I'm trying to find a way to create a WSUS report of updates that have been approved for computer group A that have not been approved for one or more other groups. Alternatively, a tabular report that lists the approval status for each update and each group, so that it can be processed to extract what I need. There doesn't appear to be such a report in WSUS itself, or at least not one I can find, so a script to produce such a report would be most welcome.
WSUS report approvals for a group
wsus
Best Answer
This powershell script does exactly what your initial request was. Examine one computerGroup and find updates not approved for one or multiple other computer groups.
Note You will need to run this either on a WSUS server or a machine that has the WSUS Admin tools installed.
Configuration
Set
$targetComputerGroup
to the Computer Group you want to use as a baseline Set$CheckForMissing
to the names of the group or groups you want to see if they have been approved for. Note: To do multiples just coma seperate ("Group1,Group2")When Completed you will have output an output like:![enter image description here](https://i.stack.imgur.com/17tJO.png)
If instead of outputing to the screen you want to export the list to a CSV replace the bottom portion with the following code: