Forum Discussion
Factory Reset Windows 10 without user intervention
You can use the MDM WMI Bridge Provider to do what you want. This way you do exactly the same as intune would do.
You have to execute the following PowerShell script as SYSTEM. Administrator ist not enough!
To accomplish this, you can either execute the script with task scheduler or use psexec.exe to run powershell as system (psexec -s powershell.exe -file c:\pathtoscript\script.ps1).
$namespaceName = "root\cimv2\mdm\dmmap"
$className = "MDM_RemoteWipe"
$methodName = "doWipeMethod"
$session = New-CimSession
$params = New-Object Microsoft.Management.Infrastructure.CimMethodParametersCollection
$param = [Microsoft.Management.Infrastructure.CimMethodParameter]::Create("param", "", "String", "In")
$params.Add($param)
$instance = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT' and InstanceID='RemoteWipe'"
$session.InvokeMethod($namespaceName, $instance, $methodName, $params)
$methodname can bei either "doWipeMethod" or "doWipeProtectedMethod". The later one will also wipe all data from the disks, especially if you want to refurbish the devices. The downside is that "doWipeProtectedMethod" can leave some clients (depending on configuration and hardware) in an unbootable state.
Additionally "doWipeMethod" can be canceled by the user (power cycle for example), "doWipeProtectedMethod" cannot be canceled. It automatically resumes after a reboot until done. The higher risk ist worth it most of the time. If you want to be sure that the devices will be in a usable state after the wipe, use "doWipeMethod" instead.
dretzer
Hi,
I'm trying to use the script you referred to above (and also seemed to have wrote) using the following Kaseya Agent Procedure: https://automationexchange.kaseya.com/products/963
It seems to go through Kaseya correctly, first image, but when I run the script through powershell directly, I receive the error in 2nd image.
Would you be able to help me with this? We are trying to wipe a bunch of computers as quickly as possible and this was the most promising option we saw.
Thanks for the help and the work!
- dretzerFeb 04, 2021Iron Contributor
Hi.
You are trying to run the script with not enough privileges. The needed WMI methods can only be invoked with SYSTEM privileges. Membership in "Administrators" is not enough.
To execute a PowerShell script manually with SYSTEM privileges, you can, for example, use psexec.exe from Microsoft Sysinternals:
PsExec - Windows Sysinternals | Microsoft Docs
Place the .exe file and the .ps1 file in the same directory and execute psexec.exe with administrative privileges the following way (replace the paths as necessary):
C:\Scripts\psexec.exe -accepteula -S powershell.exe -command C:\Scripts\wipe.ps1
Another way, which you can do remotely and without psexec (group policy for example), would be to create a scheduled task running as SYSTEM and executing the script. You can then execute the task on demand or with a time/date schedule.
- DJK463Feb 09, 2021Copper Contributor
dretzer I realized the computer I was running it on didn't have a recovery partition so even running the "systemreset -cleanpc" command wasn't working.
Kaseya allows you to run scripts as System - so even though I was running locally in picture - I was trying as System most of the time.
Thanks for the help either way.