Windows Server Updates Services is a nice tool that can be used in network deployments that enables network administrators to fine tune their windows patching process. Essentially WSUS creates a local repository of updates that it has downloaded from Microsoft to deploy to client machines. While this is great, the repository depending on what you are updating, can swell in size. Some older installations I have seen are upwards of 20+ GB. WSUS does provide a way to clean the repository of old updates that have been superseded, however that process is a manual one. This is where we can use Powershell once again. Below is a Powershell scipt that can be used as a scheduled task that will automate the WSUS cleanup process. This script can be extended even further by adding email notification using this code.
#################################################### # # CleanupWsus.ps1 # Author: Matthew Marable # Updated: Mar 25, 2013 # # Description: # Clean WSUS Database # #################################################### Add-Type -Path "C:\Program Files\Update Services\API\Microsoft.UpdateServices.Administration.dll"; $UseSSL = $False $PortNumber = 80 $Server = "localhost"; $WSUSConnection = [Microsoft.UpdateServices.Administration.AdminProxy]::GetUpdateServer($Server,$UseSSL,$PortNumber) #Clean Up Scope $CleanupScopeObject = New-Object Microsoft.UpdateServices.Administration.CleanupScope $CleanupScopeObject.CleanupObsoleteComputers = $True $CleanupScopeObject.CleanupObsoleteUpdates = $True $CleanupScopeObject.CleanupUnneededContentFiles = $True $CleanupScopeObject.CompressUpdates = $True $CleanupScopeObject.DeclineExpiredUpdates = $True $CleanupScopeObject.DeclineSupersededUpdates = $True $CleanupTask = $WSUSConnection.GetCleanupManager() $Results = $CleanupTask.PerformCleanup($CleanupScopeObject) # Export results to a txt file $Results | Out-File "C:\Admin Tools\wsus-cleanup-report.txt" # TODO Send success email