Forum Discussion

Claire_4's avatar
Claire_4
Copper Contributor
Apr 27, 2020

Factory Reset Windows 10 without user intervention

I've looked for this answer online and have come across the "systemreset -factoryreset" command which works, but it comes up with the prompt asking if I want to keep my files or remove everything, I ...
dretzer's avatar
dretzer
Iron Contributor
Apr 30, 2020

You can use the MDM WMI Bridge Provider to do what you want. This way you do exactly the same as intune would do.

 

You have to execute the following PowerShell script as SYSTEM. Administrator ist not enough!

To accomplish this, you can either execute the script with task scheduler or use psexec.exe to run powershell as system (psexec -s powershell.exe -file c:\pathtoscript\script.ps1).

 

 

 

 

$namespaceName = "root\cimv2\mdm\dmmap"
$className = "MDM_RemoteWipe"
$methodName = "doWipeMethod"

$session = New-CimSession

$params = New-Object Microsoft.Management.Infrastructure.CimMethodParametersCollection
$param = [Microsoft.Management.Infrastructure.CimMethodParameter]::Create("param", "", "String", "In")
$params.Add($param)

$instance = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT' and InstanceID='RemoteWipe'"
$session.InvokeMethod($namespaceName, $instance, $methodName, $params)

 

 

 

 

$methodname can bei either "doWipeMethod" or "doWipeProtectedMethod". The later one will also wipe all data from the disks, especially if you want to refurbish the devices. The downside is that "doWipeProtectedMethod" can leave some clients (depending on configuration and hardware) in an unbootable state.

Additionally "doWipeMethod" can be canceled by the user (power cycle for example), "doWipeProtectedMethod" cannot be canceled. It automatically resumes after a reboot until done. The higher risk ist worth it most of the time. If you want to be sure that the devices will be in a usable state after the wipe, use "doWipeMethod" instead.

 

Claire_4 

JordanVegas's avatar
JordanVegas
Copper Contributor
Nov 17, 2020

dretzer 

Hey, I am also planning to use this script and I have a question.

will this script wipe all the disks connected or only C:/

if it indeed only wipes C:/ would you kindly modify it to wipe all the disks?

Best regards, Jordan.

  • dretzer's avatar
    dretzer
    Iron Contributor
    Nov 18, 2020

    The MDM wipe method above wipes all fixed disks, no modification necessary. I'm not sure about removable disks, but all fixed disks (C:, D:, ...) will be cleaned.

    If it is important to fully wipe the data from the disks (i.e. non-recoverable) you should make sure that all disks are bitlocker encrypted. Only with encryption you can be sure that no data is recoverable with this method.

    JordanVegas 

    • JordanVegas's avatar
      JordanVegas
      Copper Contributor
      Nov 19, 2020

      dretzer thank you very much for your response!!