Created
June 11, 2021 16:02
-
-
Save krzydoug/2d0978e68fca7739087ad71a9af9df0d to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #initialize | |
| Set-ExecutionPolicy Bypass -Scope CurrentUser -Force | |
| $global:percentcomplete = 0 | |
| $global:activity = 'Initializing..' | |
| function write-message{ | |
| Param($msg) | |
| Write-Progress -Activity $Global:activity -Status "$msg..." -PercentComplete $global:percentcomplete | |
| } | |
| write-message "Symantec network uninstall script initializing.." | |
| . \\dcserver\Support\Scripts\Get-InstalledPrograms.ps1 | |
| . \\dcserver\Support\Scripts\Get-OnlineComputer.ps1 | |
| $restartjobs = $uninstalljobs = $endjobs = $sepclients = New-Object System.Collections.ArrayList | |
| $DateStamp = get-date -Format yyyyMMddTHHmmss | |
| $logFile = '{0}-{1}.log' -f 'Symantec network uninstall',$DateStamp | |
| $log = Join-Path -Path $env:temp -ChildPath $logFile | |
| #check online | |
| $global:percentcomplete += 2 | |
| $global:activity = "Gathering online computers.." | |
| Get-ADComputer -Filter "name -notlike 'dcse*'" | Get-OnlineComputer -Passthru -OutVariable online | ForEach-Object{ | |
| $global:percentcomplete++ | |
| write-message "Adding $($_.name)" | |
| Start-Sleep -Milliseconds 800 | |
| } | |
| $step = (100 - [int]$global:percentcomplete) / (($online.name).count * 5) | |
| #Scanning for SEP | |
| $global:activity = 'Scanning for Symantec Endpoint Protection..' | |
| $online | ForEach-Object{ | |
| $PC = $_.name | |
| write-message "Querying $PC.." | |
| "$(get-date) Querying $PC for symantec endpoint." | Out-File -FilePath $log -Encoding ascii -Append | |
| if($result = $pc | Get-InstalledPrograms | Where-Object displayname -like 'symantec endp*'){[void]$sepclients.add($result)} | |
| Start-Sleep -Milliseconds 400 | |
| $global:percentcomplete += $step | |
| } | |
| #uninstalling | |
| $global:activity = 'Uninstalling Symantec Endpoint Protection..' | |
| $names = @($sepclients.pc) | |
| $reset = $true | |
| $sepclients.pc | ForEach-Object{ | |
| $pc = $_ | |
| write-message "Sending uninstall command to $PC.." | |
| "$(get-date) Uninstalling symantec endpoint from $pc" | Out-File -FilePath $log -Encoding ascii -Append | |
| $DateStamp = get-date -Format yyyyMMddTHHmmss | |
| $logFile = '{0}-{1}-{2}.log' -f 'SymantecUninstall',$PC,$DateStamp | |
| $locallog = join-path 'c:\windows\temp' -ChildPath $logFile | |
| [void]$uninstalljobs.add($( | |
| start-job -name $pc -ScriptBlock { | |
| Param($PC,$locallog) | |
| $script = { | |
| Param($locallog) | |
| $MSIArguments = @( | |
| "/x" | |
| ('"{0}"' -f '{A0CFB412-0C01-4D2E-BAC9-3610AD36B4C8}') | |
| "/qn" | |
| "/norestart" | |
| "/L*v" | |
| $locallog | |
| ) | |
| Start-Process "msiexec.exe" -ArgumentList $MSIArguments -Wait -NoNewWindow | |
| } | |
| Invoke-Command -ComputerName $pc -ArgumentList $locallog -ScriptBlock $script | |
| } -ArgumentList $PC,$locallog) | |
| ) | |
| $global:percentcomplete += $step | |
| $string = '\\' + $PC + '\C$\Windows\Temp\' + $logFile | |
| "$(get-date) Uninstall log located $string" | Out-File -FilePath $log -Encoding ascii -Append | |
| } | |
| do{ | |
| if($reset){ | |
| $num = 0..($names.Count - 1) | Get-Random | |
| $count = 0 | |
| $reset = $false | |
| } | |
| write-message "Uninstall command sent to $($names[$num]).." | |
| Start-Sleep -Milliseconds 500 | |
| $count++ | |
| if($count -eq 9){$reset = $true} | |
| }until($uninstalljobs.state -notcontains 'running') | |
| $uninstalljobs | Remove-Job -Force -ErrorAction SilentlyContinue | |
| $uninstalljobs = $null | |
| #rebooting | |
| $global:activity = "Rebooting clients.." | |
| $reset = $true | |
| $sepclients.pc | ForEach-Object{ | |
| $pc = $_ | |
| write-message "Sending reboot command to $PC.." | |
| "$(get-date) Rebooting $_" | Out-File $log -Encoding ascii -Append | |
| [void]$restartjobs.add(@{ | |
| Name = $pc | |
| Job = $(start-job -Name $_ -ScriptBlock { | |
| Param($pc) | |
| Restart-Computer -Wait -For PowerShell -Force -ComputerName $pc -ErrorAction SilentlyContinue | |
| } -ArgumentList $pc) | |
| }) | |
| $global:percentcomplete += $step | |
| } | |
| do{ | |
| if($reset){ | |
| $num = 0..($names.Count - 1) | Get-Random | |
| $count = 0 | |
| $reset = $false | |
| } | |
| write-message "Reboot command sent to $($names[$num]).." | |
| Start-Sleep -Milliseconds 500 | |
| $count++ | |
| if($count -eq 9){$reset = $true} | |
| }until($restartjobs.job.state -notcontains 'running') | |
| $restartjobs | Remove-Job -Force -ErrorAction SilentlyContinue | |
| $restartjobs = $null | |
| #waiting for reboot | |
| $global:activity = "Waiting for clients to come online.." | |
| $reset = $true | |
| $sepclients.pc | ForEach-Object{ | |
| $pc = $_ | |
| $DateStamp = get-date -Format yyyyMMddTHHmmss | |
| $logFile = '{0}-{1}.log' -f "SymantecUninstall-$PC",$DateStamp | |
| $joblog = Join-Path -Path $env:temp -ChildPath $logFile | |
| $endscript = { | |
| Param($PC,$joblog) | |
| Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope CurrentUser -Force | |
| . \\dcserver\support\Scripts\Get-InstalledPrograms.ps1 | |
| $service = $false | |
| $timeout=0 | |
| do{ | |
| $timeout++ | |
| $service = [bool]($registry = get-service -Name RemoteRegistry -ComputerName $pc -ErrorAction SilentlyContinue) | |
| Start-Sleep -Seconds 1 | |
| }until($service -or $timeout -eq 30) | |
| if($timeout -eq 30){Write-warning "Unable to query remoteregistry service on $pc";break} | |
| $global:percentcomplete += $step | |
| "$(get-date) $pc completed reboot, finishing script execution." | Out-File $joblog -Encoding ascii -Append | |
| $sep = Get-InstalledPrograms -Name $pc | Where-Object displayname -Like "symantec end*" #-ErrorAction SilentlyContinue | |
| if($sep){ | |
| $success = $false | |
| } | |
| else{ | |
| $success = $true | |
| } | |
| [PSCustomObject]@{ | |
| PC = $PC | |
| Result = $success | |
| Log = $joblog | |
| } | |
| } | |
| [void]$endjobs.add($(Start-Job -Name $pc -ScriptBlock $endscript -ArgumentList $pc,$joblog)) | |
| } | |
| do{ | |
| if($reset){ | |
| $num = 0..($names.Count - 1) | Get-Random | |
| $count = 0 | |
| $reset = $false | |
| } | |
| write-message "Attempting to query $($names[$num]) .." | |
| Start-Sleep -Milliseconds 500 | |
| $count++ | |
| if($count -eq 10){$reset = $true} | |
| }until($endjobs.state -notcontains 'running') | |
| #Gather results | |
| $global:activity = "Processing results.." | |
| $sepclients.pc | ForEach-Object{ | |
| $pc = $_ | |
| write-message "Logging results for $pc" | |
| Start-Sleep -Milliseconds 600 | |
| $result = get-job -Name $pc | Receive-Job | |
| Get-Content $result.log | Out-File $log -Encoding ascii -Append | |
| Remove-Item $result.log -ErrorAction SilentlyContinue | |
| if($result.result -eq $true){ | |
| "$(get-date) Symantec Endpoint successfully removed from $($result.pc)." | Out-File $log -Encoding ascii -Append | |
| } | |
| elseif($result.result -eq $false){ | |
| "$(get-date) Failed to remove Symantec Endpoint from $($result.pc)." | Out-File $log -Encoding ascii -Append | |
| } | |
| elseif($result.result -eq 'error'){ | |
| "$(get-date) Unable to query installed programs on $($result.pc)." | Out-File $log -Encoding ascii -Append | |
| } | |
| $global:percentcomplete += $step | |
| } | |
| $endjobs | remove-job -Force -ErrorAction SilentlyContinue | |
| $global:activity = "Execution completed" | |
| $global:percentcomplete = 100 | |
| "$(get-date) Symantec network uninstall script completed." | Out-File $log -Encoding ascii -Append | |
| write-output "Symantec network uninstall script completed." | |
| Write-Progress -Activity $Global:activity -Status "Symantec network uninstall script completed!" -PercentComplete $global:percentcomplete -Completed | |
| read-host |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment