PowerShell script to approve WSUS updates

Here is a short script that is very useful to approve missing updates for a specific server:


$updateServer = “WSUS.server.IP.address“

$machineName = Read-Host “enter DNS name of the computer you wish to approve updates for“

$wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::getUpdateServer($updateServer,$false)

$updateScope = new-object Microsoft.UpdateServices.Administration.UpdateScope

$updateScope.includedInstallationStates = “NotInstalled“

$com = $wsus.GetComputerTargetByName($machineName)

$groupname =  Read-Host “Enter target WSUS group name”
$Target = $wsus.GetComputerTargetGroups() | where {$_.Name -eq $groupname}

$action = [Microsoft.UpdateServices.Administration.UpdateApprovalAction]::Install

$updates = $com.GetUpdateInstallationInfoPerUpdate($updateScope)
$updates | foreach-object {$uid = $_.UpdateId; $u = $wsus.GetUpdate($uid); $u.Title; $u.Approve($action,$target);}

Leave a Reply

Your email address will not be published. Required fields are marked *

eighteen − seven =

This site uses Akismet to reduce spam. Learn how your comment data is processed.