Re: Scripted Software removal (Encrypting Credentials)
From: Matt Ostiguy (ostiguy_at_gmail.com)
Date: 06/13/05
- Previous message: Harlan Carvey: "Re: reconsidering physical security: pod slurping"
- In reply to: Casey DeBerry: "Scripted Software removal (Encrypting Credentials)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 13 Jun 2005 13:43:13 -0400 To: focus-ms@securityfocus.com
On 6/13/05, Casey DeBerry <cdeberry@cobizinc.com> wrote:
> We are looking to remove MS ISA Firewall Client from desktop's
> throughout our organization. We did not roll this software out the AD,
> so the option to remove it that way is not available. I have found a
> couple resources for removing via scripts:
> http://jtbworld.blogspot.com/2005/01/unattended-uninstallation-using.htm
> l
> http://cwashington.netreach.net/depo/view.asp?Index=1035&ScriptType=vbsc
> ript
>
> When adapted, the scripts work for the uninstall; however, we are having
> problems with user accounts making the changes (User logs in, uninstall
> script runs, user has no privileges to install/uninstall software,
> script fails). Is there a way to encrypt the credentials so users are
> unable to view them?
>
> Casey DeBerry
If you have AD, you might be able to use a script as a startup script
assigned via a GPO, which will run as the local system account, and
not as the logged in user, which is the case for logon scripts. To
test using the script as sytem account (so to see if it uninstalls
cleanly running as that user account), schedule it via the task
scheduler.
Matt
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Previous message: Harlan Carvey: "Re: reconsidering physical security: pod slurping"
- In reply to: Casey DeBerry: "Scripted Software removal (Encrypting Credentials)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
