Testing Updates


Applies To: Windows Server Update Services

You should ensure that your update is thoroughly tested in a laboratory environment before publishing it to a wider network. Some of the verification points are listed in the following sections.

The following points list some of the basic scenarios that your testing should include. You can use the following log files as part of the verification steps:

  • %windir%\WindowsUpdate.log (for client download and installation issues)

  • WSUSInstallDir\SoftwareDistribution.log (for server issues)

Verify that the update was published correctly

Because locally-published updates are not visible in the WSUS administration console, you need to test that the update was published with the WSUS API. For example, you can find an update entitled "My MSP Package" with the following code:

IUpdateServer server = AdminProxy.GetUpdateServer();  
UpdateCollection updates = server.SearchUpdates("My MSP Package ");  
if (updates.Count > 0)  
     //found the update  
     //did not find the update  

Verify that the update is offered and installed where it is applicable

The published update should be offered to a target computer that satisfies the applicability rules. You will need to approve the update using the WSUS API before testing update installation. The following code shows how to approve a given update:

UpdateCollection updates = server.SearchUpdates("Exe Package");  
if (updates.Count > 0)  

You should ensure that the update is installed on computers with a variety of configurations that match the requirements.

You should test both interactive and silent installation of the update.

Verify that the update is not offered where it is not applicable

The update should not be offered to computers that do not satisfy the applicability rules. The set of all configurations in which the update is not applicable is potentially very large. You should take into consideration computers that with different processor architectures, different operating systems, different service pack levels of the operating system, different versions of the application, and different patch levels of the application. You should determine the exact conditions that need to be checked based on the client machine configurations that are typical in your organization. This is a very important verification point. Your update should not be offered to computers that do not need it or should not get it

You can force the computer to check for update against the server by running the following command:

wuauclt.exe /detectnow

Verify that the update was not installed where it is already installed

The update should be installed, then offered again. You should see that the update is not longer applicable for computers on which it is installed.

If you have a large number of machines where the update is applicable, you will need an automatic way to whether the targeted clients have installed the update successfully. An easy way to check the status of the update on multiple client computers uses the public views exposed in the WSUS database schema. For more information about public views, see Using WSUS Views. The following query produces a table in which the InstallationState column displays the installation state for a given computer.

vCT.Name as TargetName,   
sm.Name as InstallationState   
FROM PUBLIC_VIEWS.vUpdate as vU   
INNER JOIN PUBLIC_VIEWS.vUpdateInstallationInfo as vUII   
ON vU.UpdateId = vUII.UpdateId   
INNER JOIN PUBLIC_VIEWS.fnUpdateInstallationStateMap() as sm   
ON vUII.State = sm.Id   
INNER JOIN PUBLIC_VIEWS.vComputerTarget as vCT   
ON vUII.ComputerTargetId = vCT.ComputerTargetId   
WHERE vU.DefaultTitle = <Title of update>  

Community Additions