Getting Started with WDK!

Summary

Below, we'll dive into an example of how WDK can be implemented to reduce the complexity and time investment required to perform a common workplace automation task: uninstalling an application. In our example, we'll be removing Mozilla Firefox.

Prerequisites

If you'd like to replicate this behavior in your own Automox environment, please ensure the following prerequisites are met:

  • The device(s) targeted meet the Automox system requirements .
  • The device(s) targeted have Mozilla Firefox installed.
  • You have an Automox Console account with the appropriate permissions to create, read & execute Worklet policies ( Patch Operator and higher ).

Creating the Policy

  1. Head to the Automox Console and sign in with an account holding the required permissions outlined in the Prerequisites section.
  2. Create the base Worklet policy, providing the name and targeting options for both operating system and Automox device group(s). For further guidance on creating a Worklet policy, please refer to Creating a Worklet .
  3. For our example, we'll be creating a Worklet that can be manually run to perform a Firefox uninstall. Considering this, our evaluation code can simply be exit 0 .
  4. For our remediation code, we'll implement the Get-Win32App and Remove-Win32App WDK functions to locate the app and attempt the removal:
Copy
Copied
# define our application name
$appName = 'Firefox'

# get matching apps
# using the -IncludeUsers parameter allows us
# to also retrieve matching installs from each
# user's profile
$apps = Get-Win32App -IncludeUsers | Where-Object { $_.Name -match $appName }

# enumerate the collected apps
foreach ( $app in $apps )
{
    # evaluate if we CAN uninstall the app
    # in some cases, software manufacturers
    # do not provide the required arguments
    # to SILENTLY remove the application
    if ( $app.CanQuietUninstall )
    {
        # uninstall the application
        $app | Remove-Win32App
    }
    else
    {
        # generate activity log output if we
        # cannot uninstall the application
        out "$( $app.Name ) cannot be quietly uninstalled."
    }
}
  1. Create the policy by selecting the Create Policy button at the bottom of the page.

Testing the Policy

Now that we have our shiny new policy created. It's time to test it!

To do this:

  1. Navigate to Devices and select a device you'd like to perform this uninstall for.
  2. Scroll down to the Associated Policies area, and select Run on this Device to the right of your newly created Uninstall Firefox policy.
  3. Now let's head over to the Activity Log and review the output.

Reading the Output

Let's take a look at our Activity Log output. Select Reports from the top navigation menu then select Activity Log from the Reports page.

In the Activity Log, we'll now see some output generated:

Mozilla Firefox (x64 en-US) cannot be quietly uninstalled.

Unfortunately, it looks like in this case Firefox cannot be uninstalled without some additional input. Let's insert the silent uninstall switch, via Remove-Win32App's -AdditionalArgs switch.

Providing the Silent Switch

Heading back to our Uninstall Firefox policy page. Let's tweak the Remediation code to perform this install silently. Since we're now providing known arguments to perform the removal, we're able to significantly shorten our code:

Copy
Copied
# define our application name
$appName = 'Firefox'

# locate and remove mozilla firefox, silently
Get-Win32App -IncludeUsers | Where-Object { $_.Name -match 'Firefox' } | Remove-Win32App -AdditionalArgs '/S'

Rerunning the Policy

Now let's head back to the device page where we performed the manual policy run in Testing the Policy. Run the policy again via the Run on this Device button.

Reading the Output .. Again!

Now once more, let's review our Activity Log output. We now see the uninstall result has been output as follows:

Copy
Copied
Name                        ExitCode UninstallerPath                                       UninstallerArgs
----                        -------- ---------------                                       ---------------
Mozilla Firefox (x64 en-US)        0 C:\Program Files\Mozilla Firefox\uninstall\helper.exe /S

The column ExitCode value of 0 indicates our uninstall was successful - Firefox is no more!

Next Steps

This document is intended to be a simple example to demonstrate WDK capability. This simple policy could be enriched to, for example:

  • Detect in the Evaluation script if the application is installed. Through this we can establish a state of "compliance" around our policy.
  • Consider the ExitCode value returned from our Remote-Win32App function, thus comparing to ensure our uninstall was successful.