What is CAU ? Cluster Update Automation with CAU

#CAU is a great new feature but how does it fit in your infrastructure ?

I have already a WSUS server and I use SCCM ,and I use WSUS for my DTAP environment, and now Do I need another WSUS server ? or can I reuse the old WSUS ?

WSUS 3.0SP2 (on W2K8R2): not yet compatible with Windows Server 2012

You can’t use SCCM to pull the Updates.

So basically install a downstream server for the CAU or primary wsus, if you have more WSUS servers you can sync the updates with powershell to hold the same info on all your other servers.


  • Single-click launch of cluster-wide updating operation
  • Or a single PS cmdlet
  • “Updating Run”image
  • Physical or VM clusters
  • CAU scans, downloads and installs applicable updates on each node
  • Restarts node as necessary
  • One node at a time
  • Repeats for all cluster nodes
  • Customize pre-update & post-update behavior with PS scripts


  • Updates (GDRs) from Windows Update or WSUS
  • Hotfixes (QFEs) from a local File Share
  • Simple customization that installs almost any software update off a local File Share









  • Adds CAU clustered role
  • Just like any other clustered workload
  • Resilience to planned and unplanned failures
  • Not mutually exclusive with on-demand updating
  • Analogy: Windows Update scan on your PC with AU auto-install
  • But possible conflicts with Updating Runs in progress
  • “Configured, but on hold” functionality
  • Compatible with VCO Prestaging


Powershell usage :

Sample: fill in the cluster name and the wsus share.


Invoke-CauScan -ClusterName CONTOSO-FC1 -CauPluginName Microsoft.WindowsUpdatePlugin, Microsoft.HotfixPlugin -CauPluginArguments @{}, @{ ‘HotfixRootFolderPath’ = ‘\\CauHotfixSrv\shareName’; ‘HotfixConfigFilePath’ = ‘\\CauHotfixSrv\shareName\DefaultHotfixConfig.xml’ } -RunPluginsSerially -Verbose
Invoke-CauRun -ClusterName CONTOSO-FC1 -CauPluginName Microsoft.WindowsUpdatePlugin, Microsoft.HotfixPlugin -CauPluginArguments @{ ‘IncludeRecommendedUpdates’ = ‘True’ }, @{ ‘HotfixRootFolderPath’ = ‘\\CauHotfixSrv\shareName’;  ‘HotfixConfigFilePath’ = ‘\\CauHotfixSrv\shareName\DefaultHotfixConfig.xml’ } -MaxRetriesPerNode 2  -StopOnPluginFailure –Force


Options: RunPluginsSerially, StopOnPluginFailure, SeparateReboots

  • CAU supports only Windows Server 2012 clusters
  • Can be installed on Windows 8 Client RSAT package

Make CAU the only tool updating the cluster
Concurrent updates by other tools: e.g., WSUS, WUA, SCCM might cause downtime

For a WSUS-based deployment:

WSUS 4.0: needs a workaround with Beta builds (only) http://social.technet.microsoft.com/wiki/contents/articles/7891.how-wsus-and-cluster-aware-updating-are-affected-by-windows-server-8-beta-updates.aspx 
WSUS 3.0SP2 (on W2K8R2): not yet compatible with Windows Server 2012

Think about firewalls on nodes!
Windows Firewall Beta (or non-Windows firewall): create a firewall rule and enable it for domain-scope, wininit.exe program, dynamic RPC endpoints, TCP protocol
Windows Firewall RC: Enable the "Remote Shutdown" firewall rule group for the Domain profile, or pass the “-EnableFirewallRules” parameter to Invoke-CauRun, Add-CauClusterRole or Set-CauClusterRole cmdlets
Make sure GPOs agree

CAU: Understand and Troubleshoot Guide: http://www.microsoft.com/download/en/details.aspx?id=29015

CAU Scenario Overview: http://technet.microsoft.com/en-us/library/hh831694.aspx

CAU Windows PowerShell cmdlets
‘Update-Help’ downloads the full cmdlet help for CAU cmdlets
Online: http://go.microsoft.com/fwlink/p/?LinkId=237675

Starting with Cluster-Aware Updating: Self-Updating: http://blogs.technet.com/b/filecab/archive/2012/05/17/starting-with-cluster-aware-updating-self-updating.aspx

Author: Robert Smit [MVP]

Robert Smit is Senior Technical Evangelist and is a current Microsoft MVP in Clustering as of 2009. Robert has over 20 years experience in IT with experience in the educational, health-care and finance industries. Robert’s past IT experience in the trenches of IT gives him the knowledge and insight that allows him to communicate effectively with IT professionals who are trying to address real concerns around business continuity, disaster recovery and regulatory compliance issues. Robert holds the following certifications: MCT - Microsoft Certified Trainer, MCTS - Windows Server Virtualization, MCSE, MCSA and MCPS. He is an active participant in the Microsoft newsgroup community and is currently focused on Hyper-V, Failover Clustering, SQL Server, Azure and all things related to Cloud Computing and Infrastructure Optimalization. Follow Robert on Twitter @ClusterMVP Or follow his blog https://robertsmit.wordpress.com Linkedin Profile Http://nl.linkedin.com/in/robertsmit Robert is also capable of transferring his knowledge to others which is a rare feature in the field of IT. He makes a point of not only solving issues but also of giving on the job training of his colleagues. A customer says " Robert has been a big influence on our technical staff and I have to come to know him as a brilliant specialist concerning Microsoft Products. He was Capable with his in-depth knowledge of Microsoft products to troubleshoot problems and develop our infrastructure to a higher level. I would certainly hire him again in the future. " Details of the Recommendation: "I have been coordinating with Robert implementing a very complex system. Although he was primarily a Microsoft infrastructure specialist; he was able to understand and debug .Net based complext Windows applications and websites. His input to improve performance of applications proved very helpful for the success of our project

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: