Invoke-CauRun

Specifies a set of name=value pairs for each updating plug-in to use. For instance, to specify a Domain argument for one plug-in:

• @{Domain=Domain.local} You can specify multiple pairs in a set separated with semicolons. For instance:
• @{name1=value1;name2=value2;name3=value3} These name=value pairs must be meaningful to the CauPluginName that you specify. If you specify arguments for more than one plug-in, provide the sets of name=value pairs in the order that you pass values in CauPluginName, separated by commas. For instance:
• @{name1=value1;name2=value2;name3=value3},@{name4=value4;name5=value5}

For the default Microsoft.WindowsUpdatePlugin plug-in, no arguments are needed. The following arguments are optional:

• 'IncludeRecommendedUpdates'='<Value>': Boolean value to indicate that recommended updates will be applied in addition to important updates on each node. If not specified, the default value is 'False'. -- A standard Windows Update Agent query string that specifies criteria used by the Windows Update Agent to filter the updates that will be applied to each node. For a name, use QueryString and for a value, enclose the full query in quotation marks. If not specified, then the Microsoft.WindowsUpdatePlugin plug-in by default uses the following argument:
• QueryString="IsInstalled=0 and Type='Software' and IsHidden=0 and IsAssigned=1"

For more information about query strings for the default Microsoft.WindowsUpdatePlugin plug-in and the criteria such as IsInstalled that can be included in the query strings, see IUpdateSearcher::Search method.

For the Microsoft.HotfixPlugin plug-in, the following argument is required:

• HotfixRootFolderPath: The UNC path to a hotfix root folder in an SMB share with a structure that contains the updates to apply and that contains the hotfix configuration file.

The following arguments are optional for the Microsoft.HotfixPlugin plug-in:

• RequireSmbEncryption=<Value>: Boolean value to indicate that SMB Encryption is enforced for data accessed from the SMB share. If not specified, the default value is False. To ensure the integrity of the data accessed from the SMB share, the plug-in requires that the share is enabled for either SMB signing or SMB Encryption.
• DisableAclChecks=<Value>: Boolean value to indicate that the plug-in checks for sufficient permissions on the hotfix root folder and the hotfix configuration file. If not specified, the default value is False.
• HotfixInstallerTimeoutMinutes=<Integer>: The length of time in minutes that the plug-in allows the hotfix installer process to return. If not specified, the default value is 30 minutes.
• HotfixConfigFileName=<name>: Name for the hotfix configuration file. If not specified, the default name DefaultHotfixConfig.xml is used.

For more information about required and optional arguments for the Microsoft.HotfixPlugin plug-in, see How CAU Plug-ins Work.

Specifies one or more plug-ins to use when performing updates. You can specify multiple values separated with commas. The default is the Microsoft.WindowsUpdatePlugin plug-in. This plug-in coordinates the Windows Update Agent software resident on each cluster node, the same software that is used when updates are downloaded from Windows Update or Microsoft Update, or from a Windows Server Update Services (WSUS) server. For more information about how plug-ins work with CAU, see How CAU Plug-ins Work.

Specifies a cluster for which this cmdlet installs updates.

Specifies the Windows PowerShell session configuration that defines the session in which scripts are run, specified by PreUpdateScript and PostUpdateScript parameters, and can limit the cmdlets that are available to run. If either a pre-update or post-update script is specified but a configuration name isn't specified, then the default session configuration that is built into Windows PowerShell is used.

Prompts you for confirmation before running the cmdlet.

Specifies the administrative credentials for the target cluster.

Enables the Remote Shutdown Windows Firewall rule group on each cluster node, if it isn't already enabled. If the EnableFirewallRules parameter is specified, CAU automatically re-enables the Remote Shutdown rule group each time the CAU clustered role performs an updating run, in case the rules are disabled manually in the intervening time. Enabling this rule group permits inbound communication to each cluster node during each updating run that allows CAU to shut down and restart the node remotely (if the installation of an update requires a restart). If Windows Firewall is in use on the cluster nodes and the rule group isn't enabled, the updating run will fail. The Remote Shutdown Windows Firewall rule group isn't enabled when it will conflict with Group Policy settings that are configured for Windows Firewall.

Specifies the method used to bring drained workloads back to the node, at the end of updating the node. Drained workloads are workloads that were previously run on the node, but were moved to another node. The acceptable values for this parameter are:

• NoFailback
• Immediate
• Policy

The default value is Immediate.

Forces the command to run without asking for user confirmation.

Indicates that the cmdlet recovers from a previous failed run that left the cluster in a Locked state.

This switch defeats the synchronization mechanism used to prevent two update coordinators from accidentally updating the same cluster at the same time. Use with care.

Specifies the maximum number of nodes on which updating can fail. If one more than this number of nodes fails, then the updating run is stopped. The range is from zero (0) through 1 less than the number of cluster nodes. The default for most clusters is approximately one-third of the number of nodes.

Specifies the maximum number of times that the update process (including any pre-update and post-update scripts) is retried per node. The maximum is 64 and the default is 3.

Specifies an array of cluster nodes names in the order that they are updated.

Specifies the path and file name for a Windows PowerShell script to run on each node after updating finishes, and just after the node is brought out of Maintenance mode. The file name extension must be .ps1 and the total length of the path plus the file name must be no longer than 260 characters. As a best practice, the script should be located on a disk in cluster storage, or at a highly available network share, to ensure that it is always accessible to all the cluster nodes.

Specifies the path and file name for a Windows PowerShell script to run on each node before updating begins, and before the node is put into Maintenance mode. The file name extension must be .ps1 and the total length of the path plus the file name must be no longer than 260 characters. As a best practice, the script should be located on a disk in cluster storage, or at a highly available network share, to ensure that the script is always accessible to all the cluster nodes. If a pre-update script fails, the node isn't updated.

Specifies the time in minutes that CAU allows for the restarting of a node. If the restart doesn't complete within this time, then the updating run on that node is marked as failed.

Indicates that all cluster nodes must be online and reachable before the update begins.

Indicates that CAU will scan each cluster node for applicable updates and stage the updates for each plug-in in the plug-in order passed into the CauPluginName parameter when multiple plug-ins are used during an updating run. By default, CAU scans and stages the applicable updates for all plug-ins in parallel. Regardless of the configuration of this parameter, CAU installs the applicable updates for each plug-in sequentially.

The parameter is valid only when multiple plug-ins are specified for the CauPluginName parameter. If a single plug-in is specified, a warning appears.

Indicates that CAU will shut down and restart a cluster node after each plug-in installs updates on the node, if the installation of an update by a plug-in requires a restart when multiple plug-ins are used during an updating run. By default, during an updating run, all plug-ins complete the installation of updates on a cluster node before the node restarts one time.

The parameter is valid only when multiple plug-ins are specified for the CauPluginName parameter. If a single plug-in is specified, a warning appears.

Specifies the time in minutes after which the updating run is canceled if it hasn't completed. The time span can be expressed in the standard ways available in Windows PowerShell, for instance, 01:30:00 represents one hour and thirty minutes. By default, the updating run is allowed an unlimited amount of time to complete.

If pre-update or post-update scripts are specified, then the entire process of running scripts and performing updates must be complete within this time limit.

Indicates that if a failure occurs during the application of updates on a node by any plug-in, subsequent updates on the node that are coordinated by the remaining plug-ins are stopped when multiple plug-ins are used during an updating run. By default, a failure by one plug-in doesn't affect the application of updates on a node by other plug-ins.

The parameter is valid only when multiple plug-ins are specified for the CauPluginName parameter. If a single plug-in is specified, a warning appears.

Specifies the maximum amount of time CAU should wait for the Suspend-ClusterNode cmdlet to succeed if the underlying clustered space is in degraded condition.

If Suspend-ClusterNode fails with ERROR_CLUSTER_SPACE_DEGRADED error, CAU will keep retrying for SuspendClusterNodeTimeoutMinutes or suspend the call if the command succeeds.

The retries for this error don't count towards the MaxRetriesPerNode parameter set by the user.

The timeout value is per cluster node. So CAU could potentially spend the amount of time specified for this value for every node in the cluster in the worst case.

Specifies the time in minutes after which a warning is logged if the updating run, including any pre-update and post-update scripts, hasn't completed. By default, no warning is logged, regardless of the time taken by the updating run.

Shows what would happen if the cmdlet runs. The cmdlet isn't run.