Create remediation script for deinstalling oracle java on every azure-managed client

Question

while silently reading here for half an eternity, now comes the point where I´d like to ask a question.

We have been carved out from a big company lately and one of the endless things we have to solve is caring for sw-licensing.

However in this process it turned out that oracle is not a software company having at least a slight interest in senseful co-existing but a plain mafia-gang. So after a few meetings with those self-righteous mobsters I just quitted and promised to wipe and extinct their SW from each server/client in order to not step in their criminal-licensing-traps. While we already got rid of all oracleDBs, oracle java is still a problem also because employees keep installing it here and there not caring for consequences. (worldwide ~7500clients azure-managed).

So I want to come up with an remediation script looking for oracle java periodicly and deleting it.

While detection is working I cannot figure out why remediation is not working; So after two days of struggling around (I´m quite new to remediation methods and not a pro in powershell ) I´d like to know how you would do it:

Detection (works)

$MSICode = gwmi Win32_Product -filter "name like 'Java%' AND vendor like 'Oracle%'" | select IdentifyingNumber

if ($MSICode -eq $null){
    Write-Host "oracle java installations not found"
    Exit 0
}else{
    Write-Host "oracle java installations found"
    Exit 1
}

Remediation (Always prompts me with msiexec error asking for the right syntax while "write-Output $Deinstallcommands" shows the right values

$MSICode = gwmi Win32_Product -filter "name like 'Java%' AND vendor like 'Oracle%'" | select IdentifyingNumber

# Variable "Deinstallcommands" bereinigt die MSICode Variable ( + silent deinstall ) sodass sie wie cmd ausgeführt werden kann.

$Deinstallcommands = $MSICode.IdentifyingNumber -replace "{","MsiExec.exe /x{"

# Alle Deinstallcommands ausführen
 
#write-Output $Deinstallcommands

ForEach($IdentifyingNumber in $Deinstallcommands) {& cmd /c "$Deinstallcommands"}

Looking forward to your replies

Answer 1

ForEach($IdentifyingNumber in $Deinstallcommands) {& cmd /c "$Deinstallcommands"}

• Actually, the loop in the remediation script seems to be incorrect, and you are using the entire array of IdentifyingNumber for each iteration.

# Detection
$MSICode = Get-WmiObject Win32_Product -Filter "name like 'Java%' AND vendor like 'Oracle%'" | Select-Object -ExpandProperty IdentifyingNumber

if ($MSICode -eq $null) {
    Write-Host "Oracle Java installations not found"
    Exit 0
} else {
    Write-Host "Oracle Java installations found"
    Exit 1
}

# Remediation
foreach ($IdentifyingNumber in $MSICode) {
    $DeinstallCommand = "MsiExec.exe /x $IdentifyingNumber /qn"
    Write-Host "Running: $DeinstallCommand"
    Start-Process -FilePath "cmd.exe" -ArgumentList "/c $DeinstallCommand" -Wait
}

Write-Host "Oracle Java uninstallation complete"
Exit 0

• Get-WmiObject, which is a more modern and PowerShell-native way of retrieving WMI information and Select-Object -ExpandProperty IdentifyingNumber to extract the IdentifyingNumber from the WMI query resu lt.

• I modified the loop to use each individual IdentifyingNumber in the uninstallation command and added /qn to the MsiExec.exe command for silent uninstallation (no user interface).