Hello,
I am trying to apply all available Windows Updates to fresh installation of Windows Server 2016 with PowerShell.
It's a fresh installation from en_windows_server_2016_updated_feb_2018_x64_dvd_11636692.iso(latest available at the moment). No WSUS is used, I am working with official Windows Updates servers.
It all boils down to the following problematic behavior:
1. Immediately upon OS installation I check for available updates:
$UpdateSession = New-Object -ComObject "Microsoft.Update.Session" $UpdateSearcher = $UpdateSession.CreateUpdateSearcher() $SearchResults = $UpdateSearcher.Search("IsInstalled=0")
This returns following updates:
$SearchResults.Updates | Select Title Title ----- 2018-05 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4103720) 2018-05 Update for Windows Server 2016 for x64-based Systems (KB4132216) Windows Malicious Software Removal Tool x64 - November 2018 (KB890830) Definition Update for Windows Defender Antivirus - KB2267602 (Definition 1.281.1025.0)
2. I try to download those updates:
$UpdateDownloader = $UpdateSession.CreateUpdateDownloader() $UpdateDownloader.Updates = $SearchResults.Updates $UpdateDownloader.Download()
And here is the problem number one. Why not all of updates are getting downloaded? I can invoke Download() method over and over, results won't change:
$UpdateDownloader.Updates | Select IsDownloaded, Title IsDownloaded Title ------------ ----- True 2018-05 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4103720) False 2018-05 Update for Windows Server 2016 for x64-based Systems (KB4132216) False Windows Malicious Software Removal Tool x64 - November 2018 (KB890830) True Definition Update for Windows Defender Antivirus - KB2267602 (Definition 1.281.1025.0)
I am especially curious about KB4132216, but alright. I just assume that Windows Update Client knows better...
3. I proceed with installation and server reboot:
$UpdateInstaller = $UpdateSession.CreateUpdateInstaller() $UpdateInstaller.Updates = $UpdateDownloader.Updates $UpdateInstaller.Install()
and after installation is complete
Restart-Computer
Windows does indeed completes installation of some updates and reboots successfully.
4. Once it is booted again, I try to repeat the process and search for updates again:
$UpdateSession = New-Object -ComObject "Microsoft.Update.Session" $UpdateSearcher = $UpdateSession.CreateUpdateSearcher() $SearchResults = $UpdateSearcher.Search("IsInstalled=0")
But here is the problem number two. The Search() method keeps returning the same updates that has not been installed last time.
$SearchResults.Updates | Select Title Title ----- 2018-05 Update for Windows Server 2016 for x64-based Systems (KB4132216) Windows Malicious Software Removal Tool x64 - November 2018 (KB890830)
From this point on, I am stuck. I can't download them.
$UpdateDownloader = $UpdateSession.CreateUpdateDownloader() $UpdateDownloader.Updates = $SearchResults.Updates $UpdateDownloader.Download() $UpdateDownloader.Updates | Select IsDownloaded, Title IsDownloaded Title ------------ ----- False 2018-05 Update for Windows Server 2016 for x64-based Systems (KB4132216) False Windows Malicious Software Removal Tool x64 - November 2018 (KB890830)
I can't search for new updates because Search() doesn't return any other results. I can reboot the server as many times as I want, result won't change. The interesting part is that if I try and check updates via GUI, it works: it finds different set of updates and it installs them successfully. Looks like GUI is using completely different set of APIs... Can somebody from Microsoft please comment on this? And provide a way of fully updating Server 2016 without GUI.
Thank you.