Script Exporting Computer Groups from a WSUS Server

    Imagine a situation where you have to restore rebuild your core offline WSUS server. If you have computer groups configured in your environment, the rebuild process will wipe them out from the root server. Then after the downstream servers synchronize they groups will be gone for good. In order to avoid that you need to export the computer groups and after the rebuild import them back to your root WSUS server

Usage:

    Save the code below to a .ps1 file. You can place it anywhere on your WSUS server and run it from the elevated PowerShell. It will create the WSUSGroupImport.ps1 file which will contain the script that has to be run on the WSUS server in order to re-import the computer groups over there.

Additional Notes:

    The script is using the double loop to iterate through all the branches of the Computer Groups tree in the WSUS server and re-creating the structure branch by branch down towards the leaves of the configuration tree

Code:

$updateServer = "localhost"
$useSecureConnection = $False
$portNumber = 80
Add-Type -Path "C:\Program Files\Update Services\Api\Microsoft.UpdateServices.Administration.dll"
$AdminProxy = New-Object -TypeName Microsoft.UpdateServices.Administration.AdminProxy
$WSUSServer = $AdminProxy.GetRemoteUpdateServerInstance($updateServer,$useSecureConnection,$portNumber)
$WSUSServer.PreferredCulture = "en"

$AllComputersGroup = $WSUSServer.GetComputerTargetGroups() | ?{$_.Name -match "All computers"}
$RootComputerGroups = $AllComputersGroup.GetChildTargetGroups() | ?{$_.Name -notmatch "Unassigned computers"}
$TempComputerGroups = $RootComputerGroups
$ImportCommand = @()
$LoopTempComputerGroups = @()

$ImportCommand += @'
$updateServer = "localhost"
$useSecureConnection' = $False
$portNumber = 80
Add-Type -Path "C:\Program Files\Update Services\Api\Microsoft.UpdateServices.Administration.dll"
$AdminProxy = New-Object -TypeName Microsoft.UpdateServices.Administration.AdminProxy
$WSUSServer = $AdminProxy.GetRemoteUpdateServerInstance($updateServer,$useSecureConnection,$portNumber)
$WSUSServer.PreferredCulture = "en"
'@

#Write-Host -Foreground Cyan "Root Computer Groups:"
#$RootComputerGroups

Do {
    ForEach ($ComputerGroup in $TempComputerGroups) {
            If ($RootComputerGroups -contains $ComputerGroup) {
                $ImportCommand += '$WSUSServer.CreateComputerTargetGroup("' + $ComputerGroup.Name + '")'
            }
            $LoopTempComputerGroups += $ComputerGroup.GetChildTargetGroups()
            ForEach ($ChildComputerGroup in $LoopTempComputerGroups) {
                $ImportCommand += '$group = $WSUSServer.GetComputerTargetGroups() | ?{$_.Name -eq "' + $ComputerGroup.Name + '"}'
                $ImportCommand += '$WSUSServer.CreateComputerTargetGroup("' + $ChildComputerGroup.Name + '",$group)'
            }
    }
    $TempComputerGroups = $LoopTempComputerGroups
    #Write-Host -Foreground Cyan "Temp Computer Groups:"
    #$TempComputerGroups
    $LoopTempComputerGroups = @()
} While ($TempComputerGroups)


$ImportCommand = $ImportCommand | select -uniq
$ImportCommand | Out-File .\WSUSGroupImport.ps1