WSUS Cleanup

This script performs the cleanup tasks done by the WSUS cleanup wizard. Because it is a script, it can be automated (for example, via the Windows Task Scheduler). It also provides

 
 
 
 
 
4.6 Star
(33)
Add to favorites
Windows Update
9/8/2009
E-mail Twitter del.icio.us Digg Facebook
Sign in to ask a question


  • Timeout running script
    1 Posts | Last post November 10, 2015
    • I realize this is probably an old configuration now, but i'm running sbs2008 which has WSUS 3.0 SP2. I have re-indexed the database as per
      
      https://gallery.technet.microsoft.com/scriptcenter/6f8cde49-5c52-4abd-9820-f1d270ddea61
      
      I am still not having any luck in getting either the cleanup wizard to work from the admin console. I've tried unchecking all boxes and going through each one individually, but mostly the console comes back with an error that it has lost connection with the server. So I turned to the script. I've corrected the various suggestions below to fix syntax etc., but I get this after a couple of minutes:
      
      PS C:\Users\netadmin\Desktop> .\wsuscleanup.ps1
      Exception calling "PerformCleanup" with "1" argument(s): "Timeout expired.  The timeout period elapsed prior to completion of the operation or the server is not responding.
      The statement has been terminated."
      At C:\Users\netadmin\Desktop\wsuscleanup.ps1:11 char:31
      + $cleanupManager.PerformCleanup <<<< ($cleanupScope);
          + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
          + FullyQualifiedErrorId : DotNetMethodException
      
      I've also tried running individual options in the script. Some work, like the deleting obsolete computers.
      
      The database file is roughly 25GB and the content is roughly 200GB.
      
      Thanks,
      Nick.
      
  • Cleanup Driver Metadata in WSUS
    2 Posts | Last post October 14, 2014
    • Is there anyway to create a way to purge classification metadata once you have unchecked it from the console.  The best example I can think of is Drivers.  Once an admin selects drivers as a classification you still get roughly 10,000 drivers that now show up in the console. I've seen scripts to delete the driver content, but I have yet to see one that will delete the metadata from the DB.
      
      Looking at the WsusUtils code, there is command-line switch that will delete all updates in a category.  It's using the UpdateCategoryCollection namespace.  There's also an UpdateClassificationCollection namespace. I just havent figured out how to switch the two namespaces in order to delete the classification.
      
      This was posted last year and I know the issue has been there for at least 2 years.
      
      http://blogs.technet.com/wsus/archive/2008/07/17/so-many-drivers.aspx 
       
      In the short term, we will be making some publishing policy changes to ensure that drivers with a large number of hardware IDs don't flow to WSUS through WSUS/MU server synch. This doesn't mean the drivers won't be available to WSUS - they can still be imported from the MU catalog site (from the WSUS 3 UI, go to the "Updates" node and select "import..."). It's just that they won't flow automatically and surprise those who have added drivers to their synch options.
      -Marc Shepard
      
      Needless to say I have no idea what I'm doing in vis studio  :)  I just refuse to accept having to wipe the DB and uninstalling/reinstalling WSUS to remove the 10,000 driver issue.  I was hoping the issue would have been solved in WSUS 3.0 SP2, but the drivers still show up on a clean install.  
      
      Thanks in advance for any input.
    • [reflection.assembly]::LoadWithPartialName("Microsoft.UpdateServices.Administration")
       $wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::GetUpdateServer();
       $wsus.getupdates() | Where {$_.UpdateClassificationTitle -eq 'Drivers'} | ForEach-Object { $wsus.DeleteUpdate($_.Id.UpdateId.ToString()); Write-Host $_.Title removed }
      
  • WSUS Cleanup
    4 Posts | Last post May 23, 2014
    • I have the WSUS console on the computer and I am able to ping the server.  This is the error that I am getting.
      
      Missing ')' in method call.
      At :line:2 char:79
      + $wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::GetUpdateServer(p <<<< bowsus.hcbe.net,false);
      
      This is the line in the script.
      
      $wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::GetUpdateServer(pbowsus.hcbe.net,false);
    • Ed, getting same exact error. Did you find a resolution?
    • Found it. When you run the GetUpdateServer method locally, try 
      
      $wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::GetUpdateServer();
      
      No need to include the server's FQDN within the parentheses, because you're already on your WSUS server.
      
    • Quite an old post, but to answer your question:
      
      The propper way to do this, is to make sure that you pass a single string, enclouse your serverName.Domain.ltd in "'s, like this:
      $wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::GetUpdateServer("pbowsus.hcbe.net",false);
      
      --
      Marius
  • Superseded Updates
    1 Posts | Last post March 17, 2014
    • I try to run many times this script, but every time, i can delete older updates an compact de others updates, but the script can´t delete superseded updates.
      My environmet is a Windows Server 2008 R2, running a Wsus 3.2, with a windows internal database
      i Checked if my user had the permissions to "runs" the script, every little thing ok.
      
      Can you guys help me?
      
      Thanks
  • getting error
    2 Posts | Last post November 09, 2013
    • *firstly I had to fix the line one wrap that copies over as a second line but also in that line there is a ' symbol just prior to that wrap point that seems a typo
      
      ...continuing now after naming the script to a .ps1 file I get this after a minute or two when running it from an elevated PowerShell prompt:
      
      PS E:\WSUS Cleanup Script> .\WSUScleanup.ps1
      Exception calling "PerformCleanup" with "1" argument(s): "Timeout expired.  The timeout period elapsed prior to complet
      ion of the operation or the server is not responding.
      The statement has been terminated."
      At E:\Server Configuration Notebook\Tools\WSUS Cleanup Script\WSUScleanup.ps1:11 char:31
      + $cleanupManager.PerformCleanup <<<< ($cleanupScope);
          + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
          + FullyQualifiedErrorId : DotNetMethodException
      
      
    • here is the exact syntax of the script as I've saved it:
      
      [reflection.assembly]::LoadWithPartialName("Microsoft.UpdateServices.Administration") | out-null
      $wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::GetUpdateServer();
      $cleanupScope = new-object Microsoft.UpdateServices.Administration.CleanupScope;
      $cleanupScope.DeclineSupersededUpdates = $true
      $cleanupScope.DeclineExpiredUpdates = $true
      $cleanupScope.CleanupObsoleteUpdates = $true
      $cleanupScope.CompressUpdates = $true
      #$cleanupScope.CleanupObsoleteComputers = $true
      $cleanupScope.CleanupUnneededContentFiles = $true
      $cleanupManager = $wsus.GetCleanupManager();
      $cleanupManager.PerformCleanup($cleanupScope);
  • using Task Schedule - task never stops
    2 Posts | Last post November 02, 2013
    • I have this script working on Server 2012 Standard with no alterations. However, the task never completes. The history tab shows "task completed", but the task status is "running" until I manually stop it. How do I fix this please?
       -Carl
    • Please disreguard and delete. This is embarrassing. Seems when I "refresh" the view, it shows complete. Maybe I should change my name to Homer (Doh!)
      
  • Time out
    1 Posts | Last post November 08, 2012
    • I found this script when the built-in WSUS clean up would not run...presumably due timeout.
      
      I have the same problem with this script. It appears to see the correct db but times out. I've run the reindex script before and after trying to run the cleanup.
      
      What can I do to extend the amount of time the script runs to avoid the timeout?
      
      Running on a quad xeon on a lightly used SBS 2008
  • doen't work =(
    4 Posts | Last post November 05, 2012
    • on the local machine with 2008R2 and WSUS
      
      $wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::GetUpdateServer(); 
      
      
      ____
      
      Exception calling "GetUpdateServer" with "0" argument(s): "Exception of type 'Microsoft.UpdateServices.Administration.WsusInvalidServerException' was thrown."
      At line:2 char:78
      + $wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::GetUpdateServer <<<< (); 
          + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
          + FullyQualifiedErrorId : DotNetMethodException
       
      Method invocation failed because [System.RuntimeType] doesn't contain a method named 'GetCleanupManager'.
      At line:10 char:42
      + $cleanupManager = $wsus.GetCleanupManager <<<< (); 
          + CategoryInfo          : InvalidOperation: (GetCleanupManager:String) [], RuntimeException
          + FullyQualifiedErrorId : MethodNotFound
       
      You cannot call a method on a null-valued expression.
      At line:11 char:31
      + $cleanupManager.PerformCleanup <<<< ($cleanupScope); 
          + CategoryInfo          : InvalidOperation: (PerformCleanup:String) [], RuntimeException
          + FullyQualifiedErrorId : InvokeMethodOnNull
       
      
    • When you opened PowerShell, did you "Run as administrator"?
    • Exactly the same error here
      
      Exception calling "GetUpdateServer" with "0" argument(s): "Exception of type 'Microsoft.UpdateServices.Administration.WsusInvalidServerException' was thrown."
      
      At line:2 char:78
      
      + $wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::GetUpdateServer <<<< (); 
      
          + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
      
          + FullyQualifiedErrorId : DotNetMethodException
      
      
      Have you found a fix already?
    • solved, I didn't saw the reply to run it as administrator :)
  • Script is not cleaning up old computer accounts
    3 Posts | Last post November 15, 2011
    • Hello,
      
      This is the exact script that I am running against my WSUS server (Windows Server 2008, SP2). The scheduler returns no error after it runs so I assumed everything was OK, yet I still have a number of computers in WSUS that are older than 30 days.
      
      Initially the line that deleted stale computer accounts was commented out. I un-commented it but still no joy.
      
      Any idea what is going on?
      
      Thanks,
      JJJ
      
      #From 'The Scripting Guys' website on Microsoft Technet
      #This script will clean up the WSUS server of superseded, expired and obsolete updates
      #Also, it will remove computers that have not communicated with the WSUS for 30 days
      
      [reflection.assembly]::LoadWithPartialName("Microsoft.UpdateServices.Administration") | out-null
      
      $wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::GetUpdateServer();
      
      $cleanupScope = new-object Microsoft.UpdateServices.Administration.CleanupScope;
      
      $cleanupScope.DeclineSupersededUpdates = $true       
      
      $cleanupScope.DeclineExpiredUpdates         = $true
      
      $cleanupScope.CleanupObsoleteUpdates     = $true
      
      $cleanupScope.CompressUpdates                  = $true
      
      $cleanupScope.CleanupObsoleteComputers = $true
      
      $cleanupScope.CleanupUnneededContentFiles = $true
      
      $cleanupManager = $wsus.GetCleanupManager();
      
      $cleanupManager.PerformCleanup($cleanupScope);
    • Hi,
      
      May I use the same script for WSUS 3.2 also.If yes how can I get full data related to this.Please help me to find the best way to run it.
      
      Regards,
      RK
    • Are you still having this problem?
  • WSUS Cleanup - Skip deletion of computers that are still in Active Directory
    1 Posts | Last post October 22, 2009
    • You mentioned that there is a way to use this script with an option to skip deletion of computers that are still in Active Directory or to possible change the default number of day (30 days) for obsolete computers. Can you elaborate on these options. Thanks
      
1 - 10 of 11 Items