I have a couple computers that aren't talking to the server. I want to uninstall the client and try reinstalling it. When I uninstall, it fails because their is a policy on the computer that doesn't allow uninstallation. Is there a way to get around this? Is there a policy file that I can remove?
Hi Kevin - Feel free to message me directly for more detail but very briefly....
Log onto SSG console.
Go to Policies. I would create two policies - One Machine settings (this is the one you need) Set Uninstallation allowed as YES.
Save this policy.
Create another Policy for Device Protection (this is an optional extra really) - Set Internal Storage for NO ENCRYPTION.
This will allow clients that have this policy (or policy group in this case) to not only remove the client but also decrypt (if needed)
I then would create a policy group and add both these new policies into this group
The next steps are assigning this policy (or policy group) to the client. This can be done by adding the PC to a group - this will then automate the procedure OR you can create a new policy embeded into a new configuration. This is my prefered option - Run the new config on the computer and you can then remove/decrypt etc...
This is found under Tools - Configuration Package Tool
Here you can see for this package I've embedded the Policy Group "Decrypt and Uninstall" one I've created. This means once this MSI is installed the client has the local policy over-written with this one.
That's it roughly - it's a little more long-winded assigning this policy automatically. I've done this too - there's just a few more steps to add!
Hope this helps a little?
