If Intune filters was my favourite new Intune feature of 2021, Proactive Remediations is fast becoming my favourite for 2022.
I’m starting to use this feature a lot at work and its starting to replace the Win32 app method to deploy a configuration as well ensuring it remains set.
I’ve also previously blogged about how to remove the “Teams Personal” app that keeps returning in Windows 11, especially after patching/feature updating (It’s a lot more noticeable on the Windows Insider builds). So, after using Intune PowerShell and then switching to Win32 app, I find that it’s third time lucky with Proactive remediations (still holding out hope for an Intune Configuration Profile setting if anyone from Microsoft reads this)
Similar to the approach took with the Win32 app method, you really only need two scripts, a detection script and a remediation script.
These are the scripts I am using:
Detection
#==========================================================================================
#
# Script Name: TeamsPersonal_Detection.ps1
# Description: Looks for the Teams Personal App
#
# Change Log: Paul Warren 09 Sept 2022 Script Created
#
#==========================================================================================
# Define Variables
$TeamsApp = Get-AppxProvisionedPackage -online | where-object {$_.PackageName -like "*MicrosoftTeams*"}
try
{
if ($TeamsApp.DisplayName -eq "MicrosoftTeams"
{
Write-Output "Teams Built-in Present"
Exit 1
}
ELSE
{
Write-Output "Teams Built-in Not Present"
Exit 0
}
}
catch{
$errMsg = $_.Exception.Message
Write-Error $errMsg
exit 1
}
Remediation
#==========================================================================================
#
# Script Name: TeamsPersonal_Remediation.ps1
# Description: Removed Teams Personal App
#
# Change Log: Paul Warren 09 Sept 2022 Script Created
# Paul Warren 19 Sept 2022 Added stop-process for msteams.exe
#==========================================================================================
try
{
#Kill msteams process
If (Get-Process msteams -ErrorAction SilentlyContinue) {
Try {
Stop-Process msteams -Force
}
catch {
Write-Output "Might be issues - Continue anyway..."
}
}
Get-AppxPackage -Name MicrosoftTeams -AllUsers | Remove-AppPackage -AllUsers
exit 0
}
catch{
$errMsg = $_.Exception.Message
Write-Error $errMsg
exit 1
}
To set this up in Intune, navigate to Reports – Endpoint Analytics – Proactive Remediations
Click on Create script package
Give an appropriate name and description
| Name | Proactive Remediation – Remove Teams Personal App |
| Description | Looks for the built in Teams Personal app on Windows 11 and if detected, removes it |
On the create custom script page – you will need to navigate to the detection script
And then do the same for the remediation script
Configure Scope Tags as required and click Next
Select the most appropriate group for your environment, in this example, I am using the All users built in group along with the Windows 11 Devices Intune Filter. Click Next
Review what has been configured and click Create
Notification
You may need to click Refresh to see the newly created Proactive remediation
Schedule
You may want to configure a frequency for this to run (the default is Daily at 12:00pm).
As an example, I will change the Frequency to Hourly and interval to every to four hours, but you should configure the most appropriate frequency for your environment
Overview
After a period of time, you will start to see devices check in and those that are detected will have the remediation script run. Another interesting status is the Recurred one, and as Teams Personal is an app that often reappears, you will see here when the app removal reoccurs.
Device Status
You can get a more detailed information on a device basis by clicking on Device status
P.
thenewnumber2.com 