I am trying to uninstall a recently installed service, I am running this in command line:
c:\Windows\Microsoft.NET\Framework\v4.0.30319>installutil.exe /u "C:\inetpub\www
root\xxx\xxx\xxx.exe"
But I am getting this:
The uninstall has completed.
An exception occurred while uninstalling. This exception will be ignored and the
uninstall will continue. However, the application might not be fully uninstalle
d after the uninstall is complete.
And this:
Removing EventLog source xxx.
An exception occurred during the uninstallation of the System.Diagnostics.EventL
ogInstaller installer.
System.Security.SecurityException: Requested registry access is not allowed.
An exception occurred while uninstalling. This exception will be ignored and the
uninstall will continue. However, the application might not be fully uninstalle
d after the uninstall is complete.
I have no idea where to begin and I really need to uninstall these so any help is appreciated
I was facing exact same issue.
The issue is resolved by opening the Command Prompt as Administrator.
My guess is that you are probably trying to remove a service using a user account which does not have sufficient rights. Specifically, the issue in this case is the removal of some EventLog registry keys during Uninstall.
This may also occur when you are logged in as a user with Administrator privileges yet did not run the Command Prompt in 'Administrator Mode'.
One way to fix this is to make sure that you are running the Command Prompt in Administrator mode. (Right-click > Run as Administrator)
I have also encountered some cases where this method still fails to solve the SecurityException problem due to some registry keys not having 'Full Control' permissions for Administrator accounts.
The following keys should have 'Full Control' set for Administrators in order for the service to be able to write to the EventLog:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application
This may be done by:
Invoking the Windows Registry Editor
Run [Win + R]
Type 'regedit'
OK
Navigate a path listed about
Right click on the desired path
Make sure that both Read and Full Control permission checkboxes are ticked for Administrators
Click Apply and OK
Repeat the same process for the other path
Related
I have been working diligently to get Dynamics Installed on Azure, I have made it a good way through the Example-1VM.ps1 before encountering a failure to 'Install-AzureWinRMCertificate' error message indicating access denied. The error is coming while running the PowerShell script 'New-NAVAdminSession.ps1' I can see from looking in Azure, much of the work has been done properly from the Example-1VM.ps1 file, but I'm not sure what is next, Can I manually install the certificate and if so may I know how? If not, how do I correct this so I can re-run the Example-1VM.ps1 script.
Thanks to Walter slapping me upside the head (kindly of course) to double check if I was running PowerShell ISE as Administrator I was able to get this resolved.
Once I exited PowerShell ISE and re-entered the desktop application with the option 'run as Administrator' all worked fine.
Just goes to show sometimes we are too close to our own problems.
Cheers Walter
According to your error log, it seems a permission issue. Please close your PowerShell and run PowerShell Run as Administrator.
Greeting Everyone,
Hoping someone has a quick insight but I am getting access denied on a service account using the PowerShell command Remove-CMDevice.
This process is as per outlined here, https://technet.microsoft.com/en-us/library/jj821759(v=sc.20).aspx
The account has permission to remove devices from SCCM and this works fine through the GUI but not the command line. I have been unable to find documentation on what permissions the account need to do this via command line, it works fine manually in the GUI.
If anyone can shed light on this it will be wonderful, I do want to keep this service account as having as minimal permissions as possible.
Many thanks,
Edit to Add Image as follows,
After a lot of testing, I'm here with an answer on the Permission part when using PowerShell console to remove CM system object. Of course the symptom is the same: The account can delete from Admin console, however, when using PowerShell, it failed with Permission error message.
The account to perform the Remove-CMDevice cmdlet must have proper RBA Permission on the object. Assume the security scope is default one, the account connected to Configuration Manager console must have below RBA permission which I tested is almost minimal permission:
In the screenshot the Collection part, the permission is easy to understand, Read, Delete Resource, etc.
For the Computer Association part, you may get confused, why?
Steps I did the troubleshooting:
I opened a PowerShell Console connecting to Configuration Manager using my test account and run below command to see what will happen:
Remove-CMDevice 'Rsuraceccc' -Verbose
I got below error:
Yes, it's trying to querying from the SMS_StateMigration. Then I try to run a simple command:
Get-WMIObject -NameSpace root\sms\site_clt -Query 'Select * from SMS_StateMigration'
Once again, I got error. So I get the conclusion that the account needs Permission on SMS_StateMigration. So I add 'Recover User State' permission of Computer Association on the role and tried again, cheers, this time all command runs successfully.
I don't know why it's using SMS_StateMigration, but this is the case here.
I tried attaching to a process (which belongs to an antivirus) using windbg. I ran windbg as administrator but I get the following error when I try to attach to the process:
Unable to examine process id 6128. Win32 error 0n5
Cannot debug pid 6128, Win32 error 0n5
Access is denied
Is there anything that I am overlooking? Thank you for your help
Even though you're logged on as an administrator, you may need to run windbg as an elevated administrator. Try right clicking the windbg icon and select "Run as administrator". Then attempt to attach to the process.
Also from Harry Johnston comment above:
Anti-virus software usually protects its processes from interference,
including debugging. There may be an option to turn this off, look for
"tamper protection" or similar. If there is no option to disable
tamper protection, there is probably no straightforward way to debug
the process.
Actually I try to install a service called poweroff. This service normally will be installed from a software also called poweroff.
You find it here under old projects:
http://users.telenet.be/jbosman/applications.html
Until now on each pc i want to install the service I use an .cmd file with the content
poweroff.exe shutdown -create_service -msg "This computer will be shut
down!" -warn -warntime 10 -wait 10 -force -allow_remote -remote_port
3210 -remote_pswd password
it creates the service so I can see it inside the services.msc program.
But now on one pc this command do nothing and when I try to create the service inside the poweroff program there comes an message "Access denied".
Because I logged on as administrator I think not that it is an right problem.
Do anyone have an idea why the service will not created?
It seems that the problem was the access to the folder C:\Windows\System32.
After adding the poweroff.exe file to this folder the service could be created without problems.
Thanks to Jorgen Bosman for helping me to find this solution.
I was given the task of removing bloatware from a brand-new Acer laptop. My (and the laptop owner's) definition of bloatware includes all pre-installed Apps and the Winstore itself. You may disagree with that, but that's beside the point.
I tried the remove-appxpackage Powershell command with Winstore's ID and got an error, the important part of which is
This app is part of Windows and cannot be uninstalled on a per-user basis. An
administrator can attempt to remove the app from the computer using Turn Windows Features on or off. However, it may not be possible to uninstall the app.
I didn't see any such option in the Windows Features menu. Can the Winstore be removed from Win8.1?
Here's the full error message (for reference):
remove-appxpackage : Deployment failed with HRESULT: 0x80073CFA, Removal failed. Please contact your software vendor.
(Exception from HRESULT: 0x80073CFA)
error 0x80070032: AppX Deployment Remove operation on package winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy from:
C:\Windows\WinStore failed. This app is part of Windows and cannot be uninstalled on a per-user basis. An
administrator can attempt to remove the app from the computer using Turn Windows Features on or off. However, it may
not be possible to uninstall the app.
NOTE: For additional information, look for [ActivityId] 83cee5eb-80ef-0001-3bc1-cf83ef80d001 in the Event Log or use
the command line Get-AppxLog -ActivityID 83cee5eb-80ef-0001-3bc1-cf83ef80d001
At line:1 char:1
+ remove-appxpackage winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy -confirm
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : WriteError: (winstore_1.0.0....l_cw5n1h2txyewy:String) [Remove-AppxPackage], IOException
+ FullyQualifiedErrorId : DeploymentError,Microsoft.Windows.Appx.PackageManager.Commands.RemoveAppxPackageCommand
I am sure you figured this out by now, but seeing as you haven't given this question an check mark for correct answer I am giving you my two cents.
First stop the service named:
Go to Services
Find the service called: Display Name: Windows Store Service(WSService)
Run "remove-appxpackage Winstore's ID"
This should remove the application, but only once the service is stopped. If you cannot find the service in Services, go find it in the registry. The registry name is: Service Name (registry): WSService
Let me know if this helps you a year and a half later. For future reference all applications running a services most likely need that service stopped before a remove is possible.
The UnderDog
You should be able to remove the Winstore in the context of the machine, rather than the user (which is implied by the error message). I have met with success removing Group Policy (which also insists that it is a part of Windows) by using a Task Scheduler task (running as LOCALSYSTEM) to stop the service and then remove it.
Since the Winstore is a Windows Service, this solution should work for you.