How to Implement a PowerShell Continue/Abort Prompt Before WSUS Cleanup Operations


1 views

When automating WSUS (Windows Server Update Services) processes, there's often a critical stage where old or unnecessary files/objects need removal. While automation increases efficiency, adding a confirmation prompt before destructive operations is considered a best practice in PowerShell scripting.

Here's how to implement a clean, non-nested solution that gives users the option to continue with the cleanup or abort the operation:

# WSUS Update Approval (existing code)
Get-WsusServer 10.1.1.25 -PortNumber 8530 | 
    Get-WsusUpdate -Classification All -Approval Unapproved -Status FailedOrNeeded | 
    Approve-WsusUpdate -Action Install -Target $ComputerTarget -Verbose

Write-Host "Updates have been approved!"
Write-Host "Preparing to clean WSUS Server of obsolete computers, updates, and content files."

# Add the confirmation prompt here
$confirmation = Read-Host "Press ENTER to continue with cleanup or any other key to abort"
if ($confirmation -ne '') {
    Write-Host "Cleanup aborted by user."
    exit
}

# WSUS Cleanup (existing code)
Get-WsusServer $WSUS_Server -PortNumber $PortNumber | 
    Invoke-WsusServerCleanup -CleanupObsoleteComputers -CleanupObsoleteUpdates -CleanupUnneededContentFiles

For more complex scenarios, consider these variations:

Timeout with Default Action

$timeout = 30
$secondsPassed = 0
Write-Host "Press ENTER to continue or wait $timeout seconds for automatic abort..."

while (($secondsPassed -lt $timeout) -and (-not [Console]::KeyAvailable)) {
    Start-Sleep -Seconds 1
    $secondsPassed++
}

if ([Console]::KeyAvailable -or $secondsPassed -ge $timeout) {
    Write-Host "Cleanup aborted (either by user or timeout)."
    exit
}

GUI Confirmation Alternative

Add-Type -AssemblyName PresentationFramework
$result = [System.Windows.MessageBox]::Show(
    "Continue with WSUS cleanup operation?", 
    "Confirmation", 
    "YesNo", 
    "Question"
)

if ($result -eq "No") {
    Write-Host "Cleanup aborted by user."
    exit
}
  • Always log user decisions for audit purposes
  • Consider making the confirmation prompt configurable via parameters
  • Add -WhatIf support for your cleanup operations
  • Implement proper error handling around the cleanup section

When automating WSUS processes, we often need to insert user confirmation points - especially before destructive operations like cleanup tasks. The key requirement is to:

- Pause execution temporarily
- Display clear instructions
- Allow simple keyboard input
- Continue or abort based on user choice

The simplest approach uses PowerShell's built-in Read-Host cmdlet with conditional logic:

Write-Host "Updates have been approved!"
Write-Host "Preparing to clean WSUS Server of obsolete computers, updates, and content files."

$userInput = Read-Host "Press ENTER to continue with cleanup or any other key to abort"
if ($userInput -ne "") {
    Write-Warning "Cleanup aborted by user!"
    exit
}

# Proceed with cleanup if Enter was pressed
Get-WsusServer $WSUS_Server -PortNumber $PortNumber | 
    Invoke-WsusServerCleanup -CleanupObsoleteComputers -CleanupObsoleteUpdates -CleanupUnneededContentFiles

For more professional scripts, consider these enhanced approaches:

1. Timeout with Default Action

$timeout = 30 # seconds
$question = "Automatically proceeding with cleanup in $timeout seconds. Press ENTER to continue now or any key to abort"

$counter = 0
while(!$Host.UI.RawUI.KeyAvailable -and ($counter++ -lt $timeout)) {
    Write-Host "r$question [$($timeout - $counter)]" -NoNewline
    Start-Sleep -Seconds 1
}

if ($Host.UI.RawUI.KeyAvailable) {
    $key = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
    if ($key.VirtualKeyCode -ne 13) { # 13 = Enter
        Write-Warning "Cleanup aborted by user!"
        exit
    }
}

# Continue with cleanup

2. Graphical Confirmation (Windows Forms)

Add-Type -AssemblyName System.Windows.Forms
$result = [System.Windows.Forms.MessageBox]::Show(
    "Proceed with WSUS cleanup?",
    "Confirmation", 
    [System.Windows.Forms.MessageBoxButtons]::OKCancel,
    [System.Windows.Forms.MessageBoxIcon]::Question
)

if ($result -eq "Cancel") {
    Write-Warning "Cleanup aborted by user!"
    exit
}
  • Always provide clear action consequences in prompts
  • Include -WhatIf support for dangerous operations
  • Log user decisions for audit purposes
  • Consider implementing -Force parameter to bypass prompts
param(
    [switch]$Force
)

if (-not $Force) {
    $userInput = Read-Host "Press ENTER to continue with cleanup or any other key to abort"
    if ($userInput -ne "") {
        Write-Warning "Cleanup aborted by user!"
        exit
    }
}

Here's a complete implementation for your specific WSUS scenario:

# Part 1: Approve updates
Get-WsusServer 10.1.1.25 -PortNumber 8530 | 
    Get-WsusUpdate -Classification All -Approval Unapproved -Status FailedOrNeeded | 
    Approve-WsusUpdate -Action Install -Target $ComputerTarget -Verbose

Write-Host "Updates approved successfully!" -ForegroundColor Green

# Interactive confirmation
Write-Host "nWARNING: This will perform irreversible cleanup operations" -ForegroundColor Yellow
$choice = Read-Host "nPress ENTER to continue with WSUS cleanup (or type 'NO' to cancel)"

if ($choice -ne "") {
    Write-Host "Cleanup canceled by user." -ForegroundColor Cyan
    exit 0
}

# Part 2: Perform cleanup
try {
    Get-WsusServer $WSUS_Server -PortNumber $PortNumber | 
        Invoke-WsusServerCleanup -CleanupObsoleteComputers -CleanupObsoleteUpdates -CleanupUnneededContentFiles -ErrorAction Stop
    
    Write-Host "WSUS cleanup completed successfully!" -ForegroundColor Green
}
catch {
    Write-Error "Cleanup failed: $_"
    exit 1
}