Wednesday, December 7, 2011

Redeploy Group Policy Application

So you uninstall an application from a client machine and now want Active Directory to redeploy the application via Group Policy Software Installation. You don't want to redeploy the app domain wide so where do we go? The registry right? That would be correct but where and what keys/values? Microsoft recommends redeployment by deleting the respected subkey in:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\AppMgmt

Here is the article from MS.

But here is an easier way to list those keys. PowerShell style!
Wildcards are allowed for the Parameter 'ApplicationName'

function Get-GPODeployedApp {

<#  .SYNOPSIS   Lists all of the group policy applied applications on the local computer.  .DESCRIPTION   Lists all of the keys under hklm:\software\microsoft\windows\currentversion\group policy\appmgmt   This key contains all of the applied group policy software installations.  .PARAMETER  ApplicationName   Filter on the GPO Name or the GPO Deployment Name  .EXAMPLE   PS C:\> Get-GPODeployedApp
 Lists all of the applied GPO Software Installations.
.EXAMPLE
PS C:\> Get-GPODeployedApp -ApplicationName Acrobat
.LINK
about_functions_advanced
.LINK
about_comment_based_help
#>


param ([string]$ApplicationName = '')
# Get all keys for GPO Application installations
$keys = ls 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\AppMgmt' | Get-ItemProperty |
where { $($_."gpo name" -match $applicationName) -or $($_."Deployment Name" -match $applicationName) }

# Build custom object
foreach ($key in $keys) {
$myObject = New-Object -TypeName system.Object

$myObject | Add-Member -MemberType noteproperty -Name GPO_Name -Value $key."gpo name"
$myObject | Add-Member -MemberType noteproperty -Name DeploymentName -value $key."Deployment Name"
$myObject | Add-Member -MemberType noteproperty -Name GPO_ID -Value $key."gpo id"
$myObject | Add-Member -MemberType noteproperty -Name Path -Value $key.pspath
$myObject

}

}

Ok so now we have listed all the subkeys. How do we remove them? Here is the function on how. It accepts pipeline input from the above function so you can do something like this:

Get-GPODeployedApp -ApplicationName Acrobat | Remove-GPODeployedApp

Remember, making registry changes require that you run the Remove-GPODeployedApp as Administrator with UAC turned on. 

function Remove-GPODeployedApp {

<#  .SYNOPSIS   Remove GPO keys from registry for GPO application redeployment. Must be ran as Administrator.    .DESCRIPTION   Removes the required keys from the local registry so GPO installed applications can be    redeployed.  The cmdlet must be ran as Administrator.   .PARAMETER  Path   The registry path to the key that is to be deleted.   .EXAMPLE   PS C:\> Remove-GPODeployedApp -Path 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\AppMgmt\{a903040e-351f-4...'
This deletes the gpo key for any given application.  Run gpupdate /force for GPO
redeployment.
.EXAMPLE
PS C:\> Get-GPODeployedApp -ApplicationName Acrobat | Remove-GPODeployedApp
This filters all keys with Get-GPODeployedApp function and removes them with the
Remove-GPODeployedApp.  Run gpupdate /force for GPO redeployment.
.EXAMPLE
PS C:\> Get-GPODeployedApp | Remove-GPODeployedApp
This will remove all applied GPO application installation keys.  Run gpupdate /force for GPO
redeployment.

#>
[CmdletBinding()]
param(
[Parameter(Position=0, Mandatory=$true,ValueFromPipeline=$True,
   ValueFromPipelineByPropertyName=$True)]
[Alias("PSPath")]
[String[]]$Path
)

process {
Remove-Item -Path $path -confirm
}
end {

}
}
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)