I had an issue with unused/old App-V packages getting left in the App-V package store, the Help Desk would RDP onto a workstation, causing their Applications to download. This was causing issues with Reporting and overall cleanliness of the environment.
Using Configuration Manager and PowerShell I was able to create a Configuration Baseline for cleaning up the App-V client cache of unused packages from workstations.
The script/baseline follows the logic diagrammed below:
How to create and deploy the Configuration Baseline?
To create a Configuration Baseline which is deployed to a Collection, we first need to create a Configuration Item – to do this follow the guide below:
Open Configuration Manager
Navigate to the Assets and Compliance work-space
Click on Compliance Settings
Right click on Configuration Items and select Create Configuration Item
Select a name for your Configuration Item such as: App-V Clean-up and fill out the rest of the details and click Next
Select the Operating Systems that will support this Configuration Item, depending on your environment it may be cleaner to make sure that it only works on certain Windows Desktop operating systems – in my case I will be controlling everything through the deployment Collection and may extend to Windows Servers in a VDI environment in the future so I will be leaving the defaults and click Next
“Specify Settings for this Operating System” is where you set the grunt work for the Configuration Item. Select New..
Give the Item a name such as: Remove App-V Packages, for the Setting Type change it to Script and then change the Data type to: String.
For the Discovery Script – select Add Script..
Change the Script Language to Windows PowerShell and copy in the Discovery Script from below.
Once, completed click Ok
Now we need to do the same for Remediation Script which will be the script that will be doing the clean-up, click on Add Script… And change the Script Language to Windows PowerShell, then copy the Remediation Script from below into it.
Once, completed click Ok and then select the Compliance Rules tab
This is where we set the Configuration Item compliance rule so the item knows when something is marked as Non-Compliant and how Configuration Manager will deal with it. Click on New…
Because we specified String earlier, and the PowerShell discovery script is outputting Compliant, Non-Compliant we will be using the following logic:
If the value returned by the specified script: Equals, Compliant then run the remediation script if Compliant is not found. Fill in the details like the screen capture below and click Ok
Note: Just because these are set, does not mean when you deploy it – it will remediate, as part of the deployment you can set it to Monitor or Remediate (in other words, mark as Compliant or Non-Compliant without doing anything or actually remediate it), we are just setting the base up so the Configuration Item knows how to handle both.
Verify the information is correct and click Ok then Next and Next again to finish creating your Configuration Item.
Once the Configuration Baseline is completed navigate to Configuration Baselines
Right click Configuration Baseline and select Create Configuration Baseline
Give your Configuration Baseline a name, for example: Remove App-V Client Package
Under Configuration Data, select Add and click on Configuration Item and add the App-V package clean-up Configuration Item you created earlier and select Ok to create your Configuration Baseline.
Now that your Configuration Item and Configuration Baseline has been created, you can now Deploy it to a collection by right clicking the Configuration Baseline and select Deploy
This is where you can specify to just monitor or remediate. I recommend selecting a small group of computers first for Testing and monitoring to verify that Configuration Manager isn’t getting any errors back and it appears to be working. Once you are ready you can go back into the Deployments tab at the bottom of the Configuration Baseline and change the properties to Remediate NonCompliant Rules when Supported and click Ok
You have now successfully created a Configuration Item with a Discovery and Remediation script for cleaning up App-V packages, it may need to be tweaked for your environment and just change the number from 30 to something like 60 or 90 if that better matches your environment in both the Discovery and Remediation script.
If you get errors about PowerShell signing, you will have to create a Custom Client under Administration, Client Settings, Computer Agent setting which sets the PowerShell execution policy to Bypass for your computers
Note: This setting does not set the global scope for PowerShell to Unrestricted/Bypass it is only controlling the execution policy of PowerShell scripts delivered through Configuration Manager, whether it is a PowerShell package or Baseline.