Uninstall-SecureMFA_WIN_OTP_AuthenticationProvider.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
#Requires -RunAsAdministrator
#Requires -Version 5.0

<#
     .SYNOPSIS
        Uninstalls SecureMFA WIN OTP Authentication Provider.
    .DESCRIPTION
        Uninstalls SecureMFA WIN OTP Authentication Provider from system and restores default provider settings.
  
    .NOTES
        Version: 2.0.0.1
        Author: SecureMfa.com
        Creation Date: 28/09/2020
        Purpose/Change: Release
   
    .EXAMPLE
        C:\PS> Uninstall-SecureMFA_WIN_OTP_AuthenticationProvider
 
        This command Uninstalls SecureMFA WIN OTP Authentication Provider from Windows.
    
#>


$provider_dll = [Environment]::SystemDirectory + "\sMFAWINAuthenticationProvider.dll" 
$provider_wintools_dll = (Join-Path -Path $PSScriptRoot -ChildPath SecureMFA_WinTools.dll)

Function Uninstall-SecureMFA_WIN_OTP_AuthenticationProvider {
Param
(
    [Parameter(Mandatory=$false)][Switch]$Force
)
    
    #Validate uninsatall action
    if (!$Force) {
    $message  = "Please confirm if you want to uninstall SecureMFA WIN OTP Authentication Provider [ Default Windows authentication provided will be restored ]"            
    $question = 'Please confirm?'
    $choices = New-Object Collections.ObjectModel.Collection[Management.Automation.Host.ChoiceDescription]
    $choices.Add((New-Object Management.Automation.Host.ChoiceDescription -ArgumentList '&Yes'))
    $choices.Add((New-Object Management.Automation.Host.ChoiceDescription -ArgumentList '&No'))
    $decision_Validation = $Host.UI.PromptForChoice($message, $question, $choices, 0)
    if ($decision_Validation -eq 1 ) {Write-Host "Uninstall has been cancelled, exiting!" -ForegroundColor Yellow ; break} 
    }
            
    try
    {
        $Error.Clear()
        if (!(Test-Path $provider_wintools_dll -Type Leaf) ) { throw "$provider_wintools_dll does not exist" }
        Write-Host "Removing SecureMFA WIN OTP Authentication Provider from $env:computername" -ForegroundColor Yellow 
             
        #Start Uninstall

        #Unregister provider
        if((Test-Path -LiteralPath "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{85A8E189-2C6F-44CF-AE85-4FD6220589DE}") -eq $true) { 
            Remove-Item -LiteralPath "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{85A8E189-2C6F-44CF-AE85-4FD6220589DE}" -force;
        }

        if((Test-Path -LiteralPath "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters\{85A8E189-2C6F-44CF-AE85-4FD6220589DE}") -eq $true) {
            Remove-Item -LiteralPath "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters\{85A8E189-2C6F-44CF-AE85-4FD6220589DE}" -force;
        }

        # Restore windows fallback settings
        New-ItemProperty -LiteralPath 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers' -Name 'ProhibitFallbacks' -Value 0 -PropertyType DWord -Force -ea SilentlyContinue;

        #Delete provider file from system directory
        Write-Host "Removing SecureMfa WIN OTP Provider $provider_dll" -ForegroundColor yellow;
        if(Test-Path -Path $provider_dll) {Remove-Item $provider_dll -Force}
        
        #Load GAC Assembly
        write-host "Removing from GAC Assembly." -ForegroundColor Yellow
        Set-location $PSScriptRoot           
        [System.Reflection.Assembly]::Load("System.EnterpriseServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a") 
        $publish = New-Object System.EnterpriseServices.Internal.Publish  

        #Remove SecureMfaOtpProvider DLL from GAC assembly
        Write-Host "Removing SecureMfa WIN OTP Provider $provider_wintools_dll" -ForegroundColor yellow;
        $publish.GacRemove($provider_wintools_dll)

        # Remove WIN OTP Authentication Provider registry
        write-host "Removing WIN OTP Authentication Provider registry entries." -ForegroundColor Yellow
        if((Test-Path -LiteralPath "HKLM:\SOFTWARE\SecureMFA") -eq $true) { $keyPath = 'HKLM:\SOFTWARE\SecureMFA'; Remove-ItemProperty -Path $keyPath -Name win* -Force; };

        # Uninstall completed:
        write-host "Uninstall of SecureMFA WIN OTP Authentication Provider complete." -ForegroundColor Green
        
    }
    catch
    {
        Write-Host "$($MyInvocation.InvocationName): $_" -ForegroundColor red
    }    


}