I have be working with a customer whereby the Server Environment cannot be connected to the Internet until it has been fully tested for security risks. So the first challenge is to apply all latest Windows Updates, myself and my colleague had the boring task of downloading every single .msu manually from the Microsoft Download Centre (I am just glad it wasnt for Windows 2008 r2 Server Environment otherwise it would have been a complete nightmare).
The next challenge was to apply all the .msu across 20 Physical Servers and as you can imagine sitting here clicking away is every consultants worst nightmare. So we have managed to find a script that other people have used in our position but there has been many different variations of the script. So in the end we used the below.
SETLOCAL ENABLEEXTENSIONS ENABLEDELAYEDEXPANSION
FOR /R “%~dp0” %%A IN (*-KB*.MSU) DO (
CALL :SUB %%~nA
ECHO= Installing KB!KB_NUM!
>NUL TIMEOUT /t 3
WUSA “%%A” /quiet /norestart)
ECHO= == Press any key to restart ==
>NUL PA– USE
SHUTDOWN.EXE /r /t 0
FOR /F “DELIMS=-” %%B IN (“%KB_NUM:*-KB=%”) DO SET “KB_NUM=%%B”
I just want to point out a couple of issues we have noticed using this script the ( “ ) will need to be changed on the host machine and the ( @ ) as for some reason Windows 2012 doesnt like this characters in the current format. So you will have to delete and replace the characters in order to get the script to run successfully.
So once you have corrected the script for your deployment, you only need to create a .bat file within the location of the .msu files then run the script. It will now start the installation and prompt you to reboot the server once the updates have been installed