Windows updates can be installed after a VM is deployed using the sample script in this article.  The script will fetch updates directly from Microsoft, install them and reboot the system.



Requirements:

  • vCommander scripts (Download here)
  • PowerShell v5 installed on the target VM
  • Embotics® vCommander® 6.1.7 or later
  • Embotics vCommander 2.8 REST API PowerShell libraries (Download here)
  • If not already done, create an encrypted credentials file for vCommander  using the PowerShell command: New-EncryptCredential -destFilePath C:\scripts\credential.xml

Step 1: Setting up the Script

1. Download and copy the attached WindowsUpdate.zip file to the vCommander Server

2. Extract the WU.ps1 file to c:\scripts on the vCommander server


Step 2: Setting up the Workflow


1. Create a new completion workflow or edit an existing one.  Ensure the target VM has passed its customization, has an IP address and is registered in DNS by using the three wait steps below.


Step Type: Wait for event

Step Execution: Always Execute

Wait For: Guest OS Customization to Complete

Wait Time: 300 Seconds

Wait Time Exceeded: Proceed to next workflow step


Step Type: Wait for event

Step Execution: Always Execute

Wait For: Service to obtain IP address and DNS

Wait Time: 300 Seconds

Wait Time Exceeded: Proceed to next workflow step


Step Type: Wait for event

Step Execution: Always Execute

Wait For: Time to elapse

Wait Time: 300 Seconds

Wait Time Exceeded: Proceed to next workflow step



2. During the workflow, the script will be copied from the vCommander server to the target VM to be executed.  As such, you will need to ensure there is a writable directory on the target VM.  To do this add a workflow step with the parameters below:


Step Type: Run Program

Step Execution: Always Execute

Timeout: 300 Seconds

Credentials: Local Administrator of the Target VM

Program Output: Do not capture program output

When Program Fails: Mark workflow step as failed: do not proceed

Command Line: if exist c:\Scripts (exit) else (mkdir c:\Scripts)


3. Next we will copy the script from the vCommander server to the target VM using the following workflow step:


Step Type: Copy File

Step Execution: Always Execute

When Steps Fails: Mark workflow step as failed: do not proceed

Credentials: Local Administrator of the Target VM

Source: c:\scripts\WU.ps1

Destination: c:\scripts\WU.ps1

Overwrite: Yes


4. Next we will execute the script. To do this, add a workflow step with the parameters below:

*Important Note* Make sure to set the timeout to 0 (no timeout) as windows updates will vary in the amount of time to download and install.


Step Type: Run Program

Step Execution: Always Execute

Timeout: 0 seconds

Credentials: Local Administrator of the Target VM

Program Output: Capture program output as comment

When Program Fails: Mark workflow step as failed: do not proceed

Command Line: powershell -executionpolicy bypass c:\scripts\wu.ps1


Once done the example Workflow steps will look like this:



Step 3: Monitoring Updates


There will be no indication through vCommander on the status of the updates being installed.  The workflow will remain in a running state until the updates are completed and the server is rebooted.


To periodically check up on the server you can open a console connection and look for the  Windows Modules Installer Worker process in task manager.  If this process is running then it means that the updates are being downloaded and installed.  Typically this takes about 1 Hour, although there are a number of environmental factors that can impact this time drastically (Network speed, disk speed, system resources etc).