Force Windows to shutdown and install windows updates from WSUS at a specific time for free

By | April 12, 2013

This is something that seems to effect a lot of companies, clients well out of date and staying powered on all night.  In order to shutdown machines we can use simple startup scripts via GPO to create schedule tasks.  We can use the same technique to run a VBS script that will check for Updates (Via WSUS if available) install and log all available updates and then when complete shut the machine down.

To start create the following VBS script and save it somewhere machines have access such as the netlogon folder \domainnetlogon

' COMMENT : Find-Download-Install-reboot/shutdown

'Shutdown flags;
const nLog_Off = 0
const nForced_Log_Off = 4 '( 0 + 4 )
const nShutdown = 1
const nForced_Shutdown = 5 '( 1 + 4 )
const nReboot = 2
const nForced_Reboot = 6 '( 2 + 4 )
const nPower_Off = 8
const nForced_Power_Off = 12 '( 8 + 4 )

ShutdownOption = nForced_Shutdown

'Monthly log;
dt = date() : nMonth = Year(dt)*1e2 + Month(dt)
sLogFile = "C:WUSforceupdate-" & nMonth & ".log"
Set updateSession = CreateObject("Microsoft.Update.Session")
Set updateSearcher = updateSession.CreateupdateSearcher()

Set searchResult = _
updateSearcher.Search("IsInstalled=0 and Type='Software'")

Set File = CreateObject("Scripting.FileSystemObject")
Set LogFile = File.OpenTextFile(sLogFile, 8, True)

LogFile.WriteLine( "START TIME : " & now)
LogFile.WriteLine( "Searching for updates..." & vbCRLF)
LogFile.WriteLine( "List of applicable items on the machine:")

For I = 0 To searchResult.Updates.Count-1
Set update = searchResult.Updates.Item(I)
LogFile.WriteLine( I + 1 & "> " & update.Title)

Set WshShell = WScript.CreateObject("WScript.Shell")

If searchResult.Updates.Count = 0 Then
LogFile.WriteLine( "There are no applicable updates.")
WshShell.popup "There are no applicable updates.",1
ShutDown(ShutdownOption) '<-- O P T I O N A L
End If

LogFile.WriteLine( vbCRLF & "Creating collection of updates to download:")

Set updatesToDownload = CreateObject("Microsoft.Update.UpdateColl")

For I = 0 to searchResult.Updates.Count-1
Set update = searchResult.Updates.Item(I)
LogFile.WriteLine( I + 1 & "> adding: " & update.Title )

LogFile.WriteLine( vbCRLF & "Downloading updates...")

Set downloader = updateSession.CreateUpdateDownloader()
downloader.Updates = updatesToDownload

LogFile.WriteLine( vbCRLF & "List of downloaded updates:")

For I = 0 To searchResult.Updates.Count-1
Set update = searchResult.Updates.Item(I)
If update.IsDownloaded Then
LogFile.WriteLine( I + 1 & "> " & update.Title )
End If

Set updatesToInstall = CreateObject("Microsoft.Update.UpdateColl")

LogFile.WriteLine( vbCRLF & _
"Creating collection of downloaded updates to install:" )

For I = 0 To searchResult.Updates.Count-1
set update = searchResult.Updates.Item(I)
If update.IsDownloaded = true Then
'WshShell.popup "installing..." & vbNewLine & update.Title,1
LogFile.WriteLine( I + 1 & "> adding: " & update.Title )
End If

logFile.WriteLine( "Installing updates...")
Set installer = updateSession.CreateUpdateInstaller()
installer.Updates = updatesToInstall
Set installationResult = installer.Install()

'Output results of install
LogFile.WriteLine( "Installation Result: " & installationResult.ResultCode )
LogFile.WriteLine( "Reboot Required: " & installationResult.RebootRequired & vbCRLF )

LogFile.WriteLine( "Listing of updates installed " _
& "and individual installation results:" )

For I = 0 to updatesToInstall.Count - 1
LogFile.WriteLine( I + 1 & "> " & updatesToInstall.Item(i).Title _
& ": " & installationResult.GetUpdateResult(i).ResultCode )

If installationResult.RebootRequired = -1 then
LogFile.WriteLine( "RebootRequired")
' <-- call for a R E B O O T.....
End if

ShutDown(ShutdownOption) '<-- O P T I O N A L

LogFile.WriteLine( "STOP TIME : " & now)

wscript.echo "Updates are installed"
Function ShutDown(sFlag)
wscript.sleep 600
Set OScoll = GetObject( _
"winmgmts:{(Shutdown)}").ExecQuery( _
"Select * from Win32_OperatingSystem")
For Each osObj in OScoll
End Function

Now we need to create a batch script to copy the above file to the local machine and a schedule task to run it at a set time. Save this in the same folder as the above script.

REM Copy Shutdown and WUP script to c:
if exist "C:itsupport" goto one
mkdir C:itsupport
REM Copy script
copy \domainNETLOGONinstallUpdatesShutdown.vbs c:itsupport
REM Delete existing tasks
schtasks.exe /delete /TN defrag /f
schtasks.exe /delete /TN shutdown /f
schtasks.exe /delete /TN shutdownwed /f
schtasks.exe /delete /TN Log_Off /f
REM Create new tasks
schtasks.exe /create /SC WEEKLY /D MON,TUE,WED,THU,FRI,SAT /ST 21:00:00 /TN Log_Off /TR "shutdown /l" /RU SYSTEM
schtasks.exe /create /SC WEEKLY /D MON,TUE,THU,FRI,SAT /ST 21:05:00 /TN shutdown /TR "c:itsupportinstallUpdatesShutdown.vbs" /RU SYSTEM
schtasks.exe /create /SC WEEKLY /D WED /ST 23:00:00 /TN shutdownwed /TR "c:itsupportinstallUpdatesShutdown.vbs" /RU SYSTEM
schtasks.exe /create /SC WEEKLY /D WED /ST 21:00:00 /TN defrag /TR "defrag.exe C:" /RU SYSTEM

Once this is complete simply create a new GPO to run ScheduleTaskCreator.bat as a computer startup script.  Since all these run as SYSTEM no need to worry about admin rights etc just make sure your clients are reporting to the WSUS server.

2 thoughts on “Force Windows to shutdown and install windows updates from WSUS at a specific time for free

  1. Poker Star

    You should take part in a contest for among the finest blogs on the web. I will advocate this site!

  2. Joey

    What’s up to all, the contents existing at this website are in fact awesome for people experience,
    well, keep up the good work fellows.


Leave a Reply

Your email address will not be published. Required fields are marked *