Getting info about Windows Updates on Windows Server 2016

PowerShell Help
1

Hello everyone,

I would like to ask you for a help with retrieving information about status of Windows Updates on Windows Server 2016.
Short overview.
I am having script that converts vmware template (golden image) to virtual machine, then it is running some checks and once operating system is ready, it starts with Windows Update.

Problem description.
I am able to retrieve last check date and if it is older, than I am going to search if there are newer updates available.

Another value I need to get after last success search time and once updates are installed, is update installation results.
I do believe this website has information I need but unfortunately I do not know how to read information from these objects.
https://docs.microsoft.com/en-us/windows/win32/wua_sdk/windows-update-agent-object-model

Is there anyone who can help me or show me the way how to read this kind of information?
Please do not give me option to install some additional PowerShell module because I want to keep golden image as clean as possible.

Here is command I am using to get last check date

(New-Object -ComObject "Microsoft.Update.AutoUpdate").Results.LastSearchSuccessDate

Thank you for any reply
Filip

2

You should be able to use the following example to do what you want.

https://lazywinadmin.com/2011/06/powershell-and-windows-updates.html

Just as a heads up, Windows 2016 is quite nasty when it comes to Windows Updates.
E.g. some updates will continue during the reboot sequence (meaning just after your account is logged out but before the actual reboot), then also continuing after the reboot itself.
It’s quite nasty if you want to handle it via powershell with multiple reboots etc.

Windows 2012 R2 and Windows 2019 works quite well, they did something to 2016 updates that really is crap.

3

Hello Fredrik,

thank you very much for your reply. I guess article you post will help me to understand better.

I agree about WU in 2016. In case of 2012 is quite easy to track status by checking registry. Only I do not know why but when I am invoking command wuauclt.exe /UpdateNow after updates are downloaded and ready to be installed, it does not work on remote computer for some reason (but locally yes).

Thanks for reply