WSUS automated cleanup script

I read a lot of the comments and it sounds like running the script remotely requires you to specify the SQL server, possibly the instance? I'm just curious if that's the case when using a dedicated SQL server, not WID.

Never mind. I found it!

Script appears to be doing its job well (about 15% done after running for a day); but appears to be possibly stopping workstations from pulling down updates while it's running. Is there any way to stop it gracefully so that I can start it again later to pick up where it left off? Thanks! SC

This is the output I receive:

Connecting to database SUSDB on MICROSOFT##WID
Declining expired updates
Unhandled exception:
Cannot validate argument on parameter 'Message'. The argument length of 19027271 is too long. Shorten the length of the
argument to less than or equal to "32766" and then try the command again.
Completed script execution with 2 error(s)
Execution time 1 hours and 60 minutes.

WS2012 WSUS, using WID

Hi JRVCr,I've the same error message, have you found the solution? thanks

To those who may have the same concern: 
1,remark the line 49 so it will not write message to event.
2,line 125, change the timeout value from 600 to 1800(optional)

this error is because too many updates,e.g., I've more than 20,000 declined updates, it really 
 cost a lot of time. once the cleanup done(a couple of days?), be sure to add a cleanup task every 1 month.

Thanks Ericli911 - My script was running fine(administratively) for a while and then noticed it started having this same error everyone is mentioning.  Restarted and same problems immediately when running it administratively, but I remarked line 49 and increased timeout for line 125 and the script then was fine again.

Hi,

I've checked your script and I can see that all superseded updates are not declined.
Is there a specific condition, setting needed to be able doing that?

Thannks in advance,
Augustin

Hi
I did use the script in PowerShell ISE because the console crashed with timeout
... as did the script :

Reading obsolete update list.
Unhandled exception:
Exception calling "ExecuteReader" with "0" argument(s): "Execution Timeout Expired.  The timeout period elapsed prior to completion of the operation or the server is not 
responding."
Completed script execution with 1 error(s)
Execution time 0 hours and 10 minutes.

Hi,
have a look at the script itself. For every action there are timeouts defined. I got the same error as you and I'm now adjusting the timeouts and will try again

Exequting locally, hostname and db name checked.

PS C:\Users\admin> C:\Temp\wsus-cleanup-updates-v4.ps1
Exception calling "SourceExists" with "1" argument(s): "The source was not found, but some or all event logs could not be searched.  Inaccessible logs: Security."
At C:\Temp\wsus-cleanup-updates-v4.ps1:43 char:10
+     if ( -not [System.Diagnostics.EventLog]::SourceExists($log_source ...
+          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], ParentContainsErrorRecordException
    + FullyQualifiedErrorId : SecurityException

I didn't work too

Looks like the account running the script does not have permissions to list event sources and/or create a new one. Try running the script using an account with local administrator permissions on the server or replace logging code to dump ifo to a file instead of event log. Something like

function log_init{
  "Log started" | Out-File "c:\temp\wsuscleanup.log" -force
}

function log( [string] $msg, [int32] $eventID, [System.Diagnostics.EventLogEntryType] $level ){
  "$level : $eventID : $msg" | Out-File "c:\temp\wsuscleanup.log" -append
}

Unhandled exception:
Cannot determine SQL server name
Completed script execution with 1 error(s)
Execution time 0 hours and 0 minutes.

I am using WIDS DB not SQL.

When running the script remotely (not on the WSUS server), you will need to spesify sql server name in the $SqlServer variable at the top of the script. 

It says that it is deleting updates (## of 8120)
but it does not appear to be cleaning any space from the drive

the script will only attempt to delete unused content files when running locally on WSUS server (sql server name variable at the top of the script is left empty). The cleanup itself is done by invoking WSUS' own cleanup procedure. If it reports that 0 bytes were freed, it means that that deleted updates had no content stored locally. This is expected when WSUS is configured to download content after update is approved. 

nice work but in what version did you run?

Hi,

I got errors while trying to run the script.

OS: Windows Server 2016 Standart
Server Version: 10.0.14393.2608
DB: WID

Error Message:
wsus-cleanup-updates-v4.ps1

Connecting to database SUSDB on MICROSOFT##WID
Unhandled exception:
Exception calling "Open" with "0" argument(s): "A network-related or instance-specific error occurred while establishing a connection to SQL Server. The
 server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (pr
ovider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server)"
Completed script execution with 1 error(s)
Execution time 0 hours and 0 minutes.