Remove Application from multiple locations on computer

Contributor II

We have a application that we are trying to remove from all managed computers (HipChat). It can live in /Applications or ~/Applications or pretty much anywhere. I did a basic script to remove it from /Applications but lots of machine still report having it installed. Any pointers on scripting to search the drive to find the App and remove all copies from all places?


New Contributor III

Are you also removing the receipt from when it was initially installed?

Contributor II

I have not been, basically just a rm pointed at the .app in /Applications. I know it is still installed in some ~/Applications even after the policy to remove it has run, because its not looking there. So it continues to report in Inventory and the Policy still shows in self service, which is a little annoying for users.


Any reason you don't just set up a Restricted Software policy and select the option, "Delete Application"? I was under the impression that it did not discriminate based where the application was launched from.


Legendary Contributor II

Restricted Software should help like mentioned above.

In the event that you want to more proactively find and delete the application, you could consider using a script that uses mdfind (faster) or find (slower but sometimes more accurate) to locate the app and delete it.

Contributor II

Thanks for those. I'm not sure the restricted policy will work because the app never gets launched. I will test it to see how it may do what we need. Its the scripting of the find that I struggle with, but that's what testing is for. Thanks again.

Legendary Contributor II

while read result; do
    /bin/rm -R "$result"
done < <(/usr/bin/mdfind 'kMDItemKind == "Application" && kMDItemFSName == ""')

Something like that when using mdfind might work

Contributor II

Things like this make me wish I knew more scripting. Thanks much.

Esteemed Contributor II

Due to the recent zero day vulnerability, we had to remove any/all copies of Google Chrome that was not at the desired version or higher.

Would run this script in its own policy (target all computers) as a clean up script to remove copies not in /Applications/Google path.

A second policy enforces /Applications/Google path, where if you have it but it isn’t the right version (or higher), we replace it with the right version.

Replace "COMPANY" with your company name.


SEARCHDIR="/Library/Application Support/COMPANY/SearchResults"
DATESTRING=$(date +%Y%m%dT%H%M%S)

# Create folder if it doesn't exist

mkdir -p "$SEARCHDIR"

# This function finds all apps with CFBundleIdentifier "$BUNDLEID", but ignores
# `/Applications/Google` path. This method of searching ensures
# accurate result whether the app was moved or renamed.

function searchCommand() {
    mdfind kMDItemCFBundleIdentifier="$BUNDLEID" | grep -v "$GOODPATH" > "$SEARCHFILE"

# This function removes all copies *only* if not in correct path.

function removeCommand() {
    xargs -I{} rm -r {} < "$SEARCHFILE"