I wrote a power shell script to delete the duplicated ePO GUID stored in the Windows registry key. Firstly, I would like to know which machines are responsive. Then I need to find out whether I got the admin permission on the remote machines. Lastly, remove the specified reg keys.
#Read the machine name data from the text file named machines.txt
$MachineList = get-content machines.txt
foreach ($Machine in $MachineList)
{
#Run ping test
$MachineName = $Machine
$result = Get-WMIObject -query “select StatusCode from Win32_PingStatus where Address = ‘$MachineName'”
# If responsive
if ($result.statuscode -eq 0)
{
#Test the admin permission
$permission = Test-Path \\$MachineName\c`$
#If has the admin permission, then clean the reg key
if ($permission)
{
#build the connection to the remote registry
$reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey(‘LocalMachine’, $MachineName)
#Connect to the ePO reg key
$regKey= $reg.OpenSubKey(“SOFTWARE\\Network Associates\\ePolicy Orchestrator\\Agent”,$true )
#Delete the following sub keys
foreach ($key in $regKey.GetValueNames())
{
if ($key -eq “AgentGUID”)
{
$regKey.DeleteValue($key)
}
if ($key -eq “IPAddress”)
{
$regKey.DeleteValue($key)
}
if ($key -eq “MacAddress”)
{
$regKey.DeleteValue($key)
}
}
#Record the processed machines into the processed.log
echo $MachineName >> Processed.log
}
#If no admin permission, then record the machines into the NoPermission.log
else {echo $MachineName >> NoPermission.log}
}
#If ping is not responsive, then record the machines into unresponsive.log
else {echo $MachineName >> Unresponsive.log}
}
Jackie Chen's IT Workshop 