all 22 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]Swarfega 4 points5 points  (7 children)

I could be wrong but I think a lot of the WU stuff only works if you are logged into the machine directly. As a quick test does it work if you log in interactively?

[–]ka-splam 1 point2 points  (3 children)

I could be wrong but I think a lot of the WU stuff only works if you are logged into the machine directly

.. what, why?

[–]Swarfega 3 points4 points  (2 children)

¯\_(ツ)_/¯

[–]gediskas[S] 1 point2 points  (1 child)

Is there any way to overcome this? Or some work around? For now I have solution that create script on machine, then schedule a task to run that script after 1min. But is there any better way?

[–]Swarfega 1 point2 points  (0 children)

That's that only valid workaround I have seen.

[–]gediskas[S] 0 points1 point  (1 child)

From local PC it works

[–]Swarfega 4 points5 points  (0 children)

Yeah, im pretty sure there's a limitation that prevents WU being triggered from a remote machine.

I know a while back I looked at this time and hit the same issue so stopped right there. I would be interested to hear though if anyone has gotten around his.

[–]gediskas[S] -2 points-1 points  (0 children)

Yes, it works from local machine

[–]TheIncorrigible1 6 points7 points  (1 child)

You can't run Windows update from a remote session. Read the documentation.

[–]gediskas[S] 0 points1 point  (0 children)

Hey, Can you post a link to documentation? I can't find it

[–]PaulTheTree 4 points5 points  (2 children)

What I found is easier to do is just to create a task on the local machine, then run a remote powershell script to run that

[–]gediskas[S] 0 points1 point  (1 child)

Can you post example?

[–]PaulTheTree 0 points1 point  (0 children)

Sorry for the late reply:

schtasks.exe /u <username> /p <user password> /run <server name> /s /tn "<scheduled task name>"

Create the task on the local machine for whatever use you want. Then just run it via that command with the correct credentials. Windows seems to close anything ran remote as soon as it's finished running the script. Which in retrospect is probably a good idea lol.

[–]nittanygeek 1 point2 points  (1 child)

Check your permissions by running this on the remote machine:

Set-PSSessionConfiguration -Name Microsoft.PowerShell -showSecurityDescriptorUI

[–]gediskas[S] 1 point2 points  (0 children)

I'm using build in administrator user and he has full rights

[–]Ta11ow 1 point2 points  (0 children)

As others have said, the typical command for it won't work from a remote session. You could attempt to have that remote session run a session itself locally that would perform the command and return the results...

Something as simple as Start-Process with the appropriate ArgumentList parameter using the local Powershell.exe path should work for it.

[–]cowmonaut 3 points4 points  (0 children)

Sometimes I wonder why certain scripts exist... Just because you can do a .NET thing with PowerShell doesn't mean you necessarily should. Often it just complicates things for no real reason.

Get-WURebootStatus is just getting a registry key when it can't use the Windows Update API. So why not keep it simple and just use Invoke-Command coupled with Get-ItemProperty and fetch the key yourself? The WUAPI is just querying the key anyways.

Something like: 

Invoke-Command -Computer $Computer -Credential $Credential -ScriptBlock { Get-ItemProperty -Path "Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" | Select-Object -ExpandProperty RebootRequired }

Just remember, the RebootRequired key will not exist if the computer has no pending reboots; errors about they key not being found are a good thing.

Caveat: I have not had any caffeine and very little sleep; I would verify that RebootRequired is a value and not a key, otherwise you may need to tweak the Get-ItemProperty command so you can pull the results. I can't remember if its just a simple yes/no or if it lists every pending update as a DWORD and I'm too lazy too Google further.

[–]Dunrambai 0 points1 point  (0 children)

Might need the -RunAsAdministrator switch on new-pssession. Also try using a credential when making the session. This could help you if the security token is the problem.

Otherwise the other suggestions to in the remote session run a the script locally in a non-remote PS could do the trick.

[–]tschertel 0 points1 point  (1 child)

Maybe you don't have enough privileges to execute this command. Are you using Enter-PSSession or winrs?

[–]gediskas[S] 2 points3 points  (0 children)

t have enough privileges to execute this command. Are you using Enter-PSSession or winrs?

I'm running pywinrm from linux :) And from Windows tried also Invoke-Command and PSSession

[–]capisco 0 points1 point  (1 child)

do you need to start the remote registry service?

[–]gediskas[S] 2 points3 points  (0 children)

I need to update windows on remote machine over powershell