A powershell script to run Windows Updates on all Windows Servers in Active Directory
Part 1: Build a list of all Windows Servers in Active Directory
#
# Get all Windows Servers (Windows Server version 2016/2019/2022)
#
$Computers = Get-ADComputer -Properties * -Filter { OperatingSystem -like "*Windows Server*" } |
Where-Object { $_.Enabled -eq $true -and $_.OperatingSystemVersion -like "10*"} | Select-Object Name, DNSHostName, OperatingSystem, OperatingSystemVersion | Sort-Object Name
Part 2: Install PSWindowsUpdate on all Windows Servers in Active Directory
#
# Install PSWindowsUpdate
#
Invoke-Command ($Computers) {
If ($null -eq (Get-Module -Name PSWindowsUpdate -ListAvailable) ) {
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
Install-Module PSWindowsUpdate -Force
Import-Module PSWindowsUpdate
}
}
Part 3:
Push the updates (Reboot after install)
#
# Push the updates (Autoreboot)
#
Invoke-WuJob -ComputerName $Computers -Script { import-module PSWindowsUpdate; Install-WindowsUpdate -AcceptAll -AutoReboot | Out-File "C:\temp\PSWindowsUpdate.log"} -RunNow -Confirm:$false -Verbose -ErrorAction Ignore
Push the updates (Reboot later)
#
# Push the updates (Do not reboot after install)
#
# Invoke-WuJob -ComputerName $Computers -Script { import-module PSWindowsUpdate; Install-WindowsUpdate -AcceptAll -IgnoreReboot | Out-File "C:\temp\PSWindowsUpdate.log"} -RunNow -Confirm:$false -Verbose -ErrorAction Ignore