Powershell; Network Share MSU Deployments via GPO

时间:2015-05-04 19:45:09

标签: windows powershell gpo

Recently, my company had an issue with our SCCM deployments due to the WMI repository became corrupt and we've found a KB article to resolve this issue, but we need to deploy it to 700+ systems that are already in the field. We've decided that the best solution is to deploy the KB article via GPO Powershell. I've tweaked some of the code below, but when the GPO runs it doesn't do anything. When we run it stand alone, it prompts a wusa error giving the options to use wusa and fails.

Can someone poke through the code and see what I'm missing that causing the failure?

I'm certainly open to suggestions that could clean the code up as well.

Variables

$path - directy script was run from. \systemname\Sources\Software\WMI HotFix\

$msu - current windows udpate

$update - array of file name spilt by '-'

$kbart - current update KB name

$Hotfix - result returned during installed check

$command - command to install update

$parameters - command plus the parameters to the install command '\quiet \norestart'

$install - process to start installation

$OS - Current OS version

$folder - current folder of under path that contains the udpates.

kb2617858\win7\x64

kb2617858\win7\x86

Set-ExecutionPolicy RemoteSigned

function Install-MSU($path)
{    

# spilt file name to get KB artical number
$update = $msu.Name -Split'-'
$kbart = $update[1]

# check if update is already installed
$HotFix = Get-HotFix -id $kbart -ea 0

# run if update is not installed
if($HotFix -eq $null)
    {
    Write-Host "Installing $kbart"
    $command = "`"" + "$path\$msu" + "`""
    $parameters = $command + " \quiet \norestart"
    $install = [System.Diagnostics.Process]::Start( "wusa",$parameters )
    $install.WaitForExit()
    }

# run if update is installed
else
    {
    Write-Host "Update $kbart installed"
    }
}
} 
# set $path to network share directory location
$path = "\\systemname\Sources\Software\HotFixes"

# set $OS to current OS
$OS = gwmi -query "select Caption, OSArchitecture from win32_OperatingSystem"

# Win7 x86 or x64
if($OS.Caption -match 'Windows 7')
{
if($OS.OSArchitecture -match '64-bit')
{
$folder = 'kb2617858\win7\x64'
$path = "$path\$folder"
Install-MSU($path)
}
else
{
$folder = "kb2617858\win7\x86"
$path = "$path\$folder"
Install-MSU($path)
}
}
else
{

}

Thank you in advance!!

2 个答案:

答案 0 :(得分:0)

Set-ExecutionPolicy RemoteSigned

function Install-MSU($path) {
    # spilt file name to get KB artical number
    $update = $msu.Name -Split'-'
    $kbart = $update[1]

    # check if update is already installed
    $HotFix = Get-HotFix -id $kbart -ea 0

    # run if update is not installed
    if($HotFix -eq $null){
        Write-Host "Installing $kbart"
        $command = "`"" + "$path\$msu" + "`""
        $parameters = $command + " \quiet \norestart"
        $install = [System.Diagnostics.Process]::Start( "wusa",$parameters )
        $install.WaitForExit()
    } else {
    # run if update is installed
        Write-Host "Update $kbart installed"
    }
}

# set $path to network share directory location
$path = "\\systemname\Sources\Software\HotFixes"

# set $OS to current OS
$OS = gwmi -query "select Caption, OSArchitecture from win32_OperatingSystem"

# Win7 x86 or x64
if($OS.Caption -match 'Windows 7'){
    if($OS.OSArchitecture -match '64-bit'){
        $folder = 'kb2617858\win7\x64'
        $path = "$path\$folder"
        Install-MSU($path)
    } else {
        $folder = "kb2617858\win7\x86"
        $path = "$path\$folder"
        Install-MSU($path)
    }
}

答案 1 :(得分:0)

我已经解决了自己的问题。当参数应该是/ quiet和/ norestart时,我没有注意到我正在使用\ quiet和\ norestart。

如果将来有人需要它,下面是最终脚本。

变量

$ path - 直接运行脚本。 \\ systemname \ Sources \ Software \ WMI HotFix \

$ msu - 当前windows udpate

$ update - 由' - '

溢出的文件名数组

$ kbart - 当前更新KB名称

$ Hotfix - 安装检查期间返回的结果

$ command - 安装更新的命令

$ parameters - 命令加上安装命令的参数' \ quiet \ norestart'

$ install - 开始安装的过程

$ OS - 当前操作系统版本

$ folder - 包含udpates的路径下的当前文件夹。

kb2617858 \ WIN7 \ 64

kb2617858 \ WIN7 \ X86 

Set-ExecutionPolicy RemoteSigned

function Install-MSU($path)
{    

# get updates in folders
$msus = ls -Path $path *.msu -Recurse

# loop through updates
foreach ($msu in $msus)
{

# spilt file name to get KB artical number
$update = $msu.Name -Split'-'
$kbart = $update[1]

# check if update is already installed
$HotFix = Get-HotFix -id $kbart -ea 0

# run if update is not installed
if($HotFix -eq $null)
    {
    Write-Host "Installing $kbart"
    $command = "`"" + "$path\$msu" + "`""
    $parameters = $command + " /quiet /norestart"
    $install = [System.Diagnostics.Process]::Start( "wusa",$parameters )
    $install.WaitForExit()
    }

# run if update is installed
else
    {
    Write-Host "Update $kbart installed"
    }
    }
}

# set $path to network share directory location
$path = "\\servername\Sources\Software\HotFixes"

# set $OS to current OS
$OS = gwmi -query "select Caption, OSArchitecture from win32_OperatingSystem"

 # if OS is windows 7
if($OS.Caption -match 'Windows 7')
{
if($OS.OSArchitecture -match '64-bit')
{
$folder = 'kb2617858\win7\x64'
$path = "$path\$folder"
Install-MSU($path)
}
else
{
$folder = "kb2617858\win7\x86"
$path = "$path\$folder"
Install-MSU($path)
}
}
else
{

}
相关问题
最新问题