Move Approvals from Out-of-Date Revisions
Description
Use this script if you have turned off the option to auto-reapprove revisions. If you have turned off this option, you will need to manage update revisions manually. By default, this script gives you the recommended approval action for updates with old revisions approved (the recommended action is to unapprove them if the new revision is marked “expired”, and otherwise to move the approval to the latest revision). When run in silent mode with the -q or -quiet command-line switch, the script applies the recommended approval action.
Supported Platforms
Windows Server 2008 | Yes |
Windows Vista | Yes |
Windows Server 2003 | Yes |
Windows XP | No |
Windows 2000 | No |
Windows NT 4.0 | No |
Windows 98 | No |
Script Code
$doRecommendedAction = $false
if ($args[0] -ne $null)
{
if (($args[0].ToUpper() -eq "-Q") -or ($args[0].ToUpper() -eq "-QUIET"))
{
$doRecommendedAction = $true
}
else
{
write-host "Usage: manage-approvals.ps1 [<-quiet>/<-q>]"
exit
}
}
# Load administration
[System.Reflection.Assembly]::LoadWithPartialName('Microsoft.UpdateServices.Administration') | out-null
# Create update server
write-host "<<< Connecting to WSUS server >>>" -foregroundcolor "yellow"
$updateServer = [Microsoft.UpdateServices.Administration.AdminProxy]::GetUpdateServer()
write-host ""
# Get all updates and loop through them to find out if there are any unapproved ones
# with older revisions that are approved
$updates = $updateServer.GetUpdates()
$count = 1
$didNothing = $true
foreach ($update in $updates)
{
if (($update.IsApproved -eq $false) -and ($update.HasEarlierRevision -eq $true))
{
$revisions = $update.GetRelatedUpdates([Microsoft.UpdateServices.Administration.UpdateRelationship]::AllRevisionsOfThisUpdate)
# Find the first revision that has any approval on it
foreach ($revision in $revisions)
{
if ($revision.IsApproved)
{
$didNothing = $false
$approvals = $revision.GetUpdateApprovals()
foreach ($approval in $approvals)
{
$targetGroup = $approval.GetComputerTargetGroup()
write-host "Update #" $count
write-host "----------"
write-host " Update ID :" $update.Id.UpdateId.ToString()
write-host " Update title :"$update.Title
write-host " Current state : An older revision is approved for" $approval.Action.ToString() "for target group" $targetGroup.Name
$action = "s" # skip by default
if ($update.PublicationState -eq [Microsoft.UpdateServices.Administration.PublicationState]::Expired)
{
if ($doRecommendedAction -eq $true)
{
# Recommended action: Decline update
$action = "d"
}
else
{
# Recommended action: Decline update
write-host " Recommended action: Decline this update" -foregroundcolor "blue" -backgroundcolor "yellow"
write-host ""
$action = read-host " Decline (d)/Skip (s or Enter)"
}
}
else
{
if ($doRecommendedAction -eq $true)
{
# Recommended action: Move approval to the latest revision
$action = "m"
}
else
{
# Recommended action: Move approval to the latest revision
write-host " Recommended action: Move this approval to the latest revision" -foregroundcolor "blue" -backgroundcolor "yellow"
write-host ""
$action = read-host " Move (m)/Skip (s or Enter)"
}
}
switch ($action)
{
"d" # Decline
{
write-host " Declining update ..."
$approval.Delete()
$update.Decline()
write-host " Done!"
}
"m" # Move
{
write-host " Moving approval ..."
$approval.Delete()
$update.Approve($approval.Action, $targetGroup, $approval.Deadline) | out-null
write-host " Done!"
}
default
{
write-host " Skipping"
}
}
write-host ""
$count = $count + 1
}
}
}
}
}
if ($didNothing -eq $true)
{
write-host "No updates detected that have approvals for older revisions"
}
trap
{
write-host "Error Occurred"
write-host "Exception Message: "
write-host $_.Exception.Message
write-host $_.Exception.StackTrace
exit
}
# EOFEnumerateAD($ds.SearchRoot);
For online peer support, join The Official Scripting Guys Forum!. To provide feedback or report bugs in sample scripts or the Scripting Guide, please contact scripter@microsoft.com.
Disclaimer
The sample scripts are not supported under any Microsoft standard support program or service. The sample scripts are provided AS IS without warranty of any kind. Microsoft further disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. The entire risk arising out of the use or performance of the sample scripts and documentation remains with you. In no event shall Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the scripts be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample scripts or documentation, even if Microsoft has been advised of the possibility of such damages.
