Remove AppxPackage for All Users with For Loop and If/Else Statments

Question

Good day all!

VERY novice scripter here looking for some help for a public school K-12 district.

Sample Code:

#Clear Screen    
cls

#Launch as Administrator
 if (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))  
{  
  $arguments = "& '" +$myinvocation.mycommand.definition + "'"
  Start-Process powershell -Verb runAs -ArgumentList $arguments
  Break
}

# Search for all users of the Windows computer
 $AllUsers = Get-ChildItem 'HKLM:\Software\Microsoft\Windows NT\CurrentVersion\ProfileList' | ForEach-Object { $_.GetValue('ProfileImagePath') }
 

 #For loop search of all computer users for specific application             
 foreach ($u in $Allusers) {
     $u.Name
     $app = (Get-AppxPackage -Name *12030rocksdanister.LivelyWallpaper* -AllUsers)

 #If/Else statement to remove specific application or output not found message    
     if ($app) {
        "Application Located!"
        Get-AppxPackage -Name *12030rocksdanister.LivelyWallpaper* -User $u | Remove-AppxPackage
         "Application Removed" } 
    else {
        "Application Not Found." }

#Troubleshooting Pause  
Read-Host - Prompt "Press any key to continue!"
}

I work for a public school system and we've had students downloading unauthorized apps from the Microsoft Store. We have taken care of that by moving to a private store only. However, we need to remove the AppxPackages that some student's have installed. (We are building a list, which I'm going to put in an array to later use with the script above. Right now, I'm just trying to get the basics of the script to work before adding complexity.)

To do this, I'm trying to write a Powershell script that will examine the users on a laptop, search for a specific AppxPackage for that username, and then remove that specific package.

What's happening is I'm searching through the users found on the laptop, and I'm finding the AppxPackage, however, I think I'm only looping through the same user again and again, and again without the actual packages being removed.

What am I missing here for:

1. Find all users of a machine
2. For loop through each user looking for a specific AppxPackage
3. If the AppxPackage is found, remove the AppxPackage
4. Else move on to the next user
5. Terminate and close the script when all users have had the specific AppxPackage removed.

Thank you in advanced for all your help and assistance. I appreciate all your eyes and recommendations. Have a great day!

Answer 1

I know this is a long dead thread, but I made this today and it seems to work. The whole Remove-appxpackage -allusers thing simply doesn't work like it should.

$path = 'Registry::HKey_Local_Machine\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\*'
$items = Get-ItemProperty -path $path
Foreach ($item in $items) {
    $objUser = New-Object System.Security.Principal.SecurityIdentifier($item.PSChildName)
    $objName = $objUser.Translate([System.Security.Principal.NTAccount])
    $item.PSChildName = $objName.value
    Get-AppxPackage -Name *officehub* -User $item.PSChildName | Remove-AppxPackage
}
     

This will for instance, remove the officehub. I was getting tons of application vulnerabilities because people have not logged into certain computers in ages, and apparently the office app had some vulnerabilities. So, I had to find a way to remove the office app from everyone's profile. No one uses the store app anyways.

This will cycle through each user, then attempt to remove the app. You have to do it on a per user basis, because the version of the app can change for each user. This is why the -allusers switch doesn't seem to work IMO.

EDIT: Using the SID may actually work better, in case of deleted users:

$path = 'Registry::HKey_Local_Machine\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\*'
$items = Get-ItemProperty -path $path
Foreach ($item in $items) {
    $sid = $item.PSChildname
    Get-AppxPackage -Name *officehub* -User $sid | Remove-AppxPackage
}