dist/temp/WindowsUpdateTools/Private/Invoke-WUComprehensiveRemediation.ps1
|
function Invoke-WUComprehensiveRemediation { <# .SYNOPSIS Performs comprehensive Windows Update remediation when specific issues are unclear. .DESCRIPTION Runs multiple remediation actions in sequence when SetupDiag detects upgrade failures but the specific cause is unclear. This is the "comprehensive" approach that addresses multiple potential causes of Windows Update failures. .PARAMETER LogPath Path to the log file for detailed logging. .EXAMPLE $result = Invoke-WUComprehensiveRemediation -LogPath "C:\Logs\wu.log" .NOTES This is a private function used internally by the WindowsUpdateTools module. Performs multiple remediation actions and returns combined results. #> [CmdletBinding()] param( [string]$LogPath ) Write-WULog -Message "Starting comprehensive Windows Update remediation" -LogPath $LogPath # Initialize comprehensive results $results = [PSCustomObject]@{ Success = $false ActionsPerformed = @() IssuesResolved = 0 RebootRequired = $false RemediationErrors = 0 ComponentResults = @{} ErrorMessage = $null SevereError = $false } try { Write-WULog -Message "Comprehensive remediation sequence initiated for unclear upgrade failure" -LogPath $LogPath # Step 1: Windows Update Troubleshooter Write-WULog -Message "Step 1: Running Windows Update troubleshooter..." -LogPath $LogPath try { $troubleshooterResult = Invoke-WUTroubleshooter -LogPath $LogPath $results.ComponentResults["Troubleshooter"] = $troubleshooterResult if ($troubleshooterResult.Success) { $results.ActionsPerformed += "Windows Update Troubleshooter" if ($troubleshooterResult.IssuesResolved -gt 0) { $results.IssuesResolved += $troubleshooterResult.IssuesResolved } } } catch { Write-WULog -Message "Windows Update troubleshooter failed: $($_.Exception.Message)" -Level Warning -LogPath $LogPath $results.RemediationErrors++ } # Step 2: Component Store Repair with Enhanced Pre-cleaning Write-WULog -Message "Step 2: Component store repair with community enhancements..." -LogPath $LogPath try { # Apply community-discovered CBS registry optimizations before repair Write-WULog -Message "Applying component store registry optimizations..." -LogPath $LogPath # Community solution: Optimize Component Based Servicing behavior $cbsPath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing" Set-ItemProperty -Path $cbsPath -Name "DisableRemovePayload" -Value 0 -Type DWord -ErrorAction SilentlyContinue Set-ItemProperty -Path $cbsPath -Name "DisableWerReporting" -Value 1 -Type DWord -ErrorAction SilentlyContinue Set-ItemProperty -Path $cbsPath -Name "ResetManifestCache" -Value 1 -Type DWord -ErrorAction SilentlyContinue # Community solution: Optimize SideBySide configuration $sbsPath = "HKLM:\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" if (-not (Test-Path $sbsPath)) { New-Item -Path $sbsPath -Force | Out-Null } Set-ItemProperty -Path $sbsPath -Name "CBSLogCompress" -Value 1 -Type DWord -ErrorAction SilentlyContinue Set-ItemProperty -Path $sbsPath -Name "DisableComponentBackups" -Value 1 -Type DWord -ErrorAction SilentlyContinue Set-ItemProperty -Path $sbsPath -Name "NumCBSPersistLogs" -Value 0 -Type DWord -ErrorAction SilentlyContinue Write-WULog -Message "Registry optimizations applied" -LogPath $LogPath $results.ActionsPerformed += "Component Store Registry Optimization" $componentResult = Resolve-WUComponentStore -LogPath $LogPath $results.ComponentResults["ComponentStore"] = $componentResult if ($componentResult.Success) { $results.ActionsPerformed += "Component Store Repair" $results.IssuesResolved++ if ($componentResult.RebootRequired) { $results.RebootRequired = $true } } if ($componentResult.SevereError) { $results.SevereError = $true Write-WULog -Message "Severe component store error flagged during comprehensive remediation" -Level Error -LogPath $LogPath } } catch { Write-WULog -Message "Component store repair failed: $($_.Exception.Message)" -Level Warning -LogPath $LogPath $results.RemediationErrors++ } # Step 3: System Reserved Partition Cleanup Write-WULog -Message "Step 3: System Reserved Partition cleanup..." -LogPath $LogPath try { $partitionResult = Resolve-WUSystemPartition -LogPath $LogPath $results.ComponentResults["SystemPartition"] = $partitionResult if ($partitionResult.Success) { $results.ActionsPerformed += "System Reserved Partition Cleanup" if ($partitionResult.SpaceFreed -gt 0) { $results.IssuesResolved++ } } } catch { Write-WULog -Message "System Reserved Partition cleanup failed: $($_.Exception.Message)" -Level Warning -LogPath $LogPath $results.RemediationErrors++ } # Step 4: Driver Cleanup (Problematic Drivers) Write-WULog -Message "Step 4: Problematic driver cleanup..." -LogPath $LogPath try { $driverResult = Remove-WUProblematicDrivers -LogPath $LogPath -RemoveAction 'UninstallDriver' $results.ComponentResults["DriverCleanup"] = $driverResult if ($driverResult.Success) { $results.ActionsPerformed += "Problematic Driver Analysis" if ($driverResult.BlockingDriversFound -gt 0) { $results.IssuesResolved++ $results.ActionsPerformed += "Identified $($driverResult.BlockingDriversFound) Windows Setup blocking drivers" } if ($driverResult.SignatureDiscrepancies -gt 0) { $results.ActionsPerformed += "Found $($driverResult.SignatureDiscrepancies) driver signature false positives" } } } catch { Write-WULog -Message "Driver cleanup failed: $($_.Exception.Message)" -Level Warning -LogPath $LogPath $results.RemediationErrors++ } # Step 5: Registry Cleanup (Upgrade Blocking) Write-WULog -Message "Step 5: Registry cleanup..." -LogPath $LogPath try { $registryResult = Clear-WUUpgradeBlockingRegistry -LogPath $LogPath $results.ComponentResults["RegistryCleanup"] = $registryResult if ($registryResult.Success) { $results.ActionsPerformed += "Registry Cleanup" if ($registryResult.EntriesCleared -gt 0) { $results.IssuesResolved++ } } } catch { Write-WULog -Message "Registry cleanup failed: $($_.Exception.Message)" -Level Warning -LogPath $LogPath $results.RemediationErrors++ } # Step 6: Enhanced Disk Cleanup Write-WULog -Message "Step 6: Enhanced disk cleanup..." -LogPath $LogPath try { $diskCleanupResult = Invoke-WUEnhancedDiskCleanup -LogPath $LogPath $results.ComponentResults["DiskCleanup"] = $diskCleanupResult if ($diskCleanupResult.Success) { $results.ActionsPerformed += "Enhanced Disk Cleanup" if ($diskCleanupResult.SpaceFreed -gt 0) { $results.IssuesResolved++ } } } catch { Write-WULog -Message "Enhanced disk cleanup failed: $($_.Exception.Message)" -Level Warning -LogPath $LogPath $results.RemediationErrors++ } # Step 7: WSUS Issues Resolution Write-WULog -Message "Step 7: WSUS issues resolution..." -LogPath $LogPath try { $wsusResult = Resolve-WUWSUSIssues -LogPath $LogPath $results.ComponentResults["WSUSFix"] = $wsusResult if ($wsusResult.Success) { $results.ActionsPerformed += "WSUS Issues Resolution" if ($wsusResult.IssuesFixed -gt 0) { $results.IssuesResolved++ } } } catch { Write-WULog -Message "WSUS issues resolution failed: $($_.Exception.Message)" -Level Warning -LogPath $LogPath $results.RemediationErrors++ } # Step 8: Final Windows Update Service Reset Write-WULog -Message "Step 8: Final Windows Update service reset..." -LogPath $LogPath try { $serviceResult = Resolve-WUGenericErrors -LogPath $LogPath $results.ComponentResults["ServiceReset"] = $serviceResult if ($serviceResult.Success) { $results.ActionsPerformed += "Windows Update Service Reset" $results.IssuesResolved++ if ($serviceResult.RebootRequired) { $results.RebootRequired = $true } } } catch { Write-WULog -Message "Service reset failed: $($_.Exception.Message)" -Level Warning -LogPath $LogPath $results.RemediationErrors++ } # Determine overall success if ($results.ActionsPerformed.Count -gt 0 -and $results.RemediationErrors -lt ($results.ActionsPerformed.Count / 2)) { $results.Success = $true Write-WULog -Message "Comprehensive remediation completed with success" -LogPath $LogPath } else { Write-WULog -Message "Comprehensive remediation completed with limited success" -Level Warning -LogPath $LogPath } } catch { $results.ErrorMessage = $_.Exception.Message Write-WULog -Message "Critical error during comprehensive remediation: $($_.Exception.Message)" -Level Error -LogPath $LogPath } # Summary Write-WULog -Message "Comprehensive remediation summary:" -LogPath $LogPath Write-WULog -Message " Actions performed: $($results.ActionsPerformed.Count)" -LogPath $LogPath Write-WULog -Message " Issues resolved: $($results.IssuesResolved)" -LogPath $LogPath Write-WULog -Message " Remediation errors: $($results.RemediationErrors)" -LogPath $LogPath Write-WULog -Message " Reboot required: $($results.RebootRequired)" -LogPath $LogPath Write-WULog -Message " Overall success: $($results.Success)" -LogPath $LogPath if ($results.ActionsPerformed.Count -gt 0) { Write-WULog -Message "Actions completed:" -LogPath $LogPath foreach ($action in $results.ActionsPerformed) { Write-WULog -Message " - $action" -LogPath $LogPath } } return $results } # Helper functions for comprehensive remediation # NOTE: Remove-WUProblematicDrivers has been moved to its own file: # Private\Remove-WUProblematicDrivers.ps1 function Clear-WUUpgradeBlockingRegistry { param([string]$LogPath) $result = [PSCustomObject]@{ Success = $false EntriesCleared = 0 ActionsPerformed = @() } try { Write-WULog -Message "Clearing upgrade-blocking registry entries..." -LogPath $LogPath $regPaths = @( "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CompatMarkers", "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\UpgradeExperienceIndicators" ) foreach ($regPath in $regPaths) { if (Test-Path $regPath) { Remove-Item -Path $regPath -Recurse -Force -ErrorAction SilentlyContinue Write-WULog -Message "Cleared registry path: $regPath" -LogPath $LogPath $result.EntriesCleared++ } } $result.ActionsPerformed += "Registry cleanup completed" $result.Success = $true } catch { Write-WULog -Message "Error during registry cleanup: $($_.Exception.Message)" -Level Warning -LogPath $LogPath } return $result } function Invoke-WUEnhancedDiskCleanup { param([string]$LogPath) $result = [PSCustomObject]@{ Success = $false SpaceFreed = 0 ActionsPerformed = @() } try { Write-WULog -Message "Starting enhanced disk cleanup..." -LogPath $LogPath # Clean temp directories $tempPaths = @( "$env:TEMP\*", "$env:SystemRoot\Temp\*", "$env:SystemRoot\Prefetch\*", "$env:LocalAppData\Microsoft\Windows\INetCache\*" ) foreach ($path in $tempPaths) { $items = Get-ChildItem -Path $path -Force -ErrorAction SilentlyContinue if ($items) { $totalSize = ($items | Where-Object { -not $_.PSIsContainer } | Measure-Object -Property Length -Sum).Sum if ($items) { Remove-Item -Path ($items.FullName) -Recurse -Force -ErrorAction SilentlyContinue $result.SpaceFreed += $totalSize Write-WULog -Message "Cleaned $(Split-Path $path): $([math]::Round($totalSize / 1MB, 2)) MB" -LogPath $LogPath } } } # WinSxS cleanup Write-WULog -Message "Performing WinSxS cleanup..." -LogPath $LogPath & DISM /Online /Cleanup-Image /StartComponentCleanup /ResetBase | Out-Null $result.ActionsPerformed += "Enhanced disk cleanup completed" $result.Success = $true } catch { Write-WULog -Message "Error during enhanced cleanup: $($_.Exception.Message)" -Level Warning -LogPath $LogPath } return $result } function Resolve-WUWSUSIssues { param([string]$LogPath) $result = [PSCustomObject]@{ Success = $false IssuesFixed = 0 ActionsPerformed = @() } try { Write-WULog -Message "Checking for Windows 11 24H2 WSUS deployment issues..." -LogPath $LogPath # Check for WSUS $wsusServer = Get-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" -Name "WUServer" -ErrorAction SilentlyContinue $osVersion = (Get-CimInstance Win32_OperatingSystem).Version if ($wsusServer -and $osVersion -like "10.0.22*") { Write-WULog -Message "WSUS environment detected with Windows 11 - applying 24H2 compatibility fixes" -LogPath $LogPath # Apply the critical registry fix for error 0x80240069 $regPath = "HKLM:\SYSTEM\CurrentControlSet\Control\FeatureManagement\Overrides\8\3000950414" if (-not (Test-Path $regPath)) { New-Item -Path $regPath -Force | Out-Null } Set-ItemProperty -Path $regPath -Name "EnabledState" -Value 1 -Type DWord Set-ItemProperty -Path $regPath -Name "EnabledStateOptions" -Value 0 -Type DWord Write-WULog -Message "Applied Windows 11 24H2 WSUS registry fix" -LogPath $LogPath $result.IssuesFixed++ $result.ActionsPerformed += "Windows 11 24H2 WSUS compatibility fix" } $result.Success = $true } catch { Write-WULog -Message "Error applying WSUS fixes: $($_.Exception.Message)" -Level Error -LogPath $LogPath } return $result } function Invoke-WUTroubleshooter { param([string]$LogPath) $result = [PSCustomObject]@{ Success = $false IssuesResolved = 0 ActionsPerformed = @() } try { Write-WULog -Message "Running Windows Update troubleshooter..." -LogPath $LogPath # Check if troubleshooting pack module is available if (Get-Module -ListAvailable -Name TroubleshootingPack) { Import-Module TroubleshootingPack -ErrorAction Stop # Get Windows Update troubleshooting pack $updatePackPath = "$env:SystemRoot\diagnostics\system\WindowsUpdate" if (Test-Path $updatePackPath) { Write-WULog -Message "Found Windows Update troubleshooting pack" -LogPath $LogPath $updatePack = Get-TroubleshootingPack $updatePackPath $troubleshootResult = Invoke-TroubleshootingPack -Pack $updatePack -Unattended if ($troubleshootResult) { $result.IssuesResolved = 1 Write-WULog -Message "Windows Update troubleshooter completed with results" -LogPath $LogPath } else { Write-WULog -Message "Windows Update troubleshooter completed" -LogPath $LogPath } $result.ActionsPerformed += "Windows Update troubleshooter executed" $result.Success = $true } else { Write-WULog -Message "Windows Update troubleshooting pack not found" -Level Warning -LogPath $LogPath } } else { Write-WULog -Message "TroubleshootingPack module not available" -Level Warning -LogPath $LogPath } } catch { Write-WULog -Message "Failed to run Windows Update troubleshooter: $($_.Exception.Message)" -Level Warning -LogPath $LogPath } return $result } |