Remove XPS Viewer
Log In or Register to download the BES file, and more.

0 Votes

Description

Property Details

ID648
TitleRemove XPS Viewer
DomainBESC
CategoryCommon Tasks
Download Size0
Sourcedanielheth@bigfix.me
Source ID<Unspecified>
Source Severity<Unspecified>
Source Release Date4/21/2011 12:00:00 AM
KeywordsWindows Feature
Is TaskTrue
Added by on 10/30/2012 2:53:07 PM
Last Modified by on 10/30/2012 2:53:07 PM
Counters 2848 Views / 7 Downloads
User Rating 1 star 2 star 3 star 4 star 5 star * Average over 0 ratings. ** Log In or Register to add your rating.

Relevance

Used in 9 fixlets and 4 analyses   * Results in a true/false
Show indented relevance
name of operating system as string contains "Win"
Used in 11 fixlets and 5 analyses   * Results in a true/false
Show indented relevance
exists key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1" whose (value "Install" of it as integer = 1) of registry
Used in 3 fixlets   * Results in a true/false
Show indented relevance
exists key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\PowerShellEngine" whose (value "PowerShellVersion" of it as string as version >= "2.0") of registry

Actions

Action 1 (default)

Action Link Click  here  to deploy this action.
Script Type BigFix Action Script 
//============================================================================
//PowerShell Script... 
//
//1. Save old ExecutionPolicy value
parameter "PolicyExisted"="{exists value "ExecutionPolicy" of key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell" of (if exists x64 registry then x64 registry else registry)}"
parameter "oldExecutionPolicy"="{if (parameter "PolicyExisted" as boolean) then (value "ExecutionPolicy" of key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell" of (if exists x64 registry then x64 registry else registry) as string) else ""}"
//2. set to ExecutionPolicy=Unrestricted  and Pull PowerShell exe from registry... if 64bit then pull PowerShell x64
if {x64 of operating system}
    regset64 "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]" "ExecutionPolicy"="Unrestricted"
    parameter "PowerShellexe"="{value "Path" of key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell" of x64 registry}"
else
	//we need to determine what the current execution policy is so we can put it back when we're done.
    regset "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]" "ExecutionPolicy"="Unrestricted"
    parameter "PowerShellexe"="{value "Path" of key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell" of registry}"
endif
//3. Create PowerShell script and save to a ps1 file
delete __appendfile
delete script.ps1
createfile until END
Import-Module c:\windows\system32\WindowsPowerShell\v1.0\Modules\ServerManager
New-Item c:\temp\new_file.txt -type file
#Remove-XPS Viewer - no reboot required
$XPS = Get-WindowsFeature XPS-Viewer
if ($XPS.Installed -eq "True")
{
    Write-Host ""
    Write-Host "Removing XPS Viewer"
    Remove-WindowsFeature XPS-Viewer
    Add-Content c:\temp\new_file.txt "XPS Viewer Uninstalled"
}
else
{
    Add-Content c:\temp\new_file.txt "XPS Viewer Not Installed"
}
END
move __createfile script.ps1
//4. Execute PowerShell with ps1 script file
action uses wow64 redirection false 
waithidden "{parameter "PowerShellexe"}" -file "{pathname of client folder of current site}\script.ps1"
action uses wow64 redirection {x64 of operating system}
//5. Restore ExecutionPolicy back
if {x64 of operating system}
    if {parameter "PolicyExisted" as boolean}
        regset64 "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]" "ExecutionPolicy"="{parameter "oldExecutionPolicy"}"
    else
        regdelete64 "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]" "ExecutionPolicy"
    endif
else
    if {parameter "PolicyExisted" as boolean}
        regset "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]" "ExecutionPolicy"="{parameter "oldExecutionPolicy"}"
    else
        regdelete "[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]" "ExecutionPolicy"
    endif
endif
//============================================================================
Success Criteria

This action will be considered successful when the applicability relevance evaluates to false.


Sharing

Social Media:
Share this page on Yammer


Comments

Log In or Register to leave comments!
jgstew -
Here is mention from 2008: http://blogs.msdn.com/b/powershell/archive/2008/09/30/powershell-s-security-guiding-principles.aspx
jgstew -
This talks about one method: http://obscuresecurity.blogspot.com/2011/08/powershell-executionpolicy.html but a commenter on that blog post states: Just start your script like this: powershell.exe -ExecutionPolicy Bypass -NoLogo -NonInteractive -NoProfile -WindowStyle Hidden -File C:\myscript.ps1
jgstew -
That would be a significant simplification.
danielheth -
Does that apply only to a particular version of powershell? or will that will with PS1 and PS2?
BrianK -
Thank you for these examples. I have been working with BigFix and PowerShell for years now, but hadn't ventured down the road of combining them. One thing I discovered when experimenting with this was the command line switch "-ExecutionPolicy Bypass" for powershell.exe. If you use it when executing your script, it entirely ignores the ExecutionPolicy of the machine. This saves you from having to run parts 1 and 4 of this example script.
 

Content

Search
Share
Learn
Projects

Utilities

View SCM Scripts
Base64 Converter
Shell to Action Script

About

About Us
Tour
FAQ
Terms
Contact Us

BigFix Resources

Download BigFix
Support
Forum
Github/Bigfix
bigfix.me All Content
Hosted on bigfixme-as