Table of Contents
Uninstall SEP client from SEPM
In some cases, you want to remove SEP client from SEPM remotely. Unfortunately, it’s hard to find it in the SEPM console and they don’t have a native tool to do that.
So, we need a trick to remove SEP from SEPM without go to client machines and uninstall it manually.
1. Login into SEPM server then create a new group for removing process.
2. Select the created group, navigate to the Policies tab then uncheck to disable policy inheritance.
3. Right click on clients in other groups then move them to the removal one.
4. Now, click on the Policies tab then create a new Host Integrity policy.
6. In the Add Reequipment windows, select Windows as client platform then select Custom requirement.
7. Now, we’ll create a requirement, click on the Add button then select IF…THEN…
8. Select a condition. in this case, select Antivirus: Antivirus is installed.
9. Select Symantec Endpoint Protection from the Antivirus name list.
10. Now, move to THEN clause. Click Add button | Function then select Run a script.
11. Enter any script name then copy script content and the execute command as follow:
###The script content
$application = Get-WmiObject Win32_Product -filter "Name='Symantec Endpoint Protection'"
$application.Uninstall()
###The execute command
powershell -executionPolicy bypass -noexit -file %F%
12. Now, enough time for preparing, let’s click OK twice to create the policy. You would be asked to assign the policy, let’s assign to the new created group in the previous step.
After a few minutes, when clients get update from SEPM, the script will run then remove the SEP client automatically. You can see the client status in SEPM.
Right click on the offline client then verify the deployment status, it should be Uninstall Successful. At this time, you can safely delete the client from SEPM.
Conclusion
This post is a part of the Symantec Endpoint Protection series. You can click on the hyperlink to read more guides.
