Tag Windows Updates

Azure – Update Management

How to maintain the patch status of your Windows and Linux machines

You can use Update Management in Azure Automation to manage operating system updates for your Windows and Linux machines in Azure, in on-premises environments, and in other cloud environments.” Microsoft

To enable on a specific virtual machine in Azure

Note – You only pay for logs stored (Log Analytics)

Enabling the option can take up to 15mins

Useful reference links

Bulk Add Azure VMs and Non Azure Machines

Troubleshooting Windows Updates and WSUS

Troubleshooting Windows Updates #Windows 10 #Windows 2016

Windows Update Log

PowerShell command to check the Windows Update log

Get-WindowsUpdateLog

 

Check Registry Keys

Run command prompt as adminitrator and paste these query registry keys in to see what your client has set for Windows Updates.

reg query HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /s

reg query HKLM\SOFTWARE\Microsoft\PolicyManager\current\device\Update

reg query HKLM\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings

 

Check CBS Log

Find the Component-Based Servicing log here.

C:\Windows\Logs\CBS

WSUS and Windows 10 Clients – UsoClient.exe

So, you deploy a GPO to Window 10 clients, but your in a hurry to get the clients to check in…

As a SysAdmin for many years I would log on to a client, open command prompt and type :

wuauclt /detectnow  (Windows 7 / Windows Server 2008/2012 clients)

 

In Windows 10 you will notice that it doesn’t do anything and doesn’t show you anything. (As shown above)

(confirmed on https://blogs.technet.microsoft.com/yongrhee/2017/11/09/wuauclt-detectnow-in-windows-10-and-windows-server-2016/)

An example of “Whats New” in Windows 10, and Windows Server 2016 To check or scan “Windows Update” from the command prompt :
CMD (Run As Administrator)
c:\windows\system32\

UsoClient.exe startscan

And there is more switches….

  1. StartScan – Used To Start Scan
  2. StartDownload – Used to Start Download of Patches
  3. StartInstall – Used to Install Downloaded Patches
  4. RefreshSettings  – Refresh Settings if any changes were made
  5. StartInteractiveScan  – May ask for user input and/or open dialogues to show progress or report errors
  6. RestartDevice – Restart device to finish installation of updates
  7. ScanInstallWait – Combined Scan Download Install
  8. ResumeUpdate – Resume Update Installation On Boot