Update Windows security remotely using powershell scheduled task

0

I am trying to Install windows security patches on a remote machine using powershell remoting. This is the function i am using to Update windows

<#
.SYNOPSIS
This functiion will automatically install all avaialable windows updates on a device and will automatically reboot if needed, after reboot, windows updates will continue to run until no more updates are available.
#>

function Install-WindowsUpdates

{
Install-Module -Name PSWindowsUpdate -RequiredVersion 2.1.0.1 -Force
Import-Module PSWindowsUpdate -Force
Get-WindowsUpdate -install -acceptall
}

When i run this function on a local host, the function is successful in installing windows security patches. I have the below script to do the same remotely:

param(

    [Parameter(Mandatory = $true)]
    [string] $IPaddress
)
try
{
$secpasswd = ConvertTo-SecureString "Pass@12345678" -AsPlainText -Force
$cred = New-Object System.Management.Automation.PSCredential ("Admin02", $secpasswd)


#Create a Session.
$Session = New-PSSession -ComputerName $IPaddress -Credential $cred

cd C:\Users\Admin01\Documents
. .\Install-WindowsUpdates.ps1


Invoke-Command -Session $Session -ScriptBlock ${function:Install-WindowsUpdates}
return $true
}
catch
{
return $false
}

When i run this script i am getting the below error:

Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
    + CategoryInfo          : NotSpecified: (:) [Get-WindowsUpdate], UnauthorizedAccessException
    + FullyQualifiedErrorId : System.UnauthorizedAccessException,PSWindowsUpdate.GetWindowsUpdate
    + PSComputerName        : 10.0.0.7

I have setup both the loaclhost and remote machine for remoting and able to execute other scripts remotely. Also have enabled WMI on the remote machine. What other settings i have to do?

Using Scheduled Task: I am using the following script to start a scheduled task:

param(
   [parameter(Mandatory = $true)]
   [string]$IPaddress
)
$PSModulePath = $env:PSModulePath
$SplittedModulePath = $PSModulePath.Split(";")
$ModulePath = $SplittedModulePath[0]
$secpasswd = ConvertTo-SecureString "Pass@12345678" -AsPlainText -Force
$cred = New-Object System.Management.Automation.PSCredential ("Admin02", $secpasswd)
#Create a Session. Replace host name with the host name of the remote machine.
$Session = New-PSSession -ComputerName $IPaddress -Credential $cred
$User= "Admin02"
$Action= New-ScheduledTaskAction -Execute "PowerShell.exe" -Argument "$env:ALLUSERSPROFILE\Install-WindowsUpdate.ps1"
$Trigger= New-ScheduledTaskTrigger -At 5:05am -Once
Invoke-Command -Session $Session -ScriptBlock { Register-ScheduledTask -TaskName "Install-Updates" -User $Using:User -Action $Using:Action -Trigger $Using:Trigger -RunLevel Highest –Force }

I have copied the below script on the target machine at the path $env:ALLUSERSPROFILE

<#
.SYNOPSIS
This functiion will automatically install all avaialable windows updates on a device and will automatically reboot if needed, after reboot, windows updates will continue to run until no more updates are available.
.PARAMETER computer
Use the Computer parameter to specify the Computer to remotely install windows updates on.
#>


Install-Module -Name PSWindowsUpdate -RequiredVersion 2.1.0.1 -Force
Import-Module PSWindowsUpdate -Force
Get-WindowsUpdate -install -acceptall

After i schedule the task nothing is happening.What i am doing wrong?

powershell
powershell-remoting
windows-update
windows-security
asked on Stack Overflow Sep 10, 2019 by Harshith R • edited Sep 16, 2019 by Harshith R

2 Answers

1

This seems to be not possible by design:

It is impossible for remotely connected users to download stuff from the internet it appears.

answered on Stack Overflow Sep 10, 2019 by DarkLite1
0

Speaking about windows update, you have many options like:

  1. Connection using psexec tool then run wuauclt /detectnow /updatenow

  2. If you are using windows 10 /server 2016 , the tools was replaced with USOClient.exe which is more effective.

answered on Stack Overflow Sep 10, 2019 by Mahmood Shehab

User contributions licensed under CC BY-SA 3.0