Trigging Windows Update from Autounattend.xml

Posted by Trilobyte-177@reddit | sysadmin | View on Reddit | 5 comments

Hello Everyone,

I've got a Windows 11 Autounattend.xml that is working just fine in all but one area.

The following code is run after install during the first login of the inbuild administrator account.

Write-output "Install Nuget"
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force

Write-Output "Install PSWindowsUpdate"
Install-Module -Name PSWindowsUpdate -Force -AllowClobber

# Import the update module
Import-Module PSWindowsUpdate

# Ensure Windows Update service is running
Set-Service -Name wuauserv -StartupType Automatic
Start-Service -Name wuauserv

#Reset-WUComponents

# Check for available updates
Write-Output "Checking for Windows updates..."
$updates = Get-WindowsUpdate

# Display the available updates
if ($updates.Count -eq 0) {
    Write-Host "No updates available."
} else {
    Write-Host "The following updates are available:"
    $updates | ForEach-Object { Write-Host $_.Title }

    # Install the updates without restarting
    Write-Output "Installing updates..."
    Install-WindowsUpdate -AcceptAll -Install -IgnoreReboot | Out-File "c:\users\public\logs\$(Get-Date -Format yyyy-MM-dd)-WindowsUpdate.log" -Force

    Write-Host "Updates have been installed. A reboot is required but will not happen automatically."
}

Note: The log file is not generated.

There are other bits of this script that run just fine - however this is not going anywhere.

The Nuget package and the the PSWindowsUpdate package get installed (i've checked this running another PS window) but the actual contents don't seam to do anything.

Has anyone got any ideas of why this wouldn't work?

[-]

Trilobyte-177@reddit (OP)

Thanks all for you comments. All sorted now. For reference this is the code that works.

Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
Install-module -Name PSWindowsUpdate -force -AllowClobber

Set-ExecutionPolicy -Scope Process -ExecutionPolicy RemoteSigned

# Import the update module
Import-Module PSWindowsUpdate

# Check for available updates
Write-Host "Checking for Windows updates..."
$updates = Get-WindowsUpdate

# Display the available updates
if ($updates.Count -eq 0) {
    Write-Host "No updates available."
} else {
    Write-Host "The following updates are available:"
    $updates | ForEach-Object { Write-Host $_.Title }

    # Install the updates without restarting
    Write-Host "Installing updates..."
    Install-WindowsUpdate -AcceptAll -IgnoreReboot

    Write-Host "Updates have been installed. A reboot is required but will not happen automatically."
}

iamLisppy@reddit

Good job!

Cheers,

Learn PowerShell Scripting in a Month of Lunches | Pure Storage

Fatel28@reddit

I don't see a transcript anywhere in there. Might add "Start-Transcript C:\Windows\temp\update.log" at the end and "Stop-Transcript" at the end

May need to input the following before or after using "Install-Module PSWindowsUpdate -Force"

"Set-ExecutionPolicy -Scope Process -ExecutionPolicy RemoteSigned"

Gakamor@reddit

Try using Install-WindowsUpdate without the "-Install" switch. Install-WindowsUpdate is an alias for "Get-WindowsUpdate -Install".