使用 GUI 添加角色和功能时,需要执行一些额外步骤,以便进行一些额外配置。例如,安装 WSUS 时,需要执行几个标记为“角色服务”和“内容”的步骤,以便选择要使用的数据库并设置此数据库的位置。(下图)
但是,假设我想通过 powershell 安装它。我会输入以下内容:
Import-Module servermanager
Install-WindowsFeature -Name UpdateServices -IncludeAllSubFeature -IncludeManagementTools
但是,这不允许我像 GUI 那样指定要放置数据库的位置。是否有任何命令可让我从 powershell 进一步配置 WSUS?
谢谢。
答案1
类似这样的功能还有很多。当我升级我们的 WSUS 服务器时,我使用这个命令来识别自定义数据库位置:
& "$env:programfiles\update services\tools\wsusutil.exe" postinstall CONTENT_DIR=E:\WSUS\
要完成到新服务器的迁移还需要许多其他步骤 - 在服务器上分配新的 guid 后,我第二次调用此实用程序。
另一个例子...安装管理工具包后,然后dism.exe
使用使能够特定工具,如 Active Directory 用户和计算机。
编辑:好的……这是我用来启动新 WSUS 服务器的脚本。请记住,它是针对我们环境的,可能需要进行一些调整才能运行您的环境:
<#
Initial setup script for WSUS 6.3 (Server 2012)
Created : 12/02/2014
#>
$oldserver = "[enter DNS name of old server]"
$newserver = $env:ComputerName
$WID = "\\.\pipe\Microsoft##WID\tsql\query"
$WIDService = "MSSQL`$MICROSOFT##WID"
Function Create-Group ([String]$name, [String]$desc) {
$objOu = [ADSI]"WinNT://$newserver"
$objGroup = $objOU.Create("group", $name)
$objGroup.SetInfo()
$objGroup.Description = $desc
$objGroup.SetInfo()
}
Function Confirm($message) {
$caption = "Confirm"
$yes = new-Object System.Management.Automation.Host.ChoiceDescription "&Yes","help"
$no = new-Object System.Management.Automation.Host.ChoiceDescription "&No","help"
$choices = [System.Management.Automation.Host.ChoiceDescription[]]($yes,$no)
$host.ui.PromptForChoice($caption,$message,$choices,0)
}
If (-not ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) {
Write-Host "Script needs to be run as Administartor"
Exit 0
} Else {
If (Confirm("You are about to run the WSUS setup script. Do you want to continue?") -eq 1) {
Exit 0
}
}
Import-Module SQLPS
# Add the WSUS role to the server
Write-Host "Installing the WSUS Server Role - post-install configuration will be run as part of this script"
Install-WindowsFeature -Name UpdateServices -IncludeManagementTools -WhatIf
Install-WindowsFeature -Name UpdateServices -IncludeManagementTools
# Copy WSUS patches to new server
Write-Host "Copying patch repository from \\$oldserver\E$\WSUS"
Copy-Item "\\$oldserver\E$\WSUS" "\\$newserver\E$\" -Recurse
# Copy WSUS database to new server
Write-Host "Copying WSUS Database from \\$oldserver\E$\WSUS DB Backups\Backup.bak"
Copy-Item "\\$oldserver\E$\WSUS DB Backups\Backup.bak" "\\$newserver\E$\TEMP"
# Create WSUS Security groups on new server
Write-Host "Creating WSUS access groups"
Create-Group "WSUS Administrators" "WSUS Administrators can administer the Windows Server Update Services server."
Create-Group "WSUS Reporters" "WSUS Administrators who can only run reports on the Windows Server Update Services server."
# Populate groups via group policy
gpupdate /force
# Ensure the Windows Internal Database (WID) is running and set to auto startup
Write-Host "Checking Windows Internal Database"
(Get-Service -Name $WIDService -ComputerName $newserver).Start
Set-Service -Name $WIDService -ComputerName $newserver -StartupType Automatic
Start-Sleep -s 5
# Create a blank DB for new WSUS instance
Write-Host "Creating blank DB for WSUS"
$sql = New-Object Microsoft.SqlServer.Management.Smo.Server($WID)
$db = New-Object Microsoft.SqlServer.Management.Smo.Database($sql, "SUSDB")
$db.Create()
Write-Host "DB created on " $db.CreateDate
Start-Sleep -s 5
Write-Host "Restoring \\$newserver\E$\WSUS DB Backups\Backup.bak to new server"
Write-Host "Note: there WILL be one warning"
# Drop the newly created DB
Invoke-SqlCmd -InputFile ".\SUSDB_Drop.sql" -ServerInstance $WID -OutputSqlErrors $True -Verbose
Start-Sleep -s 5
# Restore the previous DB over the blank DB
Invoke-SqlCmd -InputFile ".\SUSDB_Restore.sql" -ServerInstance $WID -OutputSqlErrors $True -Verbose
Start-Sleep -s 5
# Run the WSUS postinstall command with the patch folder
Write-Host "Identifying WSUS repository as E:\WSUS"
& "$env:programfiles\update services\tools\wsusutil.exe" postinstall CONTENT_DIR=E:\WSUS\
# Give the WSUS instance a new identity (powershell)
Write-Host "Creating new ID for WSUS server"
$updateServer = Get-WsusServer -Name $newserver -Port 8530
$config = $updateServer.GetConfiguration()
$config.ServerId = [System.Guid]::NewGuid()
$config.Save()
# Re-run the postinstall with the new identity
Write-Host "Running WSUS postinstall with for ID"
& "$env:ProgramFiles\Update Services\Tools\wsusutil.exe" postinstall
# Change the WSUS service to run on port 80 (as per current server)
Write-Host "Changing default WSUS port to port 80"
& "$env:programfiles\update services\tools\wsusutil.exe" usecustomwebsite false
# Replicate SQL security using query provided by DST
Write-Host "Restoring SQL permissions"
Invoke-SqlCmd -InputFile ".\SUSDB_RoleUsers.sql" -ServerInstance $WID -OutputSqlErrors $True -Verbose
答案2
一旦通过 PowerShell 安装了某个功能,就可以使用该功能的 PowerShell 模块完成配置。
但是并非所有 Windows 功能都具有完整的模块,您的 WSUS 任务(移动 WSUS 数据库位置)就是这样一个例子。但这并不意味着不能使用 PowerShell 来完成任务,只是需要额外的步骤。
微软有一篇 Technet 文章这里演示如何使用 wsusutil 命令行程序设置数据库位置。