How can I prevent a particular program from uninstalling? Like, any installed software, let’s assume the bigfix client itself can be prevented from being uninstalled.
I have a few ideas in mind like killing the uninstallation process or exe files when it is called during an uninstallation. Please let me know if anyone has created relevant fixlets pertaining to this? I do not need this only to be restricted to bigfix client but any software that is detected by bigfix on a system.
There isn’t really a reasonable way to prevent applications from being uninstalled in general. Methods like killing uninstallers are error-prone and can potentially cause big problems.
If you don’t want a user to uninstall an app, the best way is to not give them admin permissions on the computer.
The main concern here is to utilize BigFix’s excellent features of enforcing policies on the system admin and stopping them from performing certain activities on the machine even those which are permitted by their user role.
I was successfully able to enforce policies on system admins if they are killing a certain service or process that restarts the machine and changes the password of the administrator as per our defined policy.
Please note that I am trying to use BigFix to protect a machine from the malicious intent of the user even if he is the admin of the machine.
So now if the admin himself has a malicious intent, I need to make sure that he is not able to uninstall the Bigfix client itself (even is the machine is disconnected from the BigFix Server), as the client is pushing all the policies. So by all means I need to prevent the client from being uninstalled.