forums.wsusoffline.net

Hello All!

I am trying to use wsusoffline in a completely offline network environment using group policy and servers. Is there a way to accomplish this without too much of a hassle? I tried to set it up by putting all of the updater files on a share (like on a typical network) and I initially tried calling Update.cmd in the client folder via scheduled task and found that this wasn't working for Windows 7 PCs. I'm more curious is there a way to run the updateinstaller.exe with an "auto" switch that will let it proceed without someone having to hit the "start button" as that will elevate the cmd prompts and ensure functionality instead of me rewriting the scripts.

Ill take any ideas!


Thanks!

It looks like after searching through the forums for a little, there were others who had similar issues and came up with the following posts. I'll try it out tomorrow to see if it will work in my environment.

\\\\\\\\\\\\\\\\\

To implement it this way, you would have to create a scheduled task (which is running as admin), which mounts the network drive and calls .\client\cmd\DoUpdate.cmd.


net use Z: \\SERVER\wsusou /persist:no
Z:\cmd\DoUpdate.cmd <your parameters>

Parameters for task scheduler


English version:
/nobackup (Does not create a backup, only works for Windows XP) [only until WSUSOU 9.7]
/verify (Checks the intengrity of Files)
/instie7 (Installs Internet Explorer 7, only works for Windows XP) [only until WSUSOU 9.7]
/instie8 (Installs Internet Explorer 8, only works for Windows XP & Vista) [only until WSUSOU 10.3.2]
/instie9 (Installs Internet Explorer 9, only works for Windows Vista & 7) [only until WSUSOU 10.3.2]
/instie10 (Installs Internet Explorer 10, only works for Windows 7) [only until WSUSOU 10.3.2]
/instie11 (Installs Internet Explorer 11, only works for Windows 7) [only until WSUSOU 10.3.2]
/instielatest (Installs the latest version of Internet Explorer [IE8 on WinXP; IE9 on Vista; IE11 on Windows 7]) [only until WSUSOU 10.3.2]
/skipieinst (Avoid mandatory installation of most recent Internet Explorer) [since WSUSOU 10.6]
/updatetcerts (Updates the Root certificates, only works for 32bit/x86 systems) [only until WSUSOU 9.7]
/updatecpp (Updates Microsoft C++ runtime)
/updatedx (Updates Microsoft DirectX, not valid for Windows 8.x) [only until WSUSOU 9.2.1]
/instmssl (Update / Install Microsoft Silverlight)
/updatewmp (Installs Windows Media Player 11, only works for Windows XP) [only until WSUSOU 9.2.1]
/updatetsc (Updates Remote Desktop)
/instdotnet35 (Installs Microsoft .NET Framework 3.5 SP1, only works for Windows XP & Vista)
/instdotnet4 (Installs Microsoft .NET Framework 4 on Windows XP / .NET Framework 4.6 on Windows Vista, 7, 8.x) [not valid for Windows 10]
/instpsh (Installs Microsoft Powershell, only works for Windows XP & Vista, requires .NET 3.5 SP1)
/instwmf (Installs Windows Managment Framework 5.0, only for Windows 7 & 8.x)
/instmsse (Installs Microsoft Security Essentials, only for Vista & Windows 7)
/instwd (Installs Windows Defender, only works for Windows XP) [only until WSUSOU 7.4.1]
/instofc (Installs the Office File Converter, requires Office 2003, only works for Office 2003) [only until WSUSUO 9.2.1]
/instofv (Installs the Office File validation, requires Office 2003 or 2007, only works for Office 2003 & 2007)
/autoreboot (Reboots the computer and continues the update process, if required)
/shutdown (Shuts down the computer after the end of the update process)
/showlog (Shows log file after update completes)
/all (Installs all updates, including those, which are installed; only use, if you have trouble with Windows Update)
/excludestatics (Does not install statically defined updates)
/skipdynamic (Skips the dynamic determination of updates, I do not recomment using it)
/skipdefs (Avoid mandatory installation of most recent Windows Defender and Microsoft Security Essentials definition files) [since WSUSOU 10.7.4]

(Original post: viewtopic.php?f=4&t=4888&p=15539&hilit=group+policy#p15539 )

I'd recommend you to create a short local cmd-script like the one posted before.

Code: Select all

net use Z: \\SERVER\wsusou /persist:no
Z:\cmd\DoUpdate.cmd <your parameters>


Then run it using the task scheduler with admin-rights using the command

Code: Select all

C:\Windows\System32\cmd.exe /k "<path to the script>"

Thanks aker! The only other issue I have now, is that the certificates in another offline, non-domain, environment aren't trusted. Updates seem to install for Windows 7 before it gets to a point where it throws up errors for certificate trusts and updates along with .net updates do not install. I get errors that state the certificates can't be verified or that the revocation process could not be started or "A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider."

So I am restarting the process and looking to see when exactly this happens and i'll post about the resolution here. Thanks!

Could be this: viewtopic.php?f=6&t=6098