I recently added Windows 10 to my WSUS Product and Classifications and got very surprised by the 100 GB of updates that was queued for download! Let’s learn how to clean up WSUS content folder.
Unfortunately, cancelling the download queued is not that straight forward, so I decided to use the opportunity to clean up my WSUS content folder and reclaim my VMFS datastore at the same time.
The reason why the updates where 100 GB was because I had all Classifications selected and an Automatic Approval Rule! After the changes below the updates where only 1 GB.
Lesson Learned, Be Careful with Automatic Approval Rules…
Clean Up WSUS
Before you start make sure to disable your Automatic Approval Rule(s). I have a very nice script below that saved me 300% of downloads.
It’s also a good time to verify that only the Products and Languages you actually need are selected.
From Update Files and Languages, make sure that you don’t have Express installation files selected.
Let’s clean up WSUS by running the following commands:
net stop wsusservice
cd "C:\Program Files\Update Services\Tools"
echo Delete WSUS Folder Content
net start wsusservice
Take a look in Task Manager and you’ll see that the process “SQL Server Windows NT – 64 bit” is consuming all the CPU. This is because all database tables are being checked and any missing hotfixes are being marked for download.
This could take up to 30-60 minutes to complete, depending on the Products and Classifications you have. When the CPU drops you’re ready to proceed.
Let’s start Synchronization.
The thing with WSUS is that it’s going to download everything, even superseded updates. Now the purpose of this post is to also reclaim VMFS storage, so downloading all and then deleting them won’t help much. Luckily there’s a script for that.
#Change server name and port number and $True if it is on SSL
$Computer = $env:COMPUTERNAME
$Domain = $env:USERDNSDOMAIN
$FQDN = "$Computer" + "." + "$Domain"
[String]$updateServer1 = $FQDN
[Boolean]$useSecureConnection = $False
[Int32]$portNumber = 8530
# Load .NET assembly
$count = 0
# Connect to WSUS Server
$updateServer = [Microsoft.UpdateServices.Administration.AdminProxy]::getUpdateServer($updateServer1,$useSecureConnection,$portNumber)
write-host "<<<Connected sucessfully >>>" -foregroundcolor "yellow"
$updatescope = New-Object Microsoft.UpdateServices.Administration.UpdateScope
foreach ($u1 in $u )
if ($u1.IsSuperseded -eq 'True')
write-host Decline Update : $u1.Title
$count=$count + 1
write-host Total Declined Updates: $count
write-host "Error Occurred"
write-host "Exception Message: "
Open PowerShell ISE as Administrator and run the script.
WOW! Do you belive that? Out of 6467 updates, 4179 where declined.
Now run the Automatic Approval Rule to start the downloads.
Many people might argue that is unnecessary to run the wsusutil.exe reset command, simply because all updates will be re-downloaded.
Well, you could always search and decline all updates you don’t want and then run the Server Cleanup Wizard, but its PITA.
My WSUS folder went from 75 GB to 20 GB so I’m happy.
Reclaim VMFS Datastore
I’m not sure if you’re aware, but when you’re using Thin Provisioning it doesn’t matter if you delete unwanted files. When the space has been alllocated it will stay that way until you do the following steps below.
My WSUS folder was located on C: then moved to D: and finally E:
To reclaim the space after all unnecessary files has been deleted run sDelete on all volumes.
sdelete –z c:
When finished shutdown the VM and connect to your ESXi host through Putty.
Navigate to your VMFS datastore folder for that VM.
Now run the following command for all disks:
vmkfstools -K MDT-01.vmdk
Power up the VM and enjoy. I reclaimed 120 GB in 2 hours on just 1 VM!
- How to free up VMware ESXi local drive VMFS datastore space after deleting data in a thin provisioned Windows VM – SDeleting or Powershelling and Hole Punching avoids vMotion workaround