I am trying to run a batch file thatb will uninstall an app to all workstation. The action will complete with exit code 0 but will not remove the app. The batch file will successfully remove the app when i manually run as administrator on a local machine.
Here is the script
Completed // Enter your action script here
Completed action uses wow64 redirection {not x64 of operating system}
Completed delete createfile
Completed delete c:\temp\unintall.bat
Completed createfile until _END
Completed @ECHO OFF
Completed SET ZSCALER_PASSWORD=password
Completed IF EXIST “%PROGRAMFILES(X86)%” (
Completed “%PROGRAMFILES(X86)%”\Zscaler\ZSAInstaller\uninstall.exe --mode unattended
Completed ) ELSE (
Completed “%PROGRAMFILES%”\Zscaler\ZSAInstaller\uninstall.exe --mode unattended
Completed )
Completed _END
Completed move __createfile unintall.bat
Completed wait cmd.exe /C unintall.bat
Any luck with this?
there is something you can do to cheat the system too.
you can upload the .bat using the application wizard and it will put the necessary code for you. less of a hustle.
I also saw something like this too. I think its a good example.
waithidden msiexec.exe /X { name of keys whose( (exists values "DisplayName" whose(it as string as lowercase starts with "Kaspersky Endpoint Security 10 for Windows" as lowercase) of it) AND (exists values whose(it as string as lowercase starts with "msiexec") of it) ) of keys "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall" of ( x64 registries; x32 registries ) } KLLOGIN=KLAdmin KLPASSWD=pr0te(t10n /qn
or this one.
waithidden "{pathname of system folder}\MSIExec.exe" /x {name of key whose (value "DisplayName" of it as string as lowercase starts with "7-zip") of key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall" of x64 registry} /qn
I agree with the comments above around creating a .bat file this way - either cache a correct file on the Bigfix server and download it or create it using relevance to derive the contents. I prefer the relevance approach because it is more likely to work if some endpoints don’t fit the standard pattern (such as a different install path)
I’m also puzzled that you are using
action uses wow64 redirection {not x64 of operating system}
and then
IF EXIST “%PROGRAMFILES(X86)%” (
Why not just keep it simple and use the fact that the Bigfix client is 32-bit and let all the redirection stuff just fall away?
Also, you specify the full path of ‘unintall.bat’ when you delete it, but not when you create or execute it.
Have you examined that file on a failed machine to see what it says in there?
If the bat file looks OK then have you considered adding any logging to the uninstall to give a clue about why it doesn’t run?
One other consideration here is that since this requires a password, I’d suggest leveraging the ‘TakeSecureFixletAction’ method to pass the value more securely. See the following for more information:
The “working directory” would be the site from which the action is run, under BES client\__BESData\sitename.
The working directory usually doesn’t matter in terms of application whitelisting, you may need to whitelist the directory in which the script actually resides. But some installers make assumptions about the working directory path. If your installer requires the working directory to be set, just include a ‘cd’ command in the install.bat itself.