I was told to drop this here since the thread I initially drop it in was rather old and answered.
I have a script that I got from some of Boe's work and it works, for the most part, but it's lacking something in my opinion.
Right now, it approves updates by date but I have several groups and I would like to only approve them if they are needed by the group. Right now, since it approves them by date, it makes cleanup a bit cumbersome. There's no sense in approving a Windows 7 update if my production group of servers are all Server 2008-R2, Server 2012 and Server 2012-R2. Or, if the update is just not needed by any of the servers in a certain group, why would one want to approve it? My thought process tells me I should tweak the script to use Get-PoshWSUSUpdateSummaryPerGroup and then approve the updates needed by the group - but only up to a certain date. So, how could my current script be tweaked so that would take place? I think I'd have to use a pipeline of some sort, right? I'm still a bit new to PS...
Current script:
# Help for this script was found:
# http://poshwsus.codeplex.com/
# http://social.technet.microsoft.com/Forums/scriptcenter/en-US/03aa66a4-a855-43a3-8878-83f8d4703c6b/approve-patches-in-wsus-by-powershell?forum=ITCG
# http://blogs.technet.com/b/heyscriptingguy/archive/2012/01/20/get-windows-update-status-information-by-using-powershell.aspx
# PoshWSUS 2.2.1
# Install to %SystemRoot%\System32\WindowsPowerShell\v1.0\Modules prior to using this script.
Import-Module PoshWSUS
$WSUSServer = "h1p-wsus1.homenet.local"
Connect-PoshWSUSServer -WSUSserver "$WSUSServer" -port 8530
Get-PoshWSUSGroup | Select Name | Format-Table -AutoSize
$WSUSGrp = Read-Host -Prompt "Enter a valid group name from the list above."
$WSUSDate = Read-Host -Prompt "Updates approved should not be newer than... Example: 2014-12-31 or 2014-02-18."
$UpdateScope = New-Object Microsoft.UpdateServices.Administration.UpdateScope
$UpdateScope.ToCreationDate = [datetime]"$WSUSDate"
$Group = $wsus.GetComputerTargetGroups() | where {$_.Name -eq "$WSUSGrp"}
$wsus.GetUpdates($UpdateScope) | ForEach {
Write-Host ("Approving {0} for {1}" -f $_.Title,$Group.Name) -Fore Green -Back Black
$_.Approve('Install',$Group)
}
Disconnect-PoshWSUSServer