Overview
You would like to use GFI LanGuard to manage the installed applications and remotely uninstall unauthorized software network-wide or on the selected target computer(s).
This article also describes how to remove the software from an auto-uninstall validation list when your unauthorized software policies change.
Solution
The LanGuard remote uninstall feature allows to silently remove applications from the scanned machines by marking them as unauthorized.
LanGuard needs an application to be installed on the target machine to remove it. It does not restrict the installation of not allowed software or delete executables that are not installed.
Once the scan on the target machine(s) provides a list of the installed applications, LanGuard can verify whether an unauthorized application is installed. LanGuard then detects the type of installation used by the application and builds the uninstallation string required to remove the application from the remote machine(s).
Unfortunately, not all applications support a silent uninstallation, and sometimes the uninstallation will prompt for user input, even if it is instructed to run silently. This can occur for all types of uninstallations.
Before LanGuard can remotely uninstall an application, the administrator must validate the uninstallation of the application through the Auto-Uninstall Validation. This is done to attest that the application can be uninstalled silently. This test needs to be done in a test environment (or a single test client).
The Auto-Uninstall Validation will try to remove the application from the remote computer and will wait for 120 seconds before it times out. If the application is uninstalled successfully, then it would be validated. If the uninstallation of the application times out, it would indicate that the application cannot be silently uninstalled - most probably, the application would be waiting for a response from the user on the desktop.
If Auto-Uninstall Validation was successful, a scheduled scan based on the scanning profile for which the application is marked as unauthorized is configured to auto-uninstall applications.
Setting Applications as Unauthorized Software
Refer to the Configuring Unauthorized Applications Auto-Uninstall article describing the whole process step by step.
Removing Applications from Unauthorized List
To remove applications from an unauthorized list, use the Scanning Profiles Editor.
- Launch GFI LanGuard.
- Click in the upper left corner -> Configuration -> Scanning Profiles Editor.
- Once the Scanning Profiles Editor opens, go to Network & Software Audit Options > Applications > Unauthorized Applications, and in the Profiles tab, select the profile containing the unauthorized application(s).
- Select and remove the appropriate application(s).
- Verify that the application is no longer on the list.
This cannot be performed on the Application Inventory page.
Testing
Auto-Uninstall Validation is already one of the process steps; no additional testing is required.
Application removal from the unauthorized list is a one-time process, and the results are immediately reflected on the screen - the application is no longer in the list.