Add Ability to Remediate Existential Registry Setting Compliance Items
Currently you cannot auto-remediate a registry compliance item with an existential rule. I should be able to select an option to auto-remediate to have a setting removed much like you can to set a value.
Microsoft, please add this feature so we can delete unwanted registry keys
Would be a great feature to have. Sad to see this has been listed for over a year.
Related, allow remediation if and only if a key/value exists. I'm using a CI to configure Office Channel because we see clients where the GPO doesn't seem to work. In this use case I just want to make sure the value is set to a particular string if it exists. I don't want it creating that value where Office 365 isn't installed nor do I want it to install Office 365 where it's not installed.
Francois Lacombe commented
It blows my mind that you can easily use built in functionality to auto remediate registry keys to add/modify them, however if you want to remove the added keys, you must use a script instead of simply using remediate with the "must not exist" option.
Please Microsoft, when adding features to do something, also include a way to remove something.
Stephen Owen commented
If you can create an item with Compliance Items, you should be able to delete it to. This is basic CRUD stuff so let's make it happen
Jim Hartig commented
Compliance Item's should be able to auto-remediate other objects as well (AD, Assembly, File System, IIS) for existential rule settings that must not exist on the client.