Installing hotfixes on a 2008 R2 server remotely via command line

Psxec.exe and wusa.exe can be used to remotely install updates on a server, when you don’t have any kind of console access. This could also be used on a server core installation, or where you wanted to quickly deploy a patch to multiple machines.

I was recently in a situation with a couple of servers where ILO was not working due to a firewall issue, and SP1 for Windows Server 2008 R2 had broken RDP, requiring the RDP hotfix Windows6.1-KB2667402-v2-x64.msu (http://support.microsoft.com/kb/2667402). So I had to install the hotfix but had no console access.

In this case you can use a combination of psexec.exe – a sysinternals utility for executing commands remotely (http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx), combined with wusa.exe, the Windows Update Stand-alone Installer (http://support.microsoft.com/kb/934307). You can do this as follows:

  1. Copy the hotfix to the drive of the machine you want to install the patch on e.g. to c:\temp
  2. Download psexe.exe to a machine which you do have access to.
  3. Run the command:
D:\Scripts\psexec.exe -s \\server wusa.exe "c:\temp\Windows6.1-KB2667402-v2-x64.msu" /quiet

Note the following:

  • Look in the Setup eventlog for results.
  • Add the /norestart switch if you do not want the remote machine to reboot automatically after the patch install.
  • If the command exits with Error code 1641, that is a success and the machine should reboot if it needs to.
  • The –s switch for psexec runs with required permissions.

Backinfo PowerShell script

Update: I have created a self-contained install script which will install and set backinfo with 2 clicks – here.

Here is a quick script that will copy backinfo.exe to a PC and create a registry setting to run at logon. You’ll need to run PowerShell as administrator, and modify the robocopy line as you see fit.

clear-host
[console]::title = "Backinfo Setup Script"

function Robocopy ($source, $destination)
{

#Set backup file location and create if not existing

$timenow = get-date -Format ddMMyyhhmmss
#Set log file location
$logfile = "RobocopyLog.txt"

robocopy.exe $source $destination /e /r:0 /w:0 /tee /log+:$logfile

write-host "Robocopy finished"

#End function
}
Robocopy "\\server\source\software\backinfo" "C:\Program Files\Backinfo"

New-ItemProperty -Path "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" -Name BackInfo 

-Type String -Value "C:\Program Files\BackInfo\Backinfo.exe"
#Run it now
CD "C:\Program Files\BackInfo\"
.\backinfo.exe

Note that you should also right click on the file (as an Administrator) and choose Properties, and then unblock. This will mean that all users run this without a security warning.

Also see my other post for more info and to download backinfo – https://www.msdonkey.com/server/backinfo-desktop-background/

Edit: Here is a complete file with the scripts, batch file and backinfo files. Just edit the location in the ps1 script: backinfo_complete