Continuing from my last blog entry on checking for pending updates on the SCCM client, I will now show how you can use this information to determine if an installation is already occurring and performing an installation if nothing is happening. While I will not completely re-hash the process for gathering all of the updates, I will do a little refresher on a couple of things.
First off, we need to create that same Com object as before:
#Create the Update Object $SCCMUpdate = New-Object -ComObject UDA.CCMUpdatesDeployment
The most important part of determining if there is an installation attempt occurring is making sure that we have a reference configured in a variable, in this case, I am using $Progress. If we receive anything other than a 0, then any attempts at an installation will fail.
<#Create the reference variable for progrss. This is important because if the value of $progress is anything but a 0, then we cannot proceed with the rest of the installation #> [ref]$progress = $Null
Now we go through the same process of enumerating all of the updates pending on the SCCM client
#Begin enumerating through the updates: Install = 2, ShowHidden = 1, reference to progress for the overload values $updates = $SCCMUpdate.EnumerateUpdates(2, 1, $Progress)
Note where I used the $Progress variable for the reference to store the progress data. Let’s take a look at the progress to see where it is at.
Luckily for us, it is a 0, meaning that we can proceed with the installation attempt of the updates. Here is a table showing the other possible values and their meanings.
|
0 |
UPDATE_PROGRESS_NONE |
|
1 |
UPDATE_PROGRESS_OPTIONAL_INSTALL |
|
2 |
UPDATE_PROGRESS_MANDATORY_INSTALL |
Next, it is time to see if we actually have any updates that need to be installed.
#Find out how many updates are available for installation $UpdateCount = $updates.GetCount()
Perfect, we have some updates to work with!
For this, I will be using the InstallUpdates() method from the UDA.CCMUpdatesDeployment object we created. But before we can attempt that, we need to create a collection of the UpdateIDs, which are required by the InstallUpdates method.
[string[]]$UpdateIDs = For ($i=0;$i -lt $UpdateCount;$i++) {
$updates.GetUpdate($i).GetID()
}
As you can see, we have the UpdateIds as a collection. Of course, this is not human readable by any means. Fortunately, I have a function that I can use to find out what those updates are exactly.
Get-SCCMClientUpdate -ShowHidden
Now it is time to install the updates. Note that there are 3 values which are required for this to work correctly:
- Array of UpdateIds
- ContentPriority
- Possibly values for Download Priority
- Options for the installation
- Possible Option Flags (Note that these are bit-wise flags meaning that you will need to use –BOR)
|
0 |
PriorityForeground |
|
1 |
PriorityHigh |
|
2 |
PriorityMedium |
|
3 |
PriorityLow |
|
0x0001 |
UPDATE_CHECK_LOCATIONS |
|
0x0002 |
UPDATE_FORCED_SCAN |
|
0x0004 |
UPDATE_WAIT_AU_AVAILABILITY |
|
0x0008 |
UPDATE_IGNORE_SERVICEWINDOW |
|
0x0010 |
UPDATE_IGNORE_REBOOTWINDOW |
|
0x0020 |
UPDATE_RETRY_DETECT_ON_FAILURE |
|
0x0040 |
UPDATE_RAISE_MOMALERTS_ON_FAILURE |
|
0x0080 |
UPDATE_DISABLE_NONSMS_MOMALERTS |
A quick example of working with the Options flags.
$Options = 0x0001 -BOR 0x0002 -BOR 0x0020 $options
Now we can begin the installation.
$SCCMUpdate.InstallUpdates($UpdateIDs, 0, $Options)
Now here is my disclaimer that I am not a SCCM expert and am not really sure where you can easily monitor the installation progress. With the Windows Update Agent, the installation will hold up the console (or script) until it has completed. And once it has completed, you can work with the output to determine what installed and what failed. With the SCCM agent, I have not been able to easily track the installation progress of the updates. One place I was able to locate to see the status and result of installation is at: C:\Windows\System32\CCM\Logs\UpdatesDeployment.log.
Whether this is the best way or not is uncertain at this point. If there are SCCM experts out there who know of a better way, I am definitely open to hearing about other ways to track the installations and will update this article to mention those ways. But as you can see, installing the pending updates with the SCCM client is yet another great thing you can do with PowerShell!
Learn Powershell | Achieve More 
Pingback: Force SCCM Client Software install and reboot Script | Cloud Solutions Architect
Love it Boe! Are you planning to use this in the lastest poshpiag?
I found the best way to view the update is in the Windows update log. Look for event 19. It’s much faster than get-hotfix.
$filterXML = @’
*[System[Provider[@Name=’Microsoft-Windows-WindowsUpdateClient’] and (Level=4 or Level=0) and (EventID=19)]]
‘@
$eventlist = Get-WinEvent -computername $server -MaxEvents 10 -FilterXml $filterXML
Hello, I am able to use the Function to view the pending updates, but am having issues trying to install. Is the install available as it’s own script? Or how is it called? I try to follow the steps but not sure how to get it working.
Boe, that’s a solid source for checking the updates, you can also track them with win32_quickfixengineering / get-hotfix. I was also messing around with Pulling them out of the Uninstall node of the registry.
Thanks a ton for the article, I’m messing with your functions for use inmy environment. You can also access the client through WMI but I haven’t dug into that yet. Did you get the information for this from the SDK or some other source?
Thanks, Jason! Sorry I haven’t responded sooner but I’ve been on vacation. I got all of this information from the SDK to do this for SCCM 2007. I know that Jan Egil Ring has done some stuff with SCCM 2012 using WMI: http://blog.powershell.no/2013/06/16/automating-the-system-center-configuration-manager-2012-client/