May 16, 2017
HomeSystem Center Configuration ManagerRemove Mixed Reality portal in Windows 10 1703 and ”stuborn” apps

Remove Mixed Reality portal in Windows 10 1703 and ”stuborn” apps

By  System Center Configuration Manager, Windows 10  13 Comments

In previous versions of Windows 10, before 1703 built-in apps that couldn’t be uninstalled could still be blocked with Applocker so that they never got installed and it has worked great! With Windows 10 1703 there are two apps that I have identified as not being able to uninstall, it is not a Windows Capability which we can block that way. The result I am seeing when blocking for instance and Connect and Mixed reality portal using Applocker is this.

NOTE: This should NOT be used with Windows 10 1709 as it will block installation of Cumulative Updates!!

To make it possible to install the Cumulative update we need to put back the files we removed, then the KB4051963.

Here is a script that be run before applying the update to copy back the files needed.

#Script to put back stuborn apps
#
$FolderExist = Test-Path C:\Windows\Systemapps\Microsoft.Windows.HolographicFirstRun_cw5n1h2txyewy
If ($FolderExist -eq $True) { takeown /f C:\Windows\SystemApps\Microsoft.Windows.HolographicFirstRun_cw5n1h2txyewy\*.*
icacls C:\windows\systemapps\Microsoft.Windows.HolographicFirstRun_cw5n1h2txyewy\*.* /grant ‘System:(F)’
Remove-Item -Path C:\Windows\SystemApps\Microsoft.Windows.HolographicFirstRun_cw5n1h2txyewy -Recurse }
$me = $MyInvocation.MyCommand.Name
Copy-Item -Path “$($PSScriptRoot)\*” -Destination “C:\Windows\SystemApps” -Recurse -Force -Exclude “$($me)” -ErrorAction Stop

Place the folders that we remove from another Windows 10 1709 machine. So it looks like this, then it can be deployed by using a package/program

*******************************************************************

Applocker block

Me and Johan Schewelius wrote a small .cmd file that simply deletes the app after the image has been applied on the disk during OS deployment and then the app is simply never installed.

This is highly unsupported so use it at your own risk!

DisarmStuborn apps1

And from the Task Sequence we call it after the Operating System has been applied.

DisarmStuborn apps

Then the app cannot be installed during setup.

Again this is unsupported use at your own risk!!

Tags:,

Related Posts

About Author

Jörgen Nilsson

13 Comments
  1. Akos

    Hi Jörgen

    Neither Remove-AppxPackage, remove-windowscapability nor AppLocker to disable or prevent to start these built in apps.
    Your way/solution would work… technically. But it could be a supported way from MSFT as well. Did you hear something at MMSMOA, Techorama conferences? 😉

    Cheers from SUI, Akos

    Reply
  2. Andreas

    Hi,

    In 1607 I was able to block the Connect-app from appearing on the startmenu using Applocker and denying the application. Sadly the Applocker-GUI is broken in 1703(crashes when you try to create the rules) but hopefully they’ll fix it sometime soon, still not fixed in the latest CU for 1703.

    So my theory is that Applocker in 1703 is not working as intended right now, do you know if it works even if the Applocker-GUI in 1703 is broken? I have a GPO with rules made in 1607 that is applied to my 1703-machines aswell.

    Reply
    • Jörgen Nilsson

      In 1703 Apps are installed in a different way to support the fact in 1709 that admin uninstalled builtin apps don’t come back when you do an inplace upgrade. So Applocker doesn’t work anymore.
      Regards,
      Jörgen

      Reply
  3. Andreas

    Well that sucks. Means there’s no easy way of blocking Apps anymore, other than using your method which probably works the best.

    Reply
  4. Renaud

    Thanks guys, I am not alone. It’s a nightmare to check on every build what is not working anymore :'(

    Reply
  5. Purchase Alpacas

    Definitely believe that which you said. Your favorite
    reason appeared to be on the net the easiest thing to be aware of.
    I say to you, I definitely get annoyed while people consider worries that
    they just do not know about. You managed to hit the
    nail upon the top and defined out the whole thing without having side
    effect , people could take a signal. Will probably be back to get more.
    Thanks

    Reply
  6. cody

    Can you run this in MDT? If so, where would the drop-in be? State Restore?

    Reply
  7. ptbNO

    Jörgen, first of all thanks for all the great work & content you and Johan publish. I was wondering if you comment on current situation on 1703 and best way to simply get a clean _business_ Operating System. I’ve been playing around with various scripts, most recent one I tried is from Nickolaj Andersen on scconfigmgr.com (http://www.scconfigmgr.com/2016/03/01/remove-built-in-apps-when-creating-a-windows-10-reference-image/). I’m still stuck with way too much. Some of the things I am stuck with can be removed with the approach in this post (thanks!) although a lot of the stuff is not located there.

    My Get-AppXpackage results are below.. Along with these I have Sway, Code Writer, Alarm and Clock, Connect, Get Help, Power BI, Network Test, Mixed Reality Portal – a fantastic app suggestion feature wondering if I want Karaoke(!) on a business OS. I am not able to remove the annoying welcome animations and from what I can tell the XML approach to set file extensions no longer work? Edge just snagged back .PDF on my Test-VM.

    Would be GREAT if someone can write a blog with updated info in one post on the various ways to get a normal looking business OS. It’s very time consuming to run through different approaches is various blogs/newsgroups (many are outdated) then try to google each annoying app you still are stuck with individually.

    Any ideas or tips would be much appreciated.

    Get-AppXPackage results:
    46928bounde.EclipseManager
    AdobeSystemsIncorporated.AdobePhotoshopExpress
    D5EA27B7.Duolingo-LearnLanguagesforFree
    Microsoft.BingNews
    Microsoft.BingWeather
    Microsoft.MSPaint
    Microsoft.StorePurchaseApp
    Microsoft.Windows.Photos
    Microsoft.WindowsAlarms
    Microsoft.WindowsCalculator
    Microsoft.WindowsStore

    Reply
  8. Amir Terani

    Even though this works as far as the removal goes, but it seems it would leave two non functioning icons at the bottom of the Start menu that I can’t figure out how to remove.
    https://www.dropbox.com/s/76aoi6fprixwgb6/StartMenu.JPG?dl=0
    Any help with removing this is much appreciated.
    Thank you,
    Amir

    Reply
  9. harvey263

    AppLocker is working for me on 1709. We skipped 1703 entirely and are doing in place upgrades from 1607 to 1709. “Mixed Reality Portal” never installs in an upgrade scenario. If I apply the gpo to a virgin 1709 install, I get the normal “app has been blocked by system administrator” message when I click on it.

    Reply
  10. John

    Hey Guys,

    I ran this in my task sequence worked a treat, but when the latest cumulative update KB4051963 tried to install it would not complete the install and rollback. Has anyone else seen this issue?

    Reply
    • Jörgen Nilsson

      Hi,
      Copying back the folder and files the script removed will make the Cumulative update install again, and the Mixed reality portal will be installed again. I am testing right now will write a post as soon as I can.
      Regards,
      Jörgen

      Reply
  11. Nate

    Hi Jorgen,
    Do you have any guidance for Windows 10 1709 for removing the Mixed Reality Portal. Removing would be optimal, hiding it from the Start Menu would be sufficient. Thanks in advance.

    Reply

Add a Comment

Your email address will not be published. Required fields are marked *