Jaa


PowerShell Script to list Software Updates in a Software Update Group

 

Hi everybody,

In a recent Workshop that I was teaching I got asked how to list all of the security updates in a software update group. So I wrote a quick PowerShell script to do exactly that.

Here is the code I used while on R2 CU1

############################################################################################

$modulelocation = 'F:\Program Files\Microsoft Configuration Manager\AdminConsole\bin\configurationmanager.psd1'
$SUG = 'Security Updates'

Import-Module $modulelocation
CD PRI:

$SoftwareUpdates = (get-cmsoftwareupdategroup | Where {$_.LocalizedDisplayN -eq $SUG}).Updates
Foreach ($SoftwareUpdate in $SoftwareUpdates){
(Get-CMSoftwareUpdate -Id $SoftwareUpdate).LocalizedDisplayName

}

############################################################################################

image
UPDATE

After going to R2 CU2 The cmdlets changed slightly.

Found a simpler command below

############################################################################################

$modulelocation = 'F:\Program Files\Microsoft Configuration Manager\AdminConsole\bin\configurationmanager.psd1'
$SUG = 'Security Updates'

Import-Module $modulelocation
CD PRI:

(Get-CMSoftwareUpdate -UpdateGroupName $SUG).LocalizedDisplayName

############################################################################################

image

You will just need to change the two initial variables

$Modulelocation to where your psd1 sits. See Matts blog for details on this.

$SUG to the name of your Software Update Group.

This will simply list all of the updates so you can paste it into any Change Request you need to create for Software Updates.

Hopefully you find this useful but more than that hopefully this gets you started with some PowerShell. A fantastic free course that I always recommend to my students if you not sure where to begin is this MVA course run by Jeffrey Snover and Jason Helmick.

Getting Started with PowerShell 3.0 Jump Start

Feel free to comment with your own useful PowerShell script or even a new improved version of mine below…

Comments

  • Anonymous
    January 01, 2003
    Hi George,
    Thanks for the post, I wrote this script to gather details of our Software Update Groups so that we could gauge the size of the package before distributing it, and also to be able to identify which updates were the largest in the group.

    Here's a link to the full function on the technet gallery:
    http://gallery.technet.microsoft.com/Return-the-size-of-a-60c40a7e

    And a sub-section of the code:

    $UpdateGroupName = "2014-07workstations*"
    $SiteCode = (CMSite).SiteCode
    $SoftwareUpdateGroup = Get-CMSoftwareUpdateGroup -Name $UpdateGroupName
    $UpdateInfo = @()
    $SUGMemberCount = ($SoftwareUpdateGroup.Updates).Count
    $cnt = 1
    foreach ($Update in Get-CMSoftwareUpdate -UpdateGroupId $SoftwareUpdateGroup.CI_ID)
    {
    Write-Verbose "Update ($cnt/$SUGMemberCount) :: $($Update.LocalizedDisplayName)"
    try
    {
    $CIToContent = @(Get-WmiObject -Namespace rootsmssite_$($SiteCode) -Query "Select * from SMS_CItoContent where CI_ID = '$($Update.CI_ID)'")
    $TotalUpdateSize = 0
    $TotalContentRefs = 0
    $TotalFiles = 0
    foreach ($ContentRef in $CIToContent)
    {
    $CIContentFiles = @(Get-WmiObject -Namespace rootsmssite_$($SiteCode) -Query "select * from SMS_CIContentFiles where ContentID = '$($ContentRef.ContentID)'")
    $UpdateSize = 0
    foreach ($file in $CIContentFiles)
    {
    $UpdateSize += $file.filesize
    $TotalFiles += 1
    }
    $TotalUpdateSize += $UpdateSize
    $TotalContentRefs += 1
    }
    $obj = New-Object pscustomobject -Property @{
    Name = $Update.LocalizedDisplayName
    Size = $TotalUpdateSize / 1MB
    TotalContentRefs = $TotalContentRefs
    TotalFiles = $TotalFiles
    }
    $UpdateInfo += $obj
    $cnt += 1
    }
    catch
    {
    Write-Warning "Error: $($Error[0])"
    }
    }

    $UpdateInfo | Measure-Object -Property Size -Sum
    $UpdateInfo | Sort Size| Select Name,Size | ft -AutoSize
  • Anonymous
    January 01, 2003
    @Kaido
    In my initial command I did use Get-CMSoftwareUpdateGroup but that returns all the SUG details with the ID's of the updates. I then had to put these into a for each statement to get the names of the updates. Ive just found a better and simpler cmdlet which Ive updated the post with to get the list of the updates.
    (Get-CMSoftwareUpdate -UpdateGroupName $SUG).LocalizedDisplayName

    Cheers

    George
  • Anonymous
    January 01, 2003
    thanks guys.
  • Anonymous
    August 08, 2014
    Thanks
  • Anonymous
    August 08, 2014
    Hi,
    Why dont you use in Get-CMSoftwareUpdateGroup cmdlet -NAME parameter? eg. Get-CMSoftwareUpdateGroup -Name 'SUG'

    Best,
    Kaido