Sign in
 
HomeWindows Server 2012Windows Server 2008 R2Windows Server 2003LibraryForums
Windows Server TechCenter >
Which Updates did my clients install?

Answered Which Updates did my clients install?

  • Thursday, November 20, 2008 9:34 PM
     
     
    Sign In to Vote
    0
    I have just started testing WSUS 3 in a domain environment.  I have created 2 test groups, each to receive different updates.  I can see that each group has received updates as scheduled and everything seems to be working fine.  However, I do have one question.

    Being that I have not disqualified any updates at all, there are more that 1500 available updates on my server at this time.  I can see that one of my machines installed approximately 24 updates based on the needed updates number that has decreased by that number.  However, because I approved a great number of updates for that group of computers, which includes different versions of Office, etc.  How can I tell which updates where installed on each machine?

    Please advise, or ask for clarification.


    Thanks,

    Bud Veltman
    bud.veltman@verizon.net
     
     

All Replies

  • Friday, November 21, 2008 5:58 AM
    Moderator
     
     
    Sign In to Vote
    0
    The INSTALLED updates will eventually be reported by the client as "Installed" in the WSUS Admin Console.

    The NOT INSTALLED updates, which were previously reported as "Needed", will eventually be reported as "Not Applicable" (by virtue of having a superceded update successfully installed).
    Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP
    Principal/CTO, Onsite Technology Solutions, Houston, Texas
    Microsoft MVP - Software Distribution (2005-2009)
     
  • Friday, November 21, 2008 2:26 PM
     
     
    Sign In to Vote
    0

    Thank you for your reply.  However, when I add a computer into a group and it reports to the WSUS Server, the report will show that there are already (for example) several hundred of the 1500 total available updates already installed and that only 69 total updates need to be installed.  Of those, I may approve installation of the updates that are listed as critical or security updates.

    It is then very difficult to determine exactly which updates have already been installed in those categories versus which updates need to be installed on each individual machine in my groups.  Once the updates are actually installed by the workstations, I can tell that some were installed, but not all because of the number of updates that I approved compared to the number that are still required by the client.

    My question is, how do I tell which updates were installed when?  I know that I can go to the workstation and view the update history for this information.  I want to be able to view the update history (at least as it applies to WSUS) for each connected machine from the WSUS server.  How do I do that?

    Seeing that an update was installed does not help me unless I start taking full inventories of each machine upon first report to the WSUS Server and then with each scheduled update and hope that I do not forget to take an inventory or vacation, etc.

    Please advise.

    Bud Veltman

     
  • Friday, November 21, 2008 3:58 PM
    Moderator
     
     
    Sign In to Vote
    1
    > My question is, how do I tell which updates were installed when?
     
    > I want to be able to view the update history (at least as it applies to WSUS) for each connected machine from the WSUS server.

    From the Update, right click, run Status Report. Go to Page 2, and click on the hyperlinked "Install" in the Status column.

    The dialog will give you the log entry "Installation Successful" and the timestamp that the event was reported.

    You can also get this from the Updates Detailed Status report if you wish to review an entire class of updates.
    Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP
    Principal/CTO, Onsite Technology Solutions, Houston, Texas
    Microsoft MVP - Software Distribution (2005-2009)
     
  • Monday, November 24, 2008 1:43 PM
     
     
    Sign In to Vote
    0
    Thanks for the response.  This is not exactly what I was looking for, but it does help.  I gues now I am looking for an add-on or a script or something that will let me click on an individual computer from within WSUS and runa a status report that will tell me not only what has been installed, but when.

    Perusing through each update and or each class of updates looking for verification of the date updates were applied to a specific computer could get tedious.  My thinking is that I have some laptops that only log into the domain a couple of times per month.  I will want to track those laptops specifically to see when the updates from WSUS are being applied to their machines.  I will not have time to go through the updates in an attempt to determine if specific updates were applied these machines.  I understand grouping, etc., however, I believe that viewing a computer status report that has the date of the updates suits my situation best.

    Is there something out there that can help me accomplish this goal?

    Thanks,

    Bud Veltman
    bud.veltman@verizon.net
     
  • Monday, November 24, 2008 10:46 PM
    Moderator
     
     Answered
    Sign In to Vote
    0
    This level of administrative detail is pretty much where you hit the wall with WSUS.

    There are a couple of other options that may meet your needs...

    [1] If you're running WSUS on an actual SQL Server 2005 instance, you can use the SQL Server 2005 Report Builder to develop customized reports. See p66 of the WSUS Operations Guide for additional information.

    [2] You could develop a customized application using the WSUS API, WUA API, and WMI.

    [3] You might be a candidate for the Eminentware WSUS Add-On package. (http://www.eminentware.com)

    Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP
    Principal/CTO, Onsite Technology Solutions, Houston, Texas
    Microsoft MVP - Software Distribution (2005-2009)
    • Marked As Answer by Bud Veltman Tuesday, November 25, 2008 2:03 PM
    •