Add Ability to Remediate Existential Registry Setting Compliance Items
Currently you cannot auto-remediate a registry compliance item with an existential rule. I should be able to select an option to auto-remediate to have a setting removed much like you can to set a value.
Mark Godfrey
shared this idea
4 comments
-
bdam
commented
Related, allow remediation if and only if a key/value exists. I'm using a CI to configure Office Channel because we see clients where the GPO doesn't seem to work. In this use case I just want to make sure the value is set to a particular string if it exists. I don't want it creating that value where Office 365 isn't installed nor do I want it to install Office 365 where it's not installed.
-
Francois Lacombe
commented
It blows my mind that you can easily use built in functionality to auto remediate registry keys to add/modify them, however if you want to remove the added keys, you must use a script instead of simply using remediate with the "must not exist" option.
Please Microsoft, when adding features to do something, also include a way to remove something.
-
Stephen Owen
commented
If you can create an item with Compliance Items, you should be able to delete it to. This is basic CRUD stuff so let's make it happen
-
Jim Hartig
commented
Compliance Item's should be able to auto-remediate other objects as well (AD, Assembly, File System, IIS) for existential rule settings that must not exist on the client.