Uninstall Windows Built-in Apps With Powershell

The following Powershell script uninstalls Windows built-in apps for all users on a machine with specific exceptions:


$GoodPackages = 'Camera',

'Calculator',

'Microsoft.WindowsCalculator',

'Microsoft.WindowsCamera',

'Microsoft.SecHelathUI',

'Microsoft.VP9VideoExtension',

'Microsoft.WebMediaExtensions',

'Microsoft.WindowsTerminal',

'Microsoft.Paint',

'Microsoft.MSPaint',

'Microsoft.MicrosoftEdge*',

'Microsoft.Net*',

'Microsoft.WindowsNotepad',

'MicrosoftTeams',

'Microsoft.MicrosoftStickyNotes',

'Microsoft.ScreenSketch',

'Office',

'OneNote for Windows 10',

'Notepad',

'snip & sketch',

'Voice Recorder'


$packages = Get-AppxPackage -allusers | Where-Object {$_.Name -notin $GoodPackages}


foreach ($package in $packages) {

Remove-AppxPackage -allusers $package.PackageFullName

}


$provisionedPackages = Get-AppxProvisionedPackage -online | Where-Object {$_.displayName -notin $GoodPackages}


foreach ($provisionedPackage in $provisionedPackages) {

Remove-AppxProvisionedPackage -online -packageName $provisionedPackage.PackageName

}

RSAT Fails to Install on Windows 11 Installer Encountered an Error: 0x8024001d

 When attempting to install RSAT tools on Windows 11, an error is encountered


This error is a result of the installer being unable to access online content from Windows Update.

To quickly resolve this issue, make a temporary change to the registry settings on the machine.

Start

Run 

Regedit

Navigate to:
Computer\HKEY_Local_Machine\Software\Policies\Microsoft\Windows\WindowsUpdate\AU

change the value for UseWuServer from 1 to 0

Start or Restart the WindowsUpdate Service from Services.msc

Reattempt to install RSAT

once RSAT tools are installed, reset the registry key to 1

Restart WindowsUpdate

MECM SCCM: Site Component Manager Failed to Install Component, Because Microsoft Installer File for This Component (bgbisapi.msi) Could Not Install

Issue

 After installing a MECM hotfix update, the following error began showing in Component Status for SMS_NOTIFICATION_SERVER:


Site Component Manager Failed to Install Component, Because Microsoft Installer File for This Component (bgbisapi.msi) Could Not Install

Source: SMS Server

Component: SMS_NOTIFICATION_SERVER

Severity: ERROR

Message ID: 4951



Resolution

Restore Performance Counter Registry Settings

  • On the Site Server, open a command prompt with administrator privileges
  • run the following command:
    LODCTR /R

  • If the command fails with error code 2, run the command again:
    LODCTR /R
  • Restart the Site Server


Microsoft Endpoint Configuration Manager - MECM - SCCM Error: Distribution Manager Failed to Find or Create the Define Share or Folder on Distribution Point

 Configuration Manager Error

While reviewing:

Monitoring - Overview - Distribution Status - Distribution Point Group Status - All Distribution Points

Noted error distributing content:
Distribution Manager Failed to Find or Create the Define Share or Folder () on Distribution Point

=================================================

Summary

The Distribution Manager failed to find or create the defined share or volume on the distribution point for distributing the package.

Causes

This condition could occur because Windows NT distribution points might not have at least one available NTFS drive.

Resolutions

Verify that there is at least one NTFS drive with enough free disk space to store the package. Then, verify that the distribution point directory exists, has the proper permissions, and is accessible.

=====================================================================

Upon reviewing distmgr.log on site server, noted the following error:

Failed to find a drive with 83,958,980 KBytes of free disk space SMS_DISTRIBUTION_MANAGER


Resolution:

Increased drive capacity on distribution server



Microsoft Endpoint Configuration Manager MECM SCCM Failed to Decode Message Hook Authenticate Error 0x87d00309 InvokeDecodingHooks failed 0x87d00309 HandleRemoteSyncSend Failed Cforwarder_Sync:Send failed

After upgrading to MECM current version 2111, deployments were not progressing, imaging was failing, devices all showing offline in Assets and Compliance - Devices. 

 Upon reviewing CcmMessaging.log (C:\Windows\CCM\logs) on a client machine, the following error messages were noted: 
Failed to decode message. 
Hook authenticate. Error 0x87d00309 
InvokeDecodingHooks failed (0x87d00309). 
HandleRemoteSyncSend failed (0x87d00309). 
CForwarder_Sync::Send failed (0x87d00309). 
CForwarder_Base::Send failed (0x87d00309). 

After coming through server logs, discovered an issue with Active Directory Publishing 
In Endpoint Configuration Manager console: Administration - Hierarchy Configuration - Active Directory Forests 
Publishing Status was blank Right Clicked domain for domain properties 

When domain properties displayed, clicked Publishing tab Site was not checked under "Select the site that will be published" 
checked the checkbox by the sitename 
clicked OK 
Publishing status updated to display "Insufficient Access Rights" 

MECM AD Forest publishing requires that the Management Points computer accounts have full access to the System Management OU in AD 

Launched Active Directory User and Computers 
Clicked View and select Advanced 
expanded domain expanded System 
right clicked System Management
clicked properties 
clicked Security tab 

Noted only one MP listed with full access, but permissions were "This Object Only"
Changed permissions to "This object and all descendant objects" (as per https://docs.microsoft.com/en-us/mem/configmgr/core/servers/deploy/configure/publish-site-data)

Added computer account for second MP, granted full access and set permissions to "This object and all descendant objects" 
Clicked OK 
Closed AD Users and Computers 
 Refreshed screen in MECM console for Administration - Overview - Hierarchy Configuration - Active Directory Forests 
After a few minutes, publishing displayed "Succeeded" 
 After 30 minutes, devices began to show online in Assets and Compliance - Devices 
After an hour, deployments began to show progress. 
Tested imaging a workstation and it completed successfully.

LanSweeper Scanner Stuck IP Scanning

 LanSweeper Scanner does not complete scanning devices in IP Scanning queue - IP addresses shown as processing not completing.


Exclude Problematic IP or Device

Try to determine the device with the IP address where the scanner is getting stuck. If unneeded, try excluding the device type or the specific IP address:

From the Scanning Tab, select Scanning Targets, then click Add Exclusion 


LanSweeper provides 4 Exclusion Types:

Asset Type, IP Address or Range, Windows Computer, and Workgroup of Domain.


Disable Unneeded Scanning Services

Configuration Tab
Click Server Options


Lower Log Data Retention

On the same page, lower the retention of any or all logs - especially Eventlog Entries



Perform LanSweeper Database Maintenance 

On the LanSweeper Scanning Server
Launch Windows Services
Stop the LanSweeper Server Service


Stop IIS Service


Run the LanSweeper Database Maintenance Tool
C:\Program Files (x86)\Lansweeper\Tools\DatabaseMaintenance.exe



Click Truncate Logs
Status will show "In Progress". Status will show "Healthy" when completed.

Click Shrink
Status will show "In Progress". Status will show "Healthy" when completed.

Click Rebuild Index
Status will show "In Progress". Status will show "Healthy" when completed.

Close the LanSweeper Database Maintenance Tool

Restart IIS Express Service



Restart LanSweeper Server Service



Deploying Windows Metro Apps With Microsoft Endpoint Configuration Manager (MECM) Without the Microsoft Store Installed

 To Deploy Windows Metro Apps in Config Manager, first download the desired app

Open a browser and navigate to the Microsoft Store: https://www.microsoft.com/en-us/store/apps/windows

search and locate the desired app



copy the URL from the address bar without the #activetab=pivot:overviewtab


ex: https://www.microsoft.com/en-us/p/windows-camera/9wzdncrfjbbg

convert the link to the actual Microsoft Store item using the website https://store.rg-adguard.net.

change the option RP to Retail then click the check mark


From the results, locate the latest version with the extension appxbundle

to download the app package, copy and paste the link and open it in a new browser tab (clicking for some reason usually doesn't work)

Create a package in MECM console and distribute it with the app

copy the application to a network share

Overview - Software Library - Applications - Packages
Click the Create Package icon
provide the package a name
check the box "This package contains source files" and browse to the network share where the app was saved
NEXT
click the radio button Do Not Create a Program
NEXT
NEXT
CLOSE

Right Click the newly created package
Click Distribute Content
proceed to deploy to all distribution servers

Create a Task Sequence to Install the App

Overview - Software Library - Operating Systems 
Expand Task Sequences
Click Apps
Click the Create Task Sequence icon
Name the task sequence

add Run Command Line

name: enable Client License Service

Command Line:  cmd /c sc config ClipSVC start = auto

on the options tab check "continue on error" 


add Run Command Line

name: Start Client License Service

Command Line:  net start ClipSVC

on the options tab check "continue on error" 


add Run Command Line

name: Enable Appx Deployment Service

Command Line:  ncmd /c sc config AppxSVC start=auto

on the options tab check "continue on error" 


add Run Command Line

name: Start Appx Deployment Service

Command Line:  net start AppxSVC

on the options tab check "continue on error" 


add Run Command Line

name: Copy App

Command Line: Xcopy ".\" "C:\Temp" /D /E /C /R /H /I /K /Y /Q

check the Package box

browse to the package created in the previous step


add Run Command Line

name: Install App

Command Line: cmd /c DISM.exe /Online /Add-ProvisionedAppxPackage /PackagePath:C:\Temp\package name downloaded in step one /SkipLicense


add Run Command Line

name: Clean Up

Command Line: cmd /c del /q c:\temp\package name downloaded in step one 

Click OK

Deploy the Task Sequence

Right click the newly created task sequence and deploy it to the appropriate device collection