 2.0.0.4 -Force"
waithidden "{parameter "PowerShellexe"}" "Import-Module -Name PSWindowsUpdate -Force"
// Check for and install Windows Updates
waithidden "{parameter "PowerShellexe"}" -ExecutionPolicy Bypass -Command "Get-WindowsUpdate -Install -MicrosoftUpdate -AcceptAll -AutoReboot -Confirm:$false"
// Restrict execution policy
waithidden "{parameter "PowerShellexe"}" Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy Restricted -Force
// Re-enable script protection
if {exist (value "EnableScriptsbackup" of it = "1") of key "HKLM\Software\Policies\Microsoft\Windows\PowerShell" of native registry}
wait cmd /c reg delete "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScriptsBackup" /f
wait cmd /c reg add "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScripts" /t REG_DWORD /d 00000000 /f
endif
This action will be considered successful when the applicability relevance evaluates to false.
Action 3
// Set Powershell
parameter "PowerShellexe"="{value "Path" of key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell" of x64 registry}"
// Disable script protection
if {exist (value "EnableScripts" of it = "0") of key "HKLM\Software\Policies\Microsoft\Windows\PowerShell" of native registry}
wait cmd /c reg delete "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScripts" /f
wait cmd /c reg add "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScriptsBackup" /t REG_DWORD /d 00000001 /f
endif
// Disable execution policy in scope of current user (system)
waithidden "{parameter "PowerShellexe"}" Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy Unrestricted -Force
// Install PowerShell Modules from PSGallery
waithidden "{parameter "PowerShellexe"}" "Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force"
waithidden "{parameter "PowerShellexe"}" "Install-Module -Name PSWindowsUpdate -RequiredVersion 2.0.0.4 -Force"
waithidden "{parameter "PowerShellexe"}" "Import-Module -Name PSWindowsUpdate -Force"
// Check for and install Windows Updates
waithidden "{parameter "PowerShellexe"}" -ExecutionPolicy Bypass -Command "Get-WindowsUpdate -Install -AcceptAll -AutoReboot -Confirm:$false"
// Restrict execution policy
waithidden "{parameter "PowerShellexe"}" Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy Restricted -Force
// Re-enable script protection
if {exist (value "EnableScriptsbackup" of it = "1") of key "HKLM\Software\Policies\Microsoft\Windows\PowerShell" of native registry}
wait cmd /c reg delete "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScriptsBackup" /f
wait cmd /c reg add "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScripts" /t REG_DWORD /d 00000000 /f
endif
This action will be considered successful when the applicability relevance evaluates to false.
Action 4
// Set Powershell
parameter "PowerShellexe"="{value "Path" of key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell" of x64 registry}"
// Disable script protection
if {exist (value "EnableScripts" of it = "0") of key "HKLM\Software\Policies\Microsoft\Windows\PowerShell" of native registry}
wait cmd /c reg delete "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScripts" /f
wait cmd /c reg add "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScriptsBackup" /t REG_DWORD /d 00000001 /f
endif
// Disable execution policy in scope of current user (system)
waithidden "{parameter "PowerShellexe"}" Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy Unrestricted -Force
// Install PowerShell Modules from PSGallery
waithidden "{parameter "PowerShellexe"}" "Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force"
waithidden "{parameter "PowerShellexe"}" "Install-Module -Name PSWindowsUpdate -RequiredVersion 2.0.0.4 -Force"
waithidden "{parameter "PowerShellexe"}" "Import-Module -Name PSWindowsUpdate -Force"
// Check for and install Windows Updates
waithidden "{parameter "PowerShellexe"}" -ExecutionPolicy Bypass -Command "Get-WindowsUpdate -Install -AcceptAll -IgnoreReboot -Confirm:$false"
// Restrict execution policy
waithidden "{parameter "PowerShellexe"}" Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy Restricted -Force
// Re-enable script protection
if {exist (value "EnableScriptsbackup" of it = "1") of key "HKLM\Software\Policies\Microsoft\Windows\PowerShell" of native registry}
wait cmd /c reg delete "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScriptsBackup" /f
wait cmd /c reg add "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScripts" /t REG_DWORD /d 00000000 /f
endif
This action will be considered successful when the applicability relevance evaluates to false.
Action 5
https://gallery.technet.microsoft.com/scriptcenter/2d191bcd-3308-4edd-9de2-88dff796b0bc/
Action 6
// Set Powershell
parameter "PowerShellexe"="{value "Path" of key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell" of x64 registry}"
// Disable script protection
if {exist (value "EnableScripts" of it = "0") of key "HKLM\Software\Policies\Microsoft\Windows\PowerShell" of native registry}
wait cmd /c reg delete "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScripts" /f
wait cmd /c reg add "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScriptsBackup" /t REG_DWORD /d 00000001 /f
endif
// Disable execution policy in scope of current user (system)
waithidden "{parameter "PowerShellexe"}" Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy Unrestricted -Force
// Install PowerShell Modules from PSGallery
waithidden "{parameter "PowerShellexe"}" -ExecutionPolicy Bypass -Command "Uninstall-Module -Name PSWindowsUpdate -Force"
// Restrict execution policy
waithidden "{parameter "PowerShellexe"}" Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy Restricted -Force
// Re-enable script protection
if {exist (value "EnableScriptsbackup" of it = "1") of key "HKLM\Software\Policies\Microsoft\Windows\PowerShell" of native registry}
wait cmd /c reg delete "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScriptsBackup" /f
wait cmd /c reg add "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScripts" /t REG_DWORD /d 00000000 /f
endif
This action will be considered successful when the applicability relevance evaluates to false.
Sharing
Social Media: |
Comments
|
|
An older version of this task improperly used the singular "key" instead of "keys" in an exists statement, leading to a failure when executing where the key/value did not exist. Unfortunately, we have had this as a policy for quite some time, so all of our workstations had this value. It has since been corrected and retested. |