how to install a specific KB from windows update

I am trying to install a specific update KB4541509

but it is not getting installed. I got the playbook running but not getting installed

here is from the ansible win log

2020-05-17 10:22:51Z Creating Windows Update session…
2020-05-17 10:22:51Z Create Windows Update searcher…
2020-05-17 10:22:51Z Setting the Windows Update Agent source catalog…
2020-05-17 10:22:51Z Requested search source is ‘windows_update’
2020-05-17 10:22:51Z Search source set to ‘windows_update’ (ServerSelection = 2)
2020-05-17 10:22:51Z Searching for updates to install
2020-05-17 10:28:12Z Found 6 updates
2020-05-17 10:28:12Z Creating update collection…
2020-05-17 10:28:12Z Skipping update d1fe2427-174b-4b7b-ba04-69aa90060d12 - Microsoft .NET Framework 4.8 for Windows Server 2012 R2 for x64 (KB4486105) as it was not found in the whitelist
2020-05-17 10:28:12Z Skipping update ce061df5-b9f2-475f-9850-50ad5b7b9693 - 2020-02 Security Update for Adobe Flash Player for Windows Server 2012 R2 for x64-based Systems (KB4537759) as it was not found in the whitelist
2020-05-17 10:28:12Z Skipping update ebfa39a3-52fe-4ff1-b7d4-375ad1654c04 - 2020-03 Servicing Stack Update for Windows Server 2012 R2 for x64-based Systems (KB4540725) as it was not found in the whitelist
2020-05-17 10:28:12Z Skipping update 533cf583-0396-4862-a1d5-6200a46f82ba - 2020-05 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Server 2012 R2 for x64 (KB4556401) as it was not found in the whitelist
2020-05-17 10:28:12Z Skipping update 2221dd34-39bb-4f16-b320-be49fe4a6b95 - Windows Malicious Software Removal Tool x64 - v5.82 (KB890830) as it was not found in the whitelist
2020-05-17 10:28:12Z Skipping update 4aeb4fc1-39c2-4514-be30-33e57845a002 - 2020-05 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB4556846) as it was not found in the whitelist
2020-05-17 10:28:12Z Calculating pre-install reboot requirement…
2020-05-17 10:28:12Z Native job completed with output:
Name Value

updates {}
found_update_count 0
changed False
reboot_required False
installed_update_count 0
filtered_updates {2221dd34-39bb-4f16-b320-be49fe4a6b95, 4aeb4fc1-39c2-4514-be30-33e57845a002, d1fe2427-174b-4b7b-ba04-69aa90060d12, ce061df5-b9f2-475f-9850-50ad5b7b9693…}

not sure why it was looking for those KB as I whitelisted only 1 KB to install

Screen Shot 2020-05-17 at 10.40.06 AM.png1929×974 34.9 KB

When you Run Windows Update it returns all available Updates as you can see from your Output it’s skipping as they aren’t in the Whitelist

Your WHEN statement is wrong. you need to Set it to something like when: update_result.reboot_required == True

this is my error

FAILED! => {“msg”: “The conditional check ‘update_result.reboot_required == true’ failed. The error was: error while evaluating conditional (update_result.reboot_required == true): ‘update_result’ is undefined\n\nThe error appears to be in ‘/home/tony/windows/install_windows_KBxxxxx_updates.yml’: line 15, column 7, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n - name: reboot host if required\n ^ here\n”}

Your register statement on the win_updates task is incorrectly indented

Thank you

any idea how I would installed one specific KB and ignore anything else from windows update?

would it be like this?

It seems every Question you post in here 90% of the troubleshooting seems to be issues around your indentation, I’ll recommend reading up on the basic of Ansible and how yaml works if your having issues like these… Also can you Please fix this from the code you have above, Run it and see what error comes out from it ?

If you read the Ansible Doc on Win_update https://docs.ansible.com/ansible/latest/modules/win_updates_module.html You code seems fine, again Run it and see what issues you get…