Help

Uninstall Cortex XDR

Alvaro1337
New Contributor III

Tuesday

Hey Jamf Nation,

I'm currently trying to uninstall Cortex XDR from company devices, but I'm encountering an error that says "Uninstaller not found." The uninstaller is located in the folder '/Library/Application Support/PaloAltoNetworks/Traps/bin/'.

Do you have any recommendations or suggestions? Here is my script for the uninstallation:

#!/bin/bash

# Set your master key here

MASTER_KEY="master-key-here"

 

# Path to the uninstaller app

UNINSTALLER_APP="/Library/Application\ Support/PaloAltoNetworks/Traps/bin"

 

# Check if the uninstaller exists

if [ ! -d "$UNINSTALLER_APP" ]; then

  echo "Uninstaller not found at $UNINSTALLER_APP"

  exit 1

fi

 

# Launch the uninstaller and enter the tamper protection key

osascript <<EOF

tell application "$UNINSTALLER_APP"

activate

end tell

 

delay 2

 

tell application "System Events"

tell process "Cortex XDR Uninstaller"

repeat until exists window 1

delay 1

end repeat

 

set frontmost to true

 

# Enter the tamper protection key

set value of text field 1 of window 1 to "$MASTER_KEY"

click button "Uninstall" of window 1

end tell

end tell

EOF

Alvaro Ortiz
0 Kudos
Reply
2 REPLIES 2

john_sherrod
Contributor II

Tuesday

One thing I noticed was that here:

# Path to the uninstaller app
UNINSTALLER_APP="/Library/Application\ Support/PaloAltoNetworks/Traps/bin"

It might need it to be this instead since you’ve got the path in quotes:

# Path to the uninstaller app
UNINSTALLER_APP="/Library/Application Support/PaloAltoNetworks/Traps/bin"
Reply

MemnochTheRed
New Contributor

Thursday

You could just composer your own uninstaller by packaging the binary to put it where it is supposed to be or some type of landing zone like /tmp. Then use your post install script to call the binary from the landing zone location. Make a check-in policy in Jamf and deploy.

0 Kudos
Reply