Solved

GPO on Win 2008 to delete a file from all users

Posted on 2014-01-30
8
407 Views
Last Modified: 2014-01-31
Good Afternoon,

I would like to create a GPO to delete a file from all users desktops in our domain. I've noticed there was a way to delete a shortcut but this does not appear to work for executable files.  Any help would be appreciated.  

Thanks,
RD.
0
Comment
Question by:BadToro
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 9

Expert Comment

by:Zenvenky
ID: 39821436
Interesting GPO. Yes, you can do it if you are using Server 2008 and above as Domain Controller. Create GPO and edit it, and go to Computer Configuration, then select Preferences, then select Files and give the path from where you want to delete file. If you want to do this for specific user then go with User configuration and Preferences.


Hope this helps.
0
 
LVL 4

Expert Comment

by:jprlopes
ID: 39821447
There is no native way to delete files with GPO.

You can use a GPO with a script, and will be that script that will delete the file...
0
 

Author Comment

by:BadToro
ID: 39821454
Here's what I've tried so far:

User Configuration\Preferences\Windows Settings\Files - I then created a new file, set the action to delete and entered  "%userprofile%\desktop\filename" in the delete files section.

My checked items under the common tab are :

Run in logged-on user's security context
Apply once and do not re apply
0
[Live Webinar] The Cloud Skills Gap

As Cloud technologies come of age, business leaders grapple with the impact it has on their team's skills and the gap associated with the use of a cloud platform.

Join experts from 451 Research and Concerto Cloud Services on July 27th where we will examine fact and fiction.

 
LVL 9

Expert Comment

by:Zenvenky
ID: 39821528
Settings look good, it should work. If it doesn't work then I would suggest you to turn off firewall and ask user to restart workstation. If not you create a test machine environment and check the same.
0
 

Author Comment

by:BadToro
ID: 39821530
Ok, So I've tried editing the GPO using the computer configuration Preferences\Windows Settings\Files  then the path.  On the computer side, when I force the gpupdate, I get the error below:

The computer 'filename' preference item in the '{Policy Name}' Group Policy did not apply because it failed with error code '0x80070002 The system cannot find the file specified.' This error was suppressed.
0
 

Author Comment

by:BadToro
ID: 39821539
Other GPOs were applied.  In essence, I'm deleting an old executable file and placing the updated version of that file.

I new file is creating, but the old file isn't being deleted.
0
 
LVL 9

Accepted Solution

by:
Zenvenky earned 500 total points
ID: 39821829
Error 0x80070002 occurs due to incomplete security permissions. Mostly System / Authenticated Users / Creator Owner are not there on the folder on which you are trying to apply GPO.
0
 

Author Comment

by:BadToro
ID: 39825027
Thanks for the help.  I used another machine and user to test and it worked fine, will troubleshoot permissions on my test pc.

RD
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question