Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

GPO on Win 2008 to delete a file from all users

Posted on 2014-01-30
8
Medium Priority
?
412 Views
Last Modified: 2014-01-31
Good Afternoon,

I would like to create a GPO to delete a file from all users desktops in our domain. I've noticed there was a way to delete a shortcut but this does not appear to work for executable files.  Any help would be appreciated.  

Thanks,
RD.
0
Comment
Question by:BadToro
  • 4
  • 3
8 Comments
 
LVL 10

Expert Comment

by:Zenvenky
ID: 39821436
Interesting GPO. Yes, you can do it if you are using Server 2008 and above as Domain Controller. Create GPO and edit it, and go to Computer Configuration, then select Preferences, then select Files and give the path from where you want to delete file. If you want to do this for specific user then go with User configuration and Preferences.


Hope this helps.
0
 
LVL 4

Expert Comment

by:jprlopes
ID: 39821447
There is no native way to delete files with GPO.

You can use a GPO with a script, and will be that script that will delete the file...
0
 

Author Comment

by:BadToro
ID: 39821454
Here's what I've tried so far:

User Configuration\Preferences\Windows Settings\Files - I then created a new file, set the action to delete and entered  "%userprofile%\desktop\filename" in the delete files section.

My checked items under the common tab are :

Run in logged-on user's security context
Apply once and do not re apply
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 10

Expert Comment

by:Zenvenky
ID: 39821528
Settings look good, it should work. If it doesn't work then I would suggest you to turn off firewall and ask user to restart workstation. If not you create a test machine environment and check the same.
0
 

Author Comment

by:BadToro
ID: 39821530
Ok, So I've tried editing the GPO using the computer configuration Preferences\Windows Settings\Files  then the path.  On the computer side, when I force the gpupdate, I get the error below:

The computer 'filename' preference item in the '{Policy Name}' Group Policy did not apply because it failed with error code '0x80070002 The system cannot find the file specified.' This error was suppressed.
0
 

Author Comment

by:BadToro
ID: 39821539
Other GPOs were applied.  In essence, I'm deleting an old executable file and placing the updated version of that file.

I new file is creating, but the old file isn't being deleted.
0
 
LVL 10

Accepted Solution

by:
Zenvenky earned 1500 total points
ID: 39821829
Error 0x80070002 occurs due to incomplete security permissions. Mostly System / Authenticated Users / Creator Owner are not there on the folder on which you are trying to apply GPO.
0
 

Author Comment

by:BadToro
ID: 39825027
Thanks for the help.  I used another machine and user to test and it worked fine, will troubleshoot permissions on my test pc.

RD
0

Featured Post

NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question