windows updates

Archives Ansible Developer
1

Hi all,
I’m pinging the group to see if anyone is interested / working on windows update support (running updates, checking config) – I’m not a windows admin, but this is something that i’d like to see.

Am I going about this the wrong way? i’d love to hear what the group has to say about this!

Thanks,
Dann

2

I haven't seen anything yet regarding a module for Windows Updates, but
would be interested in it.

http://gallery.technet.microsoft.com/scriptcenter/2d191bcd-3308-4edd-9de2-88dff796b0bc
might be a good resource for understanding the associated PowerShell
commands.

3

I’d be interested in testing something like this.

The things I’d want to achieve with such a module would be

1/ to have a way of knowing that hosts are running the very latest version of windows updates (latest state) or are running a specific set of updates, let’s call that ‘known state’
2/ a way of identifying the specific set of updates that a host is using so exactly the same updates can be applied to other hosts.

Worth thinking about whether to put win update information into the window stats module too, although that would probably need some thought due to the sheer volume of information about windows updates.

Jon

4

At least your 2nd point is fairly easy to implement. It’s super-easy to take a Windows DSC resource and convert it into an Ansible module, and now that the PowerShell team has published their WindowsUpdate module, we can turn that into an Ansible module in almost a jiff. The params would be something along the lines of:

Uri = “http://hotfixv4.microsoft.com/Microsoft%20Office%20SharePoint%20Server%202007/sp2/officekb956056fullfilex64glb/12.0000.6327.5000/free/358323_intl_x64_zip.exe
Id = “KB956056”
Ensure=“Present”

Would that work for you? We could also probably sprinkle some magic around the Uri part so that we try and find the update in the Windows Update Catalog if the Uri param isn’t specified.

On your first question, you want to check if the managed node “thinks” there’s an update it should install (same as “Available updates” in the control panel)? I’ve seen some code around that, I think there’s a COM api to tap into to get that kind of reporting too.

-Trond