For some reason most seem to think that after installing Windows Update Services all is fine and the server can be forgotten and left in a dark corner. I know today we talke about pets and cattle, servers that we care about and servers we replace with new as soon as something is not 100% with them. However a WSUS server is not cattle it is a pet and needs some TLC to continue running smoothly.
The most common problem with a WSUS server is that the DB grows out of control due to not beeing clean up. Since WSUS has been left in a dark corner chances are that it is still running Windows Server 2008 R2 and the powershell cmdlets to WSUS in 2008 R2 is in diplomatic words limited. So again doing what most do, you run the cleanup wizard manual once every eon right?
And when that eon finaly comes around the wizard can’t complete due to the amount of patches and time it takes to clean them.
There are ways of cleaning up even the most horrible setup of WSUS using store procedures inside the database. This is however VERY time consuming. What you instead should do is run a cleanup script that automates the job of the cleanup process for you. A simple scheduled task that runs a script that initiates the clean up and logs the output to a nice log you know whats going on.
I have seen a couple online and most are either limited in their logging or are written for 2012 R2 wich has some nice cleanup cmdlets built in to powershell. So I have written my own and you can find the script here http://bit.ly/1TAd9IN
I would recommend you create a scheduled task that runs this weekly with the following commandline “cmd.exe /c PowerShell.exe -ExecutionPolicy Bypass -File <Path To File>\Cleanup-Wsus.ps1”
If you run this from the same folder i use (C:\Script) the script will work with the above line if you have another folder add the following after the filename “-logfile <Path to use\Logname.log>” and it will use that instead.
If you want to read more about the script just use get-help cleanup-wsus.ps1
Keep your WSUS happy!