Uninstall-SecureMfaApiOtpProvider.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
<#
     .SYNOPSIS
        Uninstall SecureMfaApiOtpProvider authentication provider from ADFS server.
    .DESCRIPTION
        Completely remove SecureMfaApiOtpProvider from all ADFS farm servers you need to run it on all ADFS nodes (not web application proxy servers).
        This command must be executed using elevated PowerShell command window on your federation server(s)
        If you are using federation server farm that uses Windows Internal Database, you must execute commands on the primary federation server first
 
    .PARAMETER Force
        Force parameter suspends prompt message.
 
    .NOTES
        Version: 1.0.0.3
        Author: SecureMfa.com
        Creation Date: 16/06/2020
        Purpose/Change: Incorporated into PS module
   
    .EXAMPLE
        C:\PS> Uninstall-SecureMfaApiOtpProvider
 
        This command will uninstall SecureMfaApiOtpProvider from a ADFS node.
 
    .EXAMPLE
        C:\PS> Uninstall-SecureMfaApiOtpProvider -Force
          
        This command will uninstall SecureMfaApiOtpProvider from a ADFS node without any prompts.
#>


$dllpath = (Join-Path -Path $PSScriptRoot -ChildPath SecureMfaApiOtpProvider.dll)

#Check if windows events source for application log exist, if not create one.
if ([System.Diagnostics.EventLog]::SourceExists("Secure MFA API OTP") -eq $False) {New-EventLog -LogName "Application" -Source "Secure MFA API OTP"; Write-Host "Secure MFA API OTP Log Source Created."}

#Check if ADFS service is available
if((Get-Service adfssrv -ErrorAction SilentlyContinue).Status -eq "Stopped") {Start-Service adfssrv ; write-host "Starting ADFS Service on $env:COMPUTERNAME" -ForegroundColor Yellow;}

Function Uninstall-SecureMfaApiOtpProvider {
Param
(
    [Parameter(Mandatory=$false, ParameterSetName="Default")]
    [Switch]$Force
)

    #Confirm unisntall
    $message  = "Do you want to uninstall SecureMfaApiOtpProvider from $env:computername ?"            
    $question = 'Please confirm?'
    $choices = New-Object Collections.ObjectModel.Collection[Management.Automation.Host.ChoiceDescription]
    $choices.Add((New-Object Management.Automation.Host.ChoiceDescription -ArgumentList '&Yes'))
    $choices.Add((New-Object Management.Automation.Host.ChoiceDescription -ArgumentList '&No'))
    if(!($force)) {$decision_option = $Host.UI.PromptForChoice($message, $question, $choices, 0)}

    if ($decision_option -eq 0 -or $Force) 
        {
        try
        {
            $Error.Clear()
            if (!(Test-Path $dllpath -Type Leaf) ) { throw "The assembly $dllpath does not exist" }
            Write-Host "Removing SecureMfaApiOtpProvider from $env:computername" -ForegroundColor Yellow 

            #Remove additional authentication providers from ADFS global policy and unregister SecureMfaApiOtpProvider
            Set-AdfsGlobalAuthenticationPolicy -AdditionalAuthenticationProvider ""
            unregister-AdfsAuthenticationProvider -Name ï¿½SecureMfaApiOtpProvider� -Confirm:$false

            #Restart ADFS service
            write-host "Restarting adfssrv service." -ForegroundColor Green
            Stop-Service adfssrv
            Start-Service adfssrv

            #Load GAC Assembly
            write-host "Removing from GAC Assembly." -ForegroundColor Green
            Set-location $PSScriptRoot           
            [System.Reflection.Assembly]::Load("System.EnterpriseServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a") 
            $publish = New-Object System.EnterpriseServices.Internal.Publish  

            #Remove SecureMfaApiOtpProvider DLL from GAC assembly
            Write-Host "Removing SecureMfaApiOtpProvider $dllpath" -ForegroundColor yellow;
            $publish.GacRemove($dllpath)
        
        }
        catch
        {
            Write-Host "$($MyInvocation.InvocationName): $_" -ForegroundColor red
        }     

        } 
    else {Write-Host "Skiping SecureMfaApiOtpProvider unistall from $env:computername" -ForegroundColor Yellow }     

}