#Script to add machines to a WSUS group automatically:
#The script needs Admin credentials and the WSUS Administration Console installed on the machine where it runs
#Initialize Variables
$wsusGroup = [string] "ServerGroupC"
$wsusParentGroup = [string] "All Computers"
$date = get-date
$date = [string] $date.day + $date.month + $date.year + $date.hour + $date.minute
$succeslog = [string] ".\logs\" + $date + "_success.log"
$errorlog = [string] ".\logs\" + $date + "_errors.log"
$WindowsUpdateServer= [string] "winupdate.uvm.edu"
$useSecureConnection = [bool] $true
$portNumber = [int] "443"
#Instantiate Objects:
#Required WSUS Assembly – auto installed with WSUS Administration Tools
[void][reflection.assembly]::LoadWithPartialName("Microsoft.UpdateServices.Administration")
if (!$wsus) {
$wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::GetUpdateServer($WindowsUpdateServer,$useSecureConnection,$portNumber)
}
$serverList = Get-Content ".\srvlist.txt"
$updateGroups = $Wsus.GetComputerTargetGroups()
$updateGroup = $UpdateGroups | Where-Object{$_.Name -eq $wsusgroup} | Where-Object{$_.getparenttargetgroup().name -eq $wsusparentgroup}
$computerScope = new-object Microsoft.UpdateServices.Administration.ComputerTargetScope
$computerScope.IncludedInstallationStates = [Microsoft.UpdateServices.Administration.UpdateInstallationStates]::All
$computers = $wsus.GetComputerTargets($computerScope)
$wsusServers = @()
$WsusServersShortNames = @()
#Create arrays:
# $wsusServer = Array of WSUS Computer objects
# $wsusServerShortName = Array strings, with one server RDN per line
Write-Host "Collecting Server List from WSUS…"
$computers | foreach-object {
$wsusServer = $_.FullDomainName
#cut off DNS suffix and store shortname
$wsusServerShortName = $WsusServer.split(‘.’)[0]
$wsusServers += $WsusServer
$wsusServersShortNames += $wsusServerShortName
} #End ForEach $computers
#loop to add servers to group
ForEach ($server in $serverList) {
#Check if server Netbios name is present in WSUS, if present move to group – if not log an error
$wsusComputer = $wsusServersShortNames | Where-Object {$_ -eq $server.Trim()} #Checks for a match in WSUS for the current server in the import list.
If ($wsusComputer) {
$searchStr = [string] $server.Trim() + "\." #String representing a RegEx match for the relative part of the server FQDN
$wsusComputer1 = $wsusServers | where-object {$_ -match $searchStr } #Get a WSUS computer object representing the current server in the import list.
If ($wsusComputer1.getType().Name -match "string") { #Current $wsusComptuer1 must be a [string] object, or next step will fail.
Write-Host "$wsusComputer1 will be added to $($updateGroup.name) group"
$computer = $wsus.GetComputerTargetByName($wsusComputer1)
$updateGroup.AddComputerTarget($computer)
out-file -append -inputobject "$Server added to $($updategroup.name) group" -filepath $succeslog
}
Else {
#More than one server was matched in WSUS – this will happen if your regEx is not properly formed.
write-host "count $($wsusComputer1.count)"
Out-File -append -inputobject "$werver has ambiguous name – check server in WSUS and add to group manually" -filepath $errorlog
}
} #End If $wsusComputer
Else {
Write-Host "$Server not found in WSUS"
out-file -append -inputobject "$Server not found in WSUS" -filepath $errorlog
}
}
#End ForEach $server
No comments:
Post a Comment