How to Deploy a PowerShell Script via Intune to Remove AnyDesk from Devices

In light of recent security concerns, it’s become increasingly important for IT administrators to be able to quickly respond and mitigate potential threats. One such measure could involve the removal of potentially compromised software, like AnyDesk, from all managed devices. This blog post will guide you through deploying a PowerShell script via Microsoft Intune to uninstall AnyDesk from devices in your organization.

GitHub Link to Script: Here

Prerequisites

Before proceeding, ensure you have:

• Administrative access to the Microsoft Endpoint Manager admin center.
• A basic understanding of PowerShell scripting.
• Tested the provided PowerShell script in a controlled environment.

Deploy AnyDesk Removal Script via Intune

Access the Microsoft Endpoint Manager Admin Center

• Navigate to the Microsoft Endpoint Manager admin center.
• Sign in with your administrator credentials.

Add the PowerShell Script to Intune

1. In the admin center, select Devices > Scripts and remediation > Platform scripts > Add > Windows 10 and later.

1. Click on Add script and provide the necessary details:
   • Name: Enter a descriptive name, such as “Uninstall AnyDesk”.
   • Description: Optionally, provide a description for the script’s purpose.

1. Click Next to proceed.

Upload the Script

• Under the Script settings, click Browse to select and upload your Intune-AnyDeskPurge.ps1 script file.
• Ensure Run this script using the logged-on credentials is set to No to run the script with administrative privileges.
• Click Next.

Assignments

• Under the Assignments tab, click Add group and select the group(s) of devices you want to target with this script. This could be all devices or a specific subset where AnyDesk removal is necessary.
• Click Next.

Review and Add

• Review your settings to ensure everything is configured correctly.
• Click Add to deploy the script.

Monitor Script Deployment

After the script is deployed, you can monitor its execution and status:

• Navigate to Devices > Scripts and remediations > Platform Scripts > Select the deployed script.

On the overview page you , see the device status where the script has successfully been deployed on.

On the left hand side, you ca select Device or User Status under Monitor, to view on which machines the script successfully executed.

Additional Tips

• Testing: Always test scripts on a small set of devices before broader deployment.
• Notification: Inform users about the upcoming changes, especially if they regularly use AnyDesk for legitimate purposes.
• Follow-Up: Consider setting up additional monitoring or follow-up tasks to ensure that AnyDesk remains uninstalled, or provide alternatives if needed.

By following these steps, you can effectively remove AnyDesk from devices across your organization, enhancing your security posture and responding promptly to potential vulnerabilities. Always stay updated with the latest security best practices and adapt your strategies accordingly.

#ThatLazyAdmin

Created By: Shaun Hardneck

Sharing is caring!