Remove new outlook through gpo

0. Overview

One of my clients, obviously IT admin, wants to remove New Outlook from the domain joined computers. So, I suggest to use GPO which removes it by scheduled powershell script. Let’s figure it out together.

[Index]

1. Script
2. Create GPO
3. Result

1. Script

First up first, you need to create the script. The script should be located in “C:\Windows\SYSVOL\sysvol{domain name}\scripts” The script should be accessed from \{domain name}\netlogon

In this case, I create the script in “C:\Windows\SYSVOL\sysvol\all.run.local\scripts”. and the script name is rmNewOutlook.ps1.

https://github.com/eelhpesoj/Powershell/blob/master/AD/rmNewOutlook.ps1

$getNewOutlook = Get-AppPackage Microsoft.OutlookForWindows -AllUsers -ErrorAction SilentlyContinue

if($getNewOutlook){

$getNewOutlook | Remove-AppPackage -AllUsers

    exit

}

else {

    exit

}

2. Create GPO

Find “scheduled task” from computer configuration. and create the task.

I just configured it as system context, the most high previlaged one.

And here is the thing. Go to action tab. and edit.

Set those two value as below.

Program/script:

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Add arguments(optional):

-ExecutionPolicy Bypass -NoProfile -File "\\ALL.run.local\netlogon\rmNewOutlook.ps1"

3. Result

After the GPO setup has done, You can pull the policy from the domain joined computers by executing command “gpupdate /force”. And once the policy has updated, you can see the task from task scheduler library.

Hope this can help you guys!