Getting Started with WDK!

Summary

The following example shows how to implement WDK to reduce the complexity and time investment required to perform a common workplace automation task: uninstalling an application. In our example, we'll be removing Mozilla Firefox.

Prerequisites

If you'd like to replicate this behavior in your own Automox environment, please ensure the following prerequisites are met:

  • The devices targeted meet the Automox Agent Requirements.
  • The devices targeted have Mozilla Firefox installed.
  • You have an Automox Console account with the appropriate permissions to create, read & execute Worklet policies ( Patch Operator and higher ).

Creating the Policy

  1. Head to the Automox Console and sign in with an accountClosed The account acts as the main object to store and manage all of the organizations under the account, including specifying the enabled modules, features, billing settings, etc for each organization. - Organization - Users - Privileges User / Role / Organization - Billing & contact information - Card details - Payment mode holding the required permissions outlined in the Prerequisites section.
  2. Create the base Worklet policy, providing the name and targeting options for both operating system and Automox device groups. For further guidance on creating a Worklet policy, please refer to Creating a Worklet.
  3. For this example, you create a Worklet that can be manually run to perform a Firefox uninstall. Considering this, our evaluation code can simply be exit 0.
  4. For the remediation code, you implement the Get-Win32App and Remove-Win32App WDK functions to locate the app and attempt the removal:
Copy 
# define our application name
$appName = 'Firefox'

# get matching apps
# using the -IncludeUsers parameter allows us
# to also retrieve matching installs from each
# user's profile
$apps = Get-Win32App -IncludeUsers | Where-Object { $_.Name -match $appName }

# enumerate the collected apps
foreach ( $app in $apps )
{
    # evaluate if we CAN uninstall the app
    # in some cases, software manufacturers
    # do not provide the required arguments
    # to SILENTLY remove the application
    if ( $app.CanQuietUninstall )
    {
        # uninstall the application
        $app | Remove-Win32App
    }
    else
    {
        # generate activity log output if we
        # cannot uninstall the application
        out "$( $app.Name ) cannot be quietly uninstalled."
    }
}
  1. Create the policy by selecting the Create Policy button at the bottom of the page.

Testing the Policy

Now that you have a new policy created, it's time to test it.

To do this:

  1. Navigate to Devices and select a device you'd like to perform this uninstall for.
  2. Scroll down to the Associated Policies area, and select Run on this Device to the right of your newly created Uninstall Firefox policy.
  3. Now, go to the Activity Log and review the output.

Reading the Output

Take a look at the Activity Log output. Select Reports from the top navigation menu then select Activity Log from the Reports page.

In the Activity Log, you now see some output generated:

Mozilla Firefox (x64 en-US) cannot be quietly uninstalled.

Unfortunately, it looks like in this case Firefox cannot be uninstalled without some additional input. Let's insert the silent uninstall switch, via Remove-Win32App's -AdditionalArgs switch.

Providing the Silent Switch

Go back to the Uninstall Firefox policy page. Tweak the Remediation code to perform this install silently. Since we're now providing known arguments to perform the removal, we're able to significantly shorten our code:

Copy 
# define our application name
$appName = 'Firefox'

# locate and remove mozilla firefox, silently
Get-Win32App -IncludeUsers | Where-Object { $_.Name -match 'Firefox' } | Remove-Win32App -AdditionalArgs '/S'

Rerunning the Policy

Now, go back to the device page where you performed the manual policy run in Testing the Policy. Run the policy again via the Run on this Device button.

Reading the Output .. Again!

Now once more, review the Activity Log output. You now see the uninstall result has been output as follows:

Copy 
Name                        ExitCode UninstallerPath                                       UninstallerArgs
----                        -------- ---------------                                       ---------------
Mozilla Firefox (x64 en-US)        0 C:\Program Files\Mozilla Firefox\uninstall\helper.exe /S

The column ExitCode value of 0 indicates the uninstall was successful - Firefox is no more!

Next Steps

This document is a simple example that demonstrates WDK capability. This simple policy could be enriched to, for example:

  • Detect in the Evaluation script if the application is installed. Through this, you can establish a state of "compliance" around our policy.
  • Consider the ExitCode value returned from the Remote-Win32App function, thus comparing to ensure the uninstall was successful.