Uninstalling PAM360 Agent

Uninstalling the PAM360 Agent from Multiple Endpoints via Windows Group Policy Objects (GPO)

This document details the steps needed to uninstall the PAM360 Agent from multiple endpoints using Windows Group Policy Objects (GPO). Click here to download the PAM360-Agent-Script zip file. Unzip the file and extract the PAM360AgentInstallationScript.ps1 and PAM360AgentUninstallationScript.ps1 files.

Steps to Add the Uninstallation Script in the GPO

  1. Right click the name of the GPO you created from the left pane and click Edit settings, delete, modify security. The Group Policy Management editor window will open.
    agent-gpo-5.png
  2. Expand the Policies >> Windows Settings folders. Double click Scripts. In the Scripts window, click Startup and then click Properties.
    agent-gpo-6.png
  3. Switch to the PowerShell Scripts tab and click Show Files. The network directory will open up.
    pam-agent-gpo-7.png
  4. Now, paste the PAM360 agent Uninstallation PowerShell script file in the GPO network location.
    agent-gpo-10.png agent-gpo-11.png
  5. Click Add, add the PAM360AgentUninstallationScript file name under Script Name. Click Apply and OK again to save the settings.
  6. In the GPO editor, expand Administrative Templates in the left pane. Expand the System folder under it and open Group Policy.
  7. Under the Group Policy folder, right click Specify workplace connectivity wait time for policy processing.
    agent-gpo-12.png agent-gpo-13.png agent-gpo-14.png agent-gpo-15.png
  8. In this window, click the Enabled option. Enter the Amount of time to wait as 120 seconds. Click Apply and click OK to save the settings.
    agent-gpo-16.png
  9. The GPO will be applied. Once you restart all the target endpoints, the PAM360 Agent PowerShell script will be invoked and the agent will be uninstalled in the target machines.
  10. After successful uninstallation, disable the startup script for the GPO you created (AgentGPO in this example). This will ensure that the script is not invoked every time the target machines are restarted.

Once you have uninstalled the old agents, follow the steps in this link to install the C#/Go agent using GPO.

Troubleshooting Steps

Ensure that the AgentGPO has a higher precedence than the other GPOs. This is to make sure that the other GPOs don't override the permissions of the AgentGPO.

To check this, click the GPO name, right click the Enforced option and check if it is enabled.

agent-gpo-17.png
Quick Links