Can't remove an app via Intune from user context

Johnny T 0 Reputation points
2024-05-17T22:54:58.47+00:00

I am trying to uninstall a application called MicroSIP via Microsoft Intune on all of our Windows machines but the script is says "not installed" every time I run it. I have tied multiple scripts but no luck. I did find my issue. So here it is. Every time the script rans it looks under C:\Users for the name of the MACHINE instead of the USER when expanding %USERNAME%. I have not idea what I am doing wrong

Here is my script

Function to uninstall MicroSIP from a specific user profile

function UninstallMicroSIPFromUserProfile($userProfilePath) {

$MicroSIPUninstallPath = "$userProfilePath\AppData\Local\MicroSIP\Uninstall.exe"

Write-Output $MicroSIPUninstallPath

if (Test-Path -path $MicroSIPUninstallPath) {

    Write-Output "Uninstalling MicroSIP from $userProfilePath..."

    # Stop any running instances of MicroSIP to avoid conflicts

    Stop-Process -Name MicroSIP -Force -ErrorAction SilentlyContinue

    # Uninstall MicroSIP

    cmd.exe /c ""%SYSTEMDRIVE%\Users\%USERNAME%\Appdata\Local\MicroSIP\Uninstall.exe" /S"

    # Check if the uninstallation was successful

    if (Test-Path -path $MicroSIPUninstallPath) {

        Write-Output "Failed to uninstall MicroSIP from $userProfilePath. Please try again or manually remove it."

    } else {

        Write-Output "MicroSIP successfully uninstalled from $userProfilePath."

    }

} else {

    Write-Output "MicroSIP is not installed in $userProfilePath."

}

}

if (!(Test-Path -path "C:\Users")) {

Write-Output "Users directory does not exist on this drive. Current location: "

Write-Output $MyInvocation.MyCommand.Path

Exit

}

Get the list of user profiles on the machine

$userProfiles = Get-ChildItem "C:\Users" -Directory

Loop through each user profile and uninstall MicroSIP

foreach ($profile in $userProfiles) {

UninstallMicroSIPFromUserProfile $profile.FullName

UninstallMicroSIPFromUserProfile $profile.FullName

UninstallMicroSIPFromUserProfile $profile.FullName

UninstallMicroSIPFromUserProfile $profile.FullName

}

User's image

Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,572 questions
PowerShell
PowerShell
A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
2,219 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. MotoX80 32,441 Reputation points
    2024-05-20T14:43:16.5133333+00:00

    You are putting the full path to the executable into the MicroSIPUninstallPath variable, so there no need to reference %username%. There is also no need to call cmd.exe as Powershell can just run the program directly.

    The main problem that you have is how the application's installer functions. If it installs on a per user basis, then it will likely save registry keys into HKEY_CURRENT_USER. If Intune is running your script as the SYSTEM account, then uninstall.exe is not going to find any registry entries and is going to fail. If it just looks to .INI or other config files, then that should work, but when you launch the uninstall.exe you may need to set the working directory to the directory where those files are located.

    In addition to the "/S" switch, you should investigate the switch that generates a log file. That way if uninstall.exe does not work, you can look to its log file to see what it did not like.

    See the comments in the script and select option 1 or 2.

    function UninstallMicroSIPFromUserProfile($userProfilePath) {
        $MicroSIPUninstallPath = "$userProfilePath\AppData\Local\MicroSIP\Uninstall.exe"
        if (Test-Path -path $MicroSIPUninstallPath) {
            Write-Output "Uninstalling MicroSIP from $userProfilePath..."
            # Stop any running instances of MicroSIP to avoid conflicts
            Stop-Process -Name MicroSIP -Force -ErrorAction SilentlyContinue
            # Uninstall MicroSIP
            #cmd.exe /c ""%SYSTEMDRIVE%\Users\%USERNAME%\Appdata\Local\MicroSIP\Uninstall.exe" /S"
            Start-Process  -FilePath $MicroSIPUninstallPath -ArgumentList "/s" -Wait 
            # Check if the uninstallation was successful
            if (Test-Path -path $MicroSIPUninstallPath) {
                Write-Output "Failed to uninstall MicroSIP from $userProfilePath. Please try again or manually remove it."
            } else {
                Write-Output "MicroSIP successfully uninstalled from $userProfilePath."
            }
        } else {
            Write-Output "MicroSIP is not installed in $userProfilePath."
        }
    }
    # Choose Option 1 or 2
    
    # Option 1 
    
    # If Uninstall.exe does not need to reference HKEY_CURRENT_USER,
    # and you have configured Intune to execute this script as the SYSTEM account,
    # then use this foreach loop to uninstall the app for each user. 
    #Get the list of user profiles on the machine
    if (!(Test-Path -path "C:\Users")) {
        Write-Output "Users directory does not exist on this drive. Current location: "
        Write-Output $MyInvocation.MyCommand.Path
        Exit
    }
    $userProfiles = Get-ChildItem "C:\Users" -Directory
     
    #Loop through each user profile and uninstall MicroSIP
    foreach ($profile in $userProfiles) {
        Write-Output ""
        "Checking {0}" -f $profile.FullName | Write-Output  
        UninstallMicroSIPFromUserProfile $profile.FullName
    }
    
    # Option 2 
    
    # If Uninstall.exe does reference HKEY_CURRENT_USER,
    # and you have configured Intune to execute this script in the context of the user's account,
    # then use this to uninstall the app 
    Write-Output "Running as the user, not the SYSTEM account."
    "Checking {0}" -f $env:USERPROFILE | Write-Output  
     UninstallMicroSIPFromUserProfile $env:USERPROFILE