This is exactly the info I have been looking for. Thank you Lawrence you
have been very helpful.
Post by Lawrence Garvin (MVP)
Post by Casey Motherway
I am still unsure however, how to determine which updates are considered
"optional" programatically. Is there a way to do this with WUA?
Unfortunately there is not. While the MSRC Severity is coded in the metadata
for security updates, the issue of Optional vs (non)Optional is really
insignificant to the WSUS environment -- either you're going to approve the
update or you're not -- and that data is not coded in the metadata.
The issue of Important vs Recommended vs Optional is really only significant
to the Vista "Automatic Updates" scenario, where the Vista user wishes to
exercise some control over the volume (or type) of updates automatically
installed. In a WSUS scenario, that decision is made by the WSUS
Administrator, presumably by some more specific criteria (like =Needed= or
=Not Wanted=), rather than the classification applied by Microsoft Update.
Possibly a more appropriate way to achieve what I think you're trying to
achieve is to based the decision based on the update Classification (e.g.
Critical Updates, Security Updates, Update Rollups, Service Packs,
Definition Updates, etc.). Anything that would be classified as Optional
Updates will *not* be in one of these enumerated classifications. In WSUS,
almost without exception, "Optional Updates" would be distributed in the
generic "Updates" classification; although, not all content in the "Updates"
classification is necessarily optional content.
Lawrence Garvin, M.S., MCITP(x2), MCTS(x5), MCP(x7), MCBMSP
Principal/CTO, Onsite Technology Solutions, Houston, Texas
Microsoft MVP - Software Distribution (2005-2009)
MS WSUS Website: http://www.microsoft.com/wsus
My Websites: http://www.onsitechsolutions.com;
My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin