Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How to remotely remove programs?? 2

Status
Not open for further replies.
mlc9

mlc9

MIS
Aug 15, 2007
255
0
0
US
Can anybody tell me the easiest way to remotely remove programs within a Windows domain environment. Specifically, I want to remove all IM clients (Yahoo messenger, Google Talk, Trillian, AIM, etc) from all of my Windows XP machines. Not sure if you can do this with group policy. It appers that you can uninstall .msi packages with GP, but not sure if that applies here.

Ideally then, I'd like to be able to then keep users from installing such again. I realize taking away local admin rights solves that problem immediately, but looking for another solution without doing that. Thanks
 
Sort by date Sort by votes
I'm not sure about removing them but you can certainly block them from running by using software restriction policies;


If they have admin rights you would need to use Hash rules with the software restriction policy or the user could just rename of move the .exe file. It's all explained in the above link.

Paul
MCSE 2003
MCSA 2003
MCITP Enterprise Administrator

If there are no stupid questions, then what kind of questions do stupid people ask? Do they get smart just in time to ask questions?
Scott Adams
 
Upvote 0 Downvote
I used to use a variety of scripts to do this for me. Check for existence of a certain installed app (C:\Program Files\Windows Messenger) and then remotely run (psexec) the uninstall executable (or download the MSI, remotely copy it to the workstation and run it with the /uninstall /quiet switches). It's handy for a huge domain that was previously abused. I'd recommend getting your admin issues sorted out first though.
 
Upvote 0 Downvote
Software restriction is the best way to go. Scripts to remove programs are great as well, but with so many programs... One of IT biggest issues.
 
Upvote 0 Downvote
Ok, since I am not much of a script writer, I am liking the looks of the Software restriction option, and particually the Hash rules. This would seemingly keep IM clients from running, no matter where they are launched from.

My question now is how do I calculate Hash rules for the IM clients I am trying to keep from running (Yahoo Messenger, MSN, AIM, Google Talk, etc)?

Thanks
 
Upvote 0 Downvote
You will need to browse to that .EXE to obtain the Hash rule. The only caveat to Hash rules are; each version of Yahoo and the like will have a different Hash. I would also implement some path rules as well (these made it a breeze to block the Internet games for the built in games for XP)
 
Upvote 0 Downvote
Sorry, but I am a newbie with this. What am I looking for within the .exe? I assume something within the properties (version, etc)?
 
Upvote 0 Downvote
When you are in the Group Policy. Under Software Restrictions. You will need to create an Additional Rule. Then right click and choose Hash. It has a browse button to search you program files for the yahoo.exe file. once you do this, it loads the Hash for you.

Google is your friend:
How To Use Software Restriction Policies in Windows Server 2003
 
Upvote 0 Downvote
Ok, so let's say I am sitting at my primary DC from which I control all things AD and Group Policy. If I understand everything correctly, when creating the new Hash, I just need to browse to and point the policy to the .exe that would launch any particular program (in my case an IM client).

If true, it sounds like I theorhetically then need to have all offending IM clients installed on my DC in order to have something to point the Hash to. Correct?
 
Upvote 0 Downvote
Use a workstation and install the group policy management console

Paul
MCSE 2003
MCSA 2003
MCITP Enterprise Administrator

If there are no stupid questions, then what kind of questions do stupid people ask? Do they get smart just in time to ask questions?
Scott Adams
 
Upvote 0 Downvote
Ok, I have successfully tested a new hash policy. It works great. I thought just to be sure, I might back it up with a path rule.

Can somebody tell me when creating a path rule, do I need to just point to a program's root folder, or actually point the path to the offending .exe file?
 
Upvote 0 Downvote
Root folder. If they install it somewhere else besides dthe default, it will not work...but users almost never do this.
 
Upvote 0 Downvote
Thanks very much to everyone who helped on this, especially TechyMcSe2k!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
164
DTGMI
DTGMI
microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
197
microsGuy16
microsGuy16
tscstl
  • Locked
  • Question
access to local folder
Replies
1
Views
113
hairlessupportmonkey
hairlessupportmonkey
DrB0b
  • Locked
  • Question
HyperV trying to do extended replica to external HDD
Replies
0
Views
70
DrB0b
DrB0b
duartevds
  • Locked
  • Question
How can I Configure Windows Server to access SQL Server Remotely
Replies
2
Views
67
gbaughma
gbaughma

Part and Inventory Search

Sponsor

Back
Top