In this post, I will demonstrate how to query the list of computers in a WSUS group using PowerShell.
Introduction
We all know that WSUS is a patching tool and we can create custom groups inside it to manage the approvals and to do better organization. When you have a various groups in WSUS console, how do you know the list of computers currently members of a given WSUS group. The PowerShell script described in this article will help you in querying this information.
Connect to WSUS server
First of all, we need to connect to the WSUS server from which you want to query the group information. The below code will help you to connect to a WSUS server and $wsus stores the reference information of that.
[void][reflection.assembly]::LoadWithPartialName("Microsoft.UpdateServices.Administration") $wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::getUpdateServer("SRVWSUS1",$False)
List all WSUS groups
Once connected to the server, we need to find out what all groups available in that particular WSUS server. This can be done by calling GetComputerTargetGroups() method.
$wsus.GetComputerTargetGroups()
Get the WSUS group you want
After you decide on the group that you want to query, just filter the output of the above command. For example, if the group that I am interested in is “America Computers”, then I can use something like to get the group I need.
$mygroup = $wsus.GetComputerTargetGroups() | ? {$_.Name -eq "America Computers"}
List members of WSUS group
Once the group reference object is available, its matter of calling querying the member names (aka targets) of this group by invoking the method GetComputerTargets(). The output will contain list of computer objects along with other properties like last sync time, last reported time, etc. The below command will return all target computers FQDNs.
$mygroup.GetComputerTargets() | select FullDomainName
Hope this helps and happy learning.