Issues Uninstalling Previous Java Versions

Usage and Config Patch
1

I have been trying to write a custom uninstall for Java versions previous to 8u102 and read that there is a built in Java version uninstaller. For some reason I do not have the mentioned fixlet. I have shown non relevant content as well as shown hidden content and show no sign of ID 7052001, 7057001, 7057003. Also searching for “multiple JRE versions” as the Java fixlet suggests returns no results.

Any help would be greatly appreciated!

1 Like
2

Have you tried searching “multiple” instead?

Multiple JRE installed.PNG818×249 34.5 KB

3

If the fixlets still don’t show, you can try unsubscribing and resubscribing the site from the Licence Overview Dashboard.

If it still doesn’t work, I suggest you call IBM support :slight_smile:

1 Like
4

Thank you very much for the response! Unfortunately after a removal, resubscribe, and a gather they still have not populated. I’ll see what IBM has to say.

5

Are you looking in the right Site? It’s in “Updates for Windows Applications”. You might have expected it in “BES Support” or “Patches for Windows”. Also be sure you’re looking at “Fixlets and Tasks”, I don’t recall whether this one is a Fixlet or a Task.

Are you seeing other content in “Updates for Windows Applications”?

6

I do see what I believe to be every other fixlet/task except these three. Obviously if I am missing these three that begs the questions of what else could I be missing but at the moment these Java uninstallers are my focus :slight_smile: So far from my PMR we are just doing basic troubleshooting but nothing obvious has fixed the issue. Even my site versions are accurate to what is expected.

7

Do you have “Show Hidden Content” turned on as well as “Show Non-Relevant Content”?

By any chance has a Master Operator Globally-Hidden these fixlets?
Is your account a Master Operator? If your account is a non-Master Operator, and a MO has Globally-Hidden the fixlets, you won’t be able to see them even if you have ‘Show Hidden Content’ turned on.

8

I checked the MO account with both Hidden Content and Non-Relevant Content shown.

9

I did another gather before I left yesterday and the fixlets were present this morning. Not certain what happened there but seems to be resolved.

I will see if this topic gets any attention before I create another but now that I have access to these Fixlets, I find that they work well except for the Java 8 updates. We have several versions installed across the company and through testing it left multiple versions of the Java 8 platform.

I have found a powershell script that does an excellent job using WMI queries to identify the highest installed 32bit version and removes all the rest. The issues are:

1 we have Powershell execution policy disabled via group policy so an elevated command must first be ran to allow temporary execution rights

2 when attempting to use IExpress to “package” these files (elevation command and PS script), BigFix has an issue deploying or executing the .exe.

I have confirmed it works independently of BigFix. This process does run silently. I have also tried a silent AutoIT script that calls the .exe but that also fails.

Any ideas?

10

You would need to share your actionscript so we can validate what the issue is.

I have no idea what this means, but if it is a powershell script, then you should run the powershell with BigFix directly. No need to elevate since BigFix runs as the SYSTEM account.

It really sounds like there is a bug or issue with the existing IBM content that needs to be addressed that is causing it to not uninstall all previous versions of JAVA 8. I wouldn’t be surprised if the bug is related to JAVA 8 having a version over 100.

Can you provide links to the powershell script you are trying to use? Provide the actionscript? etc?

11

The actionscript is below. IExpress is a built in Microsoft product that allows you to semi package files together to make an .exe. In this exe there is an elevation command that calls on command prompt to change the PowerShell execution policy (set by our group policy) from restricted to bypass, then open and execute the PowerShell script.

ActionScript:

//action parameter query “startDir” with description “Specify the root folder path you want to scan recursively through:” and with default value “c:\users”
//============================================================================
//PowerShell Script…
//
//1. Save old ExecutionPolicy value
parameter “PolicyExisted”="{exists value “ExecutionPolicy” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of (if exists x64 registry then x64 registry else registry)}“
parameter “oldExecutionPolicy”=”{if (parameter “PolicyExisted” as boolean) then (value “ExecutionPolicy” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of (if exists x64 registry then x64 registry else registry) as string) else “”}"
//2. set to ExecutionPolicy=Unrestricted and Pull PowerShell exe from registry… if 64bit then pull PowerShell x64
if {x64 of operating system}
regset64 “[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]” “ExecutionPolicy”=“Bypass"
parameter “PowerShellexe”=”{value “Path” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of x64 registry}"
else
//we need to determine what the current execution policy is so we can put it back when we’re done.
regset “[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]” “ExecutionPolicy”=“Bypass"
parameter “PowerShellexe”=”{value “Path” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of registry}"
endif
//3. Create PowerShell script and save to a ps1 file

//4. Execute PowerShell with ps1 script file
action uses wow64 redirection false
prefetch 990c9b9d11dc914d3896d113b67d32f60e9eaff8 sha1:990c9b9d11dc914d3896d113b67d32f60e9eaff8 size:1534 http://SPRDTEM01.vectren.com:52311/Uploads/990c9b9d11dc914d3896d113b67d32f60e9eaff8/Remove_old_java_versions.ps1.tmp sha256:4d877e8471f273ed7b535f4eb38775be8bdebab4d10543f947ff58ab5a68f281
extract 990c9b9d11dc914d3896d113b67d32f60e9eaff8

waithidden “{parameter “PowerShellexe”}” -file “{pathname of client folder of current site}\Remove_old_java_versions.ps1"
action uses wow64 redirection {x64 of operating system}
//5. Restore ExecutionPolicy back
if {x64 of operating system}
if {parameter “PolicyExisted” as boolean}
regset64 “[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]” “ExecutionPolicy”=”{parameter “oldExecutionPolicy”}"
else
regdelete64 “[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]” “ExecutionPolicy"
endif
else
if {parameter “PolicyExisted” as boolean}
regset “[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]” “ExecutionPolicy”=”{parameter “oldExecutionPolicy”}"
else
regdelete “[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell]” "ExecutionPolicy"
endif
endif
//============================================================================

This script is changing the execution policy to bypass, downloading the script, and executing it with PowerShell.

The script that is being ran works fine when executed on its own. It runs silently as well. That script is:

#This script is used to remove any old Java versions, and leave only the newest.

IMPORTANT NOTE: If you would like Java versions 6 and below to remain, please edit the next line and replace $true with $false

$UninstallJava6andBelow = $true

#Declare version arrays

$32bitJava = @()

$64bitJava = @()

$32bitVersions = @()

$64bitVersions = @()

#Perform WMI query to find installed Java Updates

if ($UninstallJava6andBelow) {

$32bitJava += Get-WmiObject -Class Win32_Product | Where-Object { 

    $_.Name -match "(?i)Java(\(TM\))*\s\d+(\sUpdate\s\d+)*$"

}

#Also find Java version 5, but handled slightly different as CPU bit is only distinguishable by the GUID

$32bitJava += Get-WmiObject -Class Win32_Product | Where-Object { 

    ($_.Name -match "(?i)J2SE\sRuntime\sEnvironment\s\d[.]\d(\sUpdate\s\d+)*$") -and ($_.IdentifyingNumber -match "^\{32")

}

} else {

$32bitJava += Get-WmiObject -Class Win32_Product | Where-Object { 

    $_.Name -match "(?i)Java((\(TM\) 7)|(\s\d+))(\sUpdate\s\d+)*$"

}

}

#Perform WMI query to find installed Java Updates (64-bit)

if ($UninstallJava6andBelow) {

$64bitJava += Get-WmiObject -Class Win32_Product | Where-Object { 

    $_.Name -match "(?i)Java(\(TM\))*\s\d+(\sUpdate\s\d+)*\s[(]64-bit[)]$"

}

#Also find Java version 5, but handled slightly different as CPU bit is only distinguishable by the GUID

$64bitJava += Get-WmiObject -Class Win32_Product | Where-Object { 

    ($_.Name -match "(?i)J2SE\sRuntime\sEnvironment\s\d[.]\d(\sUpdate\s\d+)*$") -and ($_.IdentifyingNumber -match "^\{64")

}

} else {

$64bitJava += Get-WmiObject -Class Win32_Product | Where-Object { 

    $_.Name -match "(?i)Java((\(TM\) 7)|(\s\d+))(\sUpdate\s\d+)*\s[(]64-bit[)]$"

}

}

#Enumerate and populate array of versions

Foreach ($app in $32bitJava) {

if ($app -ne $null) { $32bitVersions += $app.Version }

}

#Enumerate and populate array of versions

Foreach ($app in $64bitJava) {

if ($app -ne $null) { $64bitVersions += $app.Version }

}

#Create an array that is sorted correctly by the actual Version (as a System.Version object) rather than by value.

$sorted32bitVersions = $32bitVersions | %{ New-Object System.Version ($_) } | sort

$sorted64bitVersions = $64bitVersions | %{ New-Object System.Version ($_) } | sort

#If a single result is returned, convert the result into a single value array so we don’t run in to trouble calling .GetUpperBound later

if($sorted32bitVersions -isnot [system.array]) { $sorted32bitVersions = @($sorted32bitVersions)}

if($sorted64bitVersions -isnot [system.array]) { $sorted64bitVersions = @($sorted64bitVersions)}

#Grab the value of the newest version from the array, first converting

$newest32bitVersion = $sorted32bitVersions[$sorted32bitVersions.GetUpperBound(0)]

$newest64bitVersion = $sorted64bitVersions[$sorted64bitVersions.GetUpperBound(0)]

Foreach ($app in $32bitJava) {

if ($app -ne $null)

{

    # Remove all versions of Java, where the version does not match the newest version.

    if (($app.Version -ne $newest32bitVersion) -and ($newest32bitVersion -ne $null)) {

       $appGUID = $app.Properties["IdentifyingNumber"].Value.ToString()

       Start-Process -FilePath "msiexec.exe" -ArgumentList "/qn /norestart /x $($appGUID)" -Wait -Passthru -WindowStyle Hidden

       #write-host "Uninstalling 32-bit version: " $app

    }

}

}

Foreach ($app in $64bitJava) {

if ($app -ne $null)

{

    # Remove all versions of 64bit Java

       $appGUID = $app.Properties["IdentifyingNumber"].Value.ToString()

       Start-Process -FilePath "msiexec.exe" -ArgumentList "/qn /norestart /x $($appGUID)" -Wait -Passthru -WindowStyle Hidden

       #write-host "Uninstalling 64-bit version: " $app

}

}

12

I have resolved this issue by using the provided BigFix multiple Java version installed fixlets, paired with a long list of 64 bit Java GUID uninstallers running after the BF action completed. The sequence then goes as such:

Newest version of Java 32 bit installs
Run all multiple Java version fixlets to cleanup any accompanying Java versions
Run GUID uninstaller that will remove all versions of 64 bit Java as the latest version of 64 bit will remain if it were installed.