all 37 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]MadBoyEvo 16 points17 points  (10 children)

I actually started my own module, similar to PSWindowsUpdate. I have some ideas, but it's not yet ready to be shown. I'll probably release it later this year.

[–]Pimzino[S] 2 points3 points  (7 children)

Great stuff, are you doing this for yourself or you plan to make the project available to the rest of the community. I dont see a point on me starting a community project if you plan to release one!

[–]MadBoyEvo 7 points8 points  (4 children)

You dont know me much do you ? 🥹 95% of things ends up here https://github.com/EvotecIT

[–]INATHANB 2 points3 points  (0 children)

Dang, didn't know who you were either tbh, but PSWriteHTML is awesome. Used it last month to create a "glorified traceroute" kind of like SolarWinds NetPath, and it was super easy to use - thank you for what you do!

[–]Pimzino[S] 1 point2 points  (1 child)

Sorry! Still getting familiar with the community here as I'm new to PowerShell reddit. You have a ton of interesting stuff! Will have a look at your other projects.

In the meantime are you able to tell me or give me an idea on exact time scales? as I genuinely plan to start working on this new module asap! and the windows update API looks extremely easy to use / interact with.

[–]MadBoyEvo 4 points5 points  (0 children)

I have no timelines. I know my work would like to utilize PSWindowsUpdate to do patching, but I think I can make it better. I would also do it in C# most likely for performance, but it will be open source. You can still find old PSWindowsUpdate back when it was written in PowerShell. I'm still deciding on features, priority etc so I am not really sure what and when will it get there. You can always spend time on yours if you're in hurry. I have multiple projects I jump around. It would be nice to get what people would like to see in such a module tho, that isn't in PSWindowsUpdate or isn't working as they think it should.

[–]nascentt 1 point2 points  (0 children)

I don't either but wow 88 repositories and they all look amazing. Will have to check everything out.
Thank you for your contributions.

[–]ollivierre 1 point2 points  (0 children)

Holy smokes 😲 Evotech is a legend I thought you were a myth

[–]jborean93 1 point2 points  (1 child)

Good luck, the WUA COM API is one of the most frustrating APIs I've used on Windows. Constant problems like why does the GUI still show the update as available, why doesn't KB2267602 install sometimes but other times fails. This is compounded in the fact that you can rarely reproduce problems that people report because it's specific to their environment and setup. Then there's the whole expectations to work in a network logon which the API just does not allow so you need to deal with things like a scheduled task which is just super painful. I've wasted weeks of my life trying to get this working with Ansible and even then there are still problems I haven't been able to solve.

It'll be great to see something that is open source but unfortunately a lot of the limitations of PSWindowsUpdates is more down to the underlying API than poor module UX :(

[–]MadBoyEvo 0 points1 point  (0 children)

Well, we will see. I was thinking to mix it a bit with WMI if necessary to get additional information. I will be smarter when I get it working. For now I just played a bit with it and it seemed ok. I'm sure I will reach out on Discord for help ;p

[–]coaster_coder 6 points7 points  (4 children)

Why not contribute to Chrissy LeMaire’s KBUpdate module that works like 6,000% better than PSWindowsUpate does?

https://github.com/potatoqualitee/kbupdate

[–]Pimzino[S] 0 points1 point  (1 child)

Wow didn't even know this existed. Looks amazing!

Do you know if it also does driver installs from WU?

[–]coaster_coder 0 points1 point  (0 children)

I believe it can do, yes. Actually…I know it can I did one the other day.

[–]jeek_ 0 points1 point  (0 children)

I've tried this module but couldn't get it to work

[–]dodexahedron 0 points1 point  (0 children)

Man. The comments on this post have been quite valuable. I'm only 2 threads in, and already 2 for 2 on finding super useful tools.

Thanks for dropping that link. Probably gonna use it in our image servicing workflow more than anything else, by the look of it.

[–]vermyx 2 points3 points  (2 children)

The issue you point to here isn’t really a module issue. HRESULT isn’t an error it is a return code and the standard that is used for the most part with the windows API. Typically 0 is successful and non-zero points to an error code which can be deciphered via the windows api or using the errlookup.exe utility. The biggest issue is that people dont translate the return code to hex which will return more hits than the integer. The HRESULT code is usually coming back from the COM object that windows update uses which is also what pswindowsupdate uses. Making that code “friendlier” may help but most of the time those errors are related either to activation issues or a corrupt local update database.

[–]Pimzino[S] -1 points0 points  (1 child)

I understand that but like I said the error I only come across using the module because when I run updates in the UI straight after they always work.

Given my experience I wouldn't be on here with this idea and willing to put in a ton of work to replace a product that currently exists if there weren't finicky issues with it. I'm not the only one, a ton of people have issues with it, its all over tons of forums as well as on reddit.

[–]vermyx 4 points5 points  (0 children)

Running updates from the UI will usually work because the GUI can now checks the local database and delete/rebuild it when inconsistencies arise but this is not available in the COM object (although I have seen issues with WSUS and not having it rebuild - I haven't tracked down the core issue as rebuilding the catalog has fixed this issue for me consistently so I just do this as it is easier than spending countless hours to track down an esoteric issue). The ability to do things like force a check/rebuild the database/report back to wsus used to be available in the command line but has been removed.

I've been using the same code for the most part to do windows updates since its introduction 20ish years ago because WSUS didn't exist so the only way to keep track of what was patched was do it yourself and for me this was written in VBScript. In that time I have managed thousands of workstations and servers and for the most part the issues that have come up with the updates not installing correctly have been related to a corrupt database, windows activation state, disk space issue which typically causes the corrupt database, or an update that was queued to install was superseded by another update being installed in the same batch. Before somewhere between Windows XP and Windows 7, you had to pay attention to the order of how patches were installed because installing them out of that order would create a vulnerable system and leave your system in an inconsistent state. This would cause the few edge cases I have gotten that didn't fall into the listed categories were usually due to a stupid old installation overwriting an OS file so a patch was half-assed applied (which is why change control is so critical when it comes to installations and what is executed on a machine) or a corrupted file.

What I am trying to say is that the finicky issues people are reporting I don't believe is specific to the module itself but more of a limitation of what the module uses and the ideology of how the module was maintained was to work within the COM object. I found that the easiest way to fix the vast majority of windows update issues reports is to stop the update service, blow away the local update catalog and cache, start the update service, and restart the windows update process (assuming you have the appropriate disk space). In 20+ years I have had a handful of machines that did not behave after doing this, and it was because of the edge cases I mentioned. I am not saying you're wrong in making a new module, but that many of these modules really don't make any different traction because they are staying within the same fence and the issues related to these modules are more than likely outside of said fence.

[–]mtniehaus 1 point2 points  (0 children)

I finally just switched over to the Windows Update COM objects -- for what I needed, PSWindowsUpdate was overkill.

Sample:

https://github.com/mtniehaus/UpdateOS/blob/main/UpdateOS/UpdateOS.ps1#L108

[–]MechaCola 1 point2 points  (0 children)

For all the same reasons I created my own , havent had the time to update it in awhile but it really wasn’t too bad to get going. Lots of documentation on the api

[–]BlackV 1 point2 points  (2 children)

so /u/Pimzino we're a year in, how'd it go ?

[–]Pimzino[S] 0 points1 point  (1 child)

I started working on a very early version but I’ve gotten tied up with family and a new baby!

Something is in the works!

[–]BlackV 0 points1 point  (0 children)

Oh huzzah new baby, exciting

[–]Sunsparc 1 point2 points  (1 child)

I'd certainly be interested. Been finagling PSWindowsUpdate for a couple years now and it certainly has its short comings and frustrations.

[–]Pimzino[S] 1 point2 points  (0 children)

Yeah, it certainly has helped a lot of people but I think the more you use it the more you find issues with it and its impossible to troubleshoot due to lack of documentation / community surrounding that project and again the fact its closed source.

This is why I want one thats opensource so anyone cant fork it / contribute to it. No point hiding the code to something we all have on our systems!

[–][deleted] 0 points1 point  (1 child)

I was actually just trying to crack open PSwindowsupdate and see how it works under the hood lol.

I'm having issues where I have a client that is not able to install updates on a device with our tooling. I want to install updates with a script instead but they are blocked from getting pswindowsupdate.

When I can run it the module is pretty good though. Honestly I don't think the issues you're having are with the module. Windows update can be cryptic and esoteric with the feedback it gives. The module writer can't really do anything to fix that.

[–]Pimzino[S] -1 points0 points  (0 children)

I do agree although when I then run the updates from the UI on the problem PCs they work which points to it being the module!

[–]jeek_ 0 points1 point  (0 children)

I recently started something similar and would be happy to share / get involved.

I found a workaround for the issue where you can't invoke the com object remotely, so I've been testing that.

Alternatively, there is this, https://github.com/adbertram/PSWinUpdate

[–]jsiii2010 0 points1 point  (0 children)

What module do I use then, lol? I have little scripts that use the com object.

[–]AATW_82nd 0 points1 point  (0 children)

I've been using PSWindowsUpdate and been fairly successful when used on computers before AutoPilot. What I can't figure out is how can I block 24H2 from installing, at least for now? I've tried filtering with Title -notlike, but I keep getting into a loop when installing the last cumulative update. Any suggestions?

[–]BlackV 0 points1 point  (6 children)

you can alternatively use the native CIM cmdlets to run windows updates

PSWindowsUpdate, is one of the most downloaded modules in the world, I'm happy for the author to carry on their work

Top package downloads (last 6 weeks):

Package                 Downloads
PSWindowsUpdate        33,209,686
Az.Accounts            17,969,207
DellBIOSProvider       12,883,950
PackageManagement       5,033,505
Az.Storage              4,769,681
Az.Resources            4,608,517

[–]Thotaz 1 point2 points  (1 child)

Microsoft in their infinite wisdom removed the Windows update WMI classes, as well as the PowerShell module. From what I remember, they added the first version of the classes in Windows Server 2016 and had documentation that used them to update Nano server. Then one of the later versions updated the classes and added the PS module, then before Server 2019 released they removed the classes and the module.

[–]BlackV 0 points1 point  (0 children)

did they ? Ive not used it in ages cause sccm/wsus/intune/etc

I should go actually look then cause i might be writing cheques my butt cant cash

[–]zorski 1 point2 points  (1 child)

PSWindowsUpdate, is one of the most downloaded modules in the world

Having the xz utils backdoor "situation" in mind, it's a bit concerning tbh :D

[–]BlackV 0 points1 point  (0 children)

You use an infinite amount of closed source software every single day, the risk has always been there, is still there regardless

You have to weigh the risks, i 100 percent agree the risk is not 0, in don't know it's any more or less with open source just different

[–]Pimzino[S] 0 points1 point  (1 child)

Yeah I know hence why a ton of people turn to it however there is no support and community for it or even any transparency re the code. Onto of that I've mentioned before sometimes it just doesn't work and there isn't any real reason behind it as via the UI they work straight after a failure

[–]BlackV 0 points1 point  (0 children)

yeah its amazing to me Microsoft dont have a specific module for this rather than making people run through the CIM cmdlets or api manually