Scripted removal of Microsoft Office 2016 login keychain item

mapurcel
Contributor III

Looking for a little help for a scripted removal of the Office 2016 login keychain item (credentials). The 'kind' begins with "MicrosoftOffice15_2_Data:ADAL:.....ends in long alphanumeric string".

When doing a clean uninstall of the Office suite it would be nice to be able to automate the removal of this item as well.

thanks in advance for any help!

1 ACCEPTED SOLUTION

davidacland
Honored Contributor II
Honored Contributor II

So after a bit of playing around, the security command seems ok with security delete-internet-password -s msoCredentialSchemeADAL.

View solution in original post

6 REPLIES 6

davidacland
Honored Contributor II
Honored Contributor II

Your going to want security delete-internet-password -a long alphanumeric string.

Is the long alphanumeric string the same across all Macs? If it is it will be pretty easy.

mapurcel
Contributor III

@davidacland , thanks. looks like the string will be different across Macs but the first part should be the same: MicrosoftOffice15_2_Data:ADAL

davidacland
Honored Contributor II
Honored Contributor II

So after a bit of playing around, the security command seems ok with security delete-internet-password -s msoCredentialSchemeADAL.

bentoms
Release Candidate Programs Tester

Doesn't deleting the licensing .plist also prompt the user for the licensing information when re-installed?

Presumably this is the O365 activated suite, if so... then is the users password set to expire after x days?

I'm all for completeness, but wonder if these additional steps are needed.

mapurcel
Contributor III

@davidacland thanks for the help on this!

@bentoms Yes, this is an O365 activated Office suite. So far in my testing deleting the licensing .plist (~/Library/Group Containers/UBF8T346G9.Office/com.microsoft.Office365.plist) as part of the uninstall does not cause the user to be prompted again once Office is reinstalled, as long as the keychain item remains. Good thought on the password expiry, on our dev tenant our passwords are not set to expire but I'll have to keep an eye on that once we get our production environment running.

We're testing with a couple of different O365 tenants so its great to have a clean reinstall.

bentoms
Release Candidate Programs Tester

@mapurcel good info. Thanks for coming back with it.