SecureMFA_RDS_OTP

2.0.0.3

Uninstall-SecureMFA_RD_Gateway_Authentication_Provider.ps1

                                #Requires -RunAsAdministrator

<#

     .SYNOPSIS

        Uninstalls SecureMFA RD Gateway OTP Authentication Provider.

    .DESCRIPTION

        SecureMFA RD Gateway OTP Authentication Provider plugin allows Microsoft RDS Gateway server to work with One-Time Pass codes which are elivered by RDP client as authentication cookie during user�s logon.

        Dependencies:

            * SecureMFA Tools COM extensions are required to be present on RDS gateway server to enable extraction of OTP codes for this service from SecureMFA database. 

            * System which executes a script must have Microsoft Framework 4.6.1 and above installed.

            * SecureMFA_SupportTools.dll file must be present in script directory.  

    .NOTES

        Version:        1.0.0.3

        Author:         SecureMfa.com

        Creation Date:  17/12/2019

        Purpose/Change: Minor changes 

    .EXAMPLE

        C:\PS> Uninstall-SecureMFA_RDG_OTP_AuthenticationProvider 

        This command will uninstall SecureMFA RD Gateway OTP Authentication Provider plugin from the server.

#>

$dllpath = (Join-Path -Path $PSScriptRoot -ChildPath sMFARDGAuthenticationProvider.dll)

#Check if windows events source for application log exist, if not create one.

if ([System.Diagnostics.EventLog]::SourceExists("SecureMFA_SupportTools") -eq $False) {New-EventLog -LogName "Application" -Source "SecureMFA_SupportTools" ; Write-Host "SecureMFA_SupportTools Log Source Created."}

Function Uninstall-SecureMFA_RDG_OTP_AuthenticationProvider {

Param

(

    [Parameter(Mandatory=$false, ParameterSetName="Default")]

    [Switch]$Force

)

    #Check if TSGateway existi on the system

    if(((Get-Service tsgateway -ErrorAction SilentlyContinue).Status -eq $null) -and (!($Force))) {write-host "RD Gateway Authentication Provider requires RDS Gateway service to be installed. TS Gateway services doesn't exist on $env:COMPUTERNAME" -ForegroundColor Yellow; break}

    try

    {

        $Error.Clear()

        if (!(Test-Path $dllpath -Type Leaf) ) { throw "$dllpath does not exist" }

        write-host "Registering Authentication provider: $dllpath" -ForegroundColor Cyan

        #Change TS Gataway Authentication Plugin back to native

        (get-WMIObject "Win32_TSGatewayServerSettings" -computer "." -Namespace "ROOT\CIMV2\TerminalServices").SetAuthenticationPluginAndRecycleRpcApplicationPools("native")

        #Restart RDS Gateway service

        if((Get-Service tsgateway -ErrorAction SilentlyContinue).Status -ne $null) {

        write-host "Restarting tsgateway service." -ForegroundColor Green

        Stop-Service tsgateway

        Start-Service tsgateway}

        #Register Authentication providers DLL

        Invoke-Command -ScriptBlock { regsvr32 /u /s $args[0] } -ArgumentList $dllpath

        # Remove SecureMFA RD Gateway OTP Authentication Provider registry

        write-host "Removing SecureMFA RD Gateway OTP Authentication Provider registry entries" -ForegroundColor Cyan

        if((Test-Path -LiteralPath "HKLM:\SOFTWARE\SecureMFA") -eq $true) { $keyPath = 'HKLM:\SOFTWARE\SecureMFA'; Remove-ItemProperty -Path $keyPath -Name rds* -Force; };

        Write-host "RD Gateway Authentication Plugig has been configured: "(Get-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Terminal Server Gateway\Authentication plug-ins').'(default)' -ForegroundColor Cyan

    }

    catch

    {

        Write-Host "$($MyInvocation.InvocationName): $_" -ForegroundColor red

    }    

}