Prevent DNSFilter from being removed with a password to remove application | Voters

DNSFilter

Create

Roadmap

Feature Requests

236

Changelog

Prevent DNSFilter from being removed with a password to remove application

under review

Reginald

having install application ability to set password for removal as user will also have admin account too due to being a laptop for home work etc eg mac book also could you have it set for windows tooo

July 22, 2020

Mihir

You can use ARPSYSTEMCOMPONENT=1 switch when doing an install and it will hide it from the Control Panel (appwiz.cpl) and I think there is also another switch for hiding the DNS Filter tray icon as well.

Mikey Pruitt

marked this post as

under review

We are reviewing what is possible to implement an uninstall password. The only solutions we've seen that prevent device administrator accounts from uninstalling involve kernal hacking.

There is a solution already if you are using Active Directory and our Windows Roaming Client using group policies. We are creating documentation to assist with this setup now.

Joe Jones

@Mikey Pruitt: I would think there would be a way as every Anti-virus I have every managed has this ability. Of course there are always ways around it.

Mikey Pruitt

@Joe Jones: Yes, Anti-virus software is what we've been researching. Thanks for posting. We will continue to update you on what we learn.

Reginald

@Mikey Pruitt: i do not have AD on this network as i have a mix of operating systems

Mikey Pruitt

Merged in a post:

Uninstall Password

William

Ability to set uninstall password for roaming clients to avoid end user removal of the client.

May 5, 2020

January 8, 2021

Isaac

Dupe to merge: https://dnsfilter.canny.io/feature-requests/p/uninstall-password

Isaac

There's an option for command line install to not put it in the uninstall list. Not perfect but would prevent the average user from removing it. I also have a script that runs regularly from RMM to reinstall it if missing and notify me. Password would be nice though.

Yosef

+1 Android

Isaac

In case you're not aware, you can disable the tray icon from showing and/or have DNSFilter not show up in the installed program list using command line install arguments:
https://docs.dnsfilter.com/docs/windows-agent-deployment-guide
I have my RMM automatically check and reinstall it if it's missing, so even if they manage to remove it, it won't be gone long.

Nachman

@Isaac: the issue I have with this is. That my RMM cannot detect if it’s installed If it doesn’t show in the programs list ! Which RMM tool do you use ?

Isaac

@Nachman: Syncro, but my script is what does the checking, for the service. https://pastebin.com/ZfaVtTMj

Mikey Pruitt

@Isaac: Thanks for sharing your script with others. Would you mind if I save the file and share with more customers on one of our public repos?

https://github.com/DNSFilter/support

Isaac

@Mikey Pruitt: Sure, go ahead. It will need a little reworking for those not using Synco though. Here's one for uninstall too: https://pastebin.com/1d6gTrY3

Brian

This is a must-have feature. While non-admin level operating system accounts are ideal (which prevent the uninstallation of anything), those type of accounts are not always possible. Thus the important need for an uninstall password. At the very least, perhaps admins can be notified via email, whenever a DNS-Filter roaming agent is uninstalled. Thanks!!

Peter

I would love this

Reginald

second that i wanted to protect device and trying to keep kids not able to uninstall it by other means

→