Jump to content

Windows Update PS Script Automation


Chris1992

Recommended Posts

Good evening,

I would like to use the standard script for windows that is in pulseway automation.

But I get this error message:
Checking for Windows updates
Downloading updates
Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
At C:\Program Files\Pulseway\automation_9fdca742_c373_41fb_80e3_ce2b245530ca.ps1:25 char:5
+     $Downloader = $Session.CreateUpdateDownloader()
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OperationStopped: (:) [], UnauthorizedAccessException
    + FullyQualifiedErrorId : System.UnauthorizedAccessException

 

The user used to execute the script (Settings - runtime) is a domain admin.

The script works if I execute powershell as an administrator.
In pulseway, with automation I cannot state that the script must be executed as admin.

Am I missing something?

Thanks in advance!

 

Printscreens in attachement

Script:

Write-Host "Checking for Windows updates"
$UpdateCollection = New-Object -ComObject Microsoft.Update.UpdateColl
$Searcher = New-Object -ComObject Microsoft.Update.Searcher
$Session = New-Object -ComObject Microsoft.Update.Session

$Searcher = New-Object -ComObject Microsoft.Update.Searcher
$results = $searcher.search("Type='software' AND IsInstalled = 0 AND IsHidden = 0 AND AutoSelectOnWebSites = 1")

#Install WindowsUpdate Module
Set-PSRepository -Name 'PSGallery' -InstallationPolicy Trusted
Install-Module PSWindowsUpdate

# Install Update
if ($results.Updates.Count -eq 0) {
    Write-Host "No updates found"
    # no updates.
} else {
    # setup update collection
    foreach ($update in $results.Updates){
        $UpdateCollection.Add($update) | out-null
    }

    # download update items
    Write-Host "Downloading updates"
    $Downloader = $Session.CreateUpdateDownloader()
    $Downloader.Updates = $UpdateCollection
    $Downloader.Download()

    # install update items
    Write-Host "Installing updates"
    $Installer = New-Object -ComObject Microsoft.Update.Installer
    $Installer.Updates = $UpdateCollection
    $InstallationResult = $Installer.Install()
    # Check Result
    if ($InstallationResult.ResultCode -eq 2){
        Write-Host "Updates installed successfully"
    } else {
        Write-Host "Some updates could not be installed"
    }
    if ($InstallationResult.RebootRequired){
        Write-Host "System needs to reboot"
        # uncomment the following line to automatically reboot the system if a reboot is required after the updates are installed
        #shutdown -r -f -t 300 -c "Rebooting in 5 minutes to apply Windows updates"
    }
}

 

2020-01-03 19_49_19-win2019-web-00.digitalkey.local - Remote Desktop Connection.jpg

2020-01-03 19_49_38-win2019-web-00.digitalkey.local - Remote Desktop Connection.jpg

Edited by Chris1992
Link to comment
Share on other sites

  • Staff

Hi @Chris1992,

If you have configured the PowerShell impersonation in Pulseway, then all PowerShell scripts via Pulseway will be executed using account Pulseway, which is shown into the image. Does that account has full access rights to the C:\Program Files\Pulseway\ folder on that particular system to execute the script?

Link to comment
Share on other sites

hey @Chris,

I have given the user pulseway full control on the folder but keep getting the same error.

Quote

Checking for Windows updates
Downloading updates
Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
At C:\Program Files\Pulseway\automation_784d8354_a1a3_40d0_94fe_18e94aeaa5de.ps1:25 char:5
+     $Downloader = $Session.CreateUpdateDownloader()
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OperationStopped: (:) [], UnauthorizedAccessException
    + FullyQualifiedErrorId : System.UnauthorizedAccessException
 
The property 'Updates' cannot be found on this object. Verify that the property exists and can be set.
At C:\Program Files\Pulseway\automation_784d8354_a1a3_40d0_94fe_18e94aeaa5de.ps1:26 char:5
+     $Downloader.Updates = $UpdateCollection
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : PropertyNotFound
 
You cannot call a method on a null-valued expression.
At C:\Program Files\Pulseway\automation_784d8354_a1a3_40d0_94fe_18e94aeaa5de.ps1:27 char:5
+     $Downloader.Download()
+     ~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : InvokeMethodOnNull
 
Installing updates
New-Object : Creating an instance of the COM component with CLSID {D2E0FE7F-D23E-48E1-93C0-6FA8CC346474} from the IClas
sFactory failed due to the following error: 80070005 Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDEN
IED)).
At C:\Program Files\Pulseway\automation_784d8354_a1a3_40d0_94fe_18e94aeaa5de.ps1:31 char:18
+     $Installer = New-Object -ComObject Microsoft.Update.Installer
+                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [New-Object], UnauthorizedAccessException
    + FullyQualifiedErrorId : System.UnauthorizedAccessException,Microsoft.PowerShell.Commands.NewObjectCommand
 
The property 'Updates' cannot be found on this object. Verify that the property exists and can be set.
At C:\Program Files\Pulseway\automation_784d8354_a1a3_40d0_94fe_18e94aeaa5de.ps1:32 char:5
+     $Installer.Updates = $UpdateCollection
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : PropertyNotFound
 
You cannot call a method on a null-valued expression.
At C:\Program Files\Pulseway\automation_784d8354_a1a3_40d0_94fe_18e94aeaa5de.ps1:33 char:5
+     $InstallationResult = $Installer.Install()
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : InvokeMethodOnNull
 
Some updates could not be installed

 

2020-01-10 17_22_42-win2019-web-00.digitalkey.local - Remote Desktop Connection.jpg

Link to comment
Share on other sites

  • 2 weeks later...

Good afternoon,

I have been messing around with the script for windows updates.

This works as long as the user is only in the local admin group of the server.

But with a domain controller there is no other option than to put the user in the local administrator group and in the domain administrators group.
And then the script does not work due to rights.

Would it be possible to add a function at pulseway where you can add "execute with highest privileges" such as when creating a task in windows.

 

 

2020-01-28 15_33_58-How To_ Create Advanced Tasks in Task Scheduler.jpg

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...