search cancel

How to uninstall Symantec Endpoint Encryption (SEE) if it was deployed through a Group Policy Object (GPO)


Article ID: 151420


Updated On:


Endpoint Encryption


How can SEE be uninstalled if deployed through a GPO?


There are a couple of ways this can be accomplished:

Manual uninstall:
  1. The installation policy must be removed from the computer. This will prevent an automatic reinstallation of the policy.
  2. If there is a policy in place that forces the drive to stay encrypted, this will need to be removed.
  3. A Client Admin can login and decrypt the drive.
  4. Once the drive is decrypted, the software can be removed through Add/Remove Programs.

GPO uninstall:
  1. Create an Organization Unit (OU) which will contain the computers that need to have SEE removed.
  2. Within that OU, create a policy to decrypt the machine.
  3. Create a policy to remove the software that will run once it's decrypted. If the computer is given enough time, it will decrypt and remove the software on its own.
  4. If instructions are needed for removing a package via GPO, please see the "Remove a Package" heading in the following Microsoft knowledge base article: