$date = get-date -format s

$wsusserver = "LDAP389-WSUS"
$grqualif = "Test"
$grprod = "Production"
$csvoutput = ('COMPARE_' + $grqualif + '_' + $grprod + '_' + $date +  '.csv').Replace(":","_")



'Tilte;' + $grprod + ' Status;' +$grqualif + ' status;MSRC;Bulletin;OS' | Out-file $csvoutput -append


[void][reflection.assembly]::LoadWithPartialName("Microsoft.UpdateServices.Administration")
$wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::getUpdateServer($wsusserver,$False)
$groups = $wsus.GetComputerTargetGroups()
 
$updateScope = new-object Microsoft.UpdateServices.Administration.UpdateScope; 
$updateScope.UpdateApprovalActions = [Microsoft.UpdateServices.Administration.UpdateApprovalActions]::Install -bor [Microsoft.UpdateServices.Administration.UpdateApprovalActions]::Uninstall -bor [Microsoft.UpdateServices.Administration.UpdateApprovalActions]::All -bor [Microsoft.UpdateServices.Administration.UpdateApprovalActions]::NotApproved
#$updateScope.UpdateApprovalActions = [Microsoft.UpdateServices.Administration.UpdateApprovalActions]::Install -bor [Microsoft.UpdateServices.Administration.UpdateApprovalActions]::Uninstall


$updates = $wsus.GetUpdates($updateScope)
$groups = $wsus.GetComputerTargetGroups()
foreach( $update in $updates){

#MSDN Update status values:

#All: Use to query all updates, regardless of their action.

#Install: Client installs the update.

#NotApproved :The Update will not be available for clients. This value can be used in a simple targeting ComputerTargetGroup to "override" a UpdateApproval made to the "All Computers" ComputerTargetGroup.

#Uninstall: Client removes the update.
 
         
	foreach($group in $groups) {
		if ($group.Name -eq $grqualif){
		 $statusqualif = "Pending"
          		if ($update.GetUpdateApprovals($group).Count -ne 0)
         		 { $statusqualif = $update.GetUpdateApprovals($group)[0].Action}
		}

		if ($group.Name -eq $grprod){
		 $statusprod = "Pending"
          		if ($update.GetUpdateApprovals($group).Count -ne 0) 
         		 { $statusprod = $update.GetUpdateApprovals($group)[0].Action}
		}

		

		if ($group.Name -eq "All computers"){
		$Allstatus = "NotApproved"
		 
          		if ($update.GetUpdateApprovals($group).Count -ne 0) 
         		 { $Allstatus = $update.GetUpdateApprovals($group)[0].Action}
			
		}

	}




	if ($statusprod -ne $statusqualif) {

		if ($statusprod -eq "Pending")

			{$update.Title + ';Pending (All computers:' + $Allstatus + ');' + $statusqualif + ';' + $update.MsrcSeverity + ';' + $update.SecurityBulletins + ';' + $update.ProductTitles | Out-file $csvoutput -append}

		elseif ($statusqualif -eq "Pending")

			{$update.Title + ';' + $statusprod + ';Pending (All computers:'+ $Allstatus + ');' + $update.MsrcSeverity + ';' + $update.SecurityBulletins + ';' + $update.ProductTitles | Out-file $csvoutput -append}

		else

			{$update.Title + ';' + $statusprod + ';' + $statusqualif + ';' + $update.MsrcSeverity + ';' + $update.SecurityBulletins + ';' + $update.ProductTitles | Out-file $csvoutput -append}
	}
}