Cannot uninstall the Endpoint Encryption client

book

Article ID: 223186

calendar_today

Updated On:

Products

Endpoint Encryption

Issue/Introduction

The Endpoint Encryption client can be uninstalled using various methods, one of which is running the msiexec utility from the command line with the /x switch. For example:

msiexec /x "SEE Client_x64.msi" /l*v see_uninstall.log

Note that prior to uninstalling, the drive must be decrypted.

However, you may find that using this method results in this prompt:

 

 

 

Environment

Symantec Endpoint Encryption release 11.3.0 and 11.3.0 MP1.

Resolution

In releases 11.3.0 and 11.3.0 MP1, Removable Media Encryption cannot be uninstalled except by a client administrator.

This is because in the Symantec Endpoint Encryption Manager policy page Removable Media Encryption - Access and Encryption, the option Do not allow users to uninstall the product is enabled by default.

Therefore, in releases 11.3.0 and 11.3.0 MP1, disable the option Do not allow users to uninstall the product before attempting to uninstall the Endpoint Encryption client. Disabling this policy option changes the Uninstall Policy key in the registry from a value of 1 to 0. If you wish to check the value of this key run the following command. For example, this shows that the key has a value of 0:

C:\>reg query "HKLM\SOFTWARE\Encryption Anywhere\Removable Storage\Client Database\CurrentPolicies" /v "Uninstall Policy"

HKEY_LOCAL_MACHINE\SOFTWARE\Encryption Anywhere\Removable Storage\Client Database\CurrentPolicies
    Uninstall Policy    REG_DWORD    0x0

Note that in release 11.3.1 and above, this policy option has been removed and, by default, Windows accounts with local administrator permissions can uninstall the Endpoint Encryption client.

Attachments