Finally time to blog during these busy times, removing Personal Teams in Windows 11 by setting the ConfigureChatAutoInstall registry value to prevent from installing.
The challenge is that the permissions on that registry key, HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Communications is set to TrustedInstaller so it is hard to create the necessary value. There are solutions out there that uses Remediations to uninstall it or use SetACL.exe to set the permissions. That is why we wrote it in PowerShell natively instead, my co-worker Sassan made it look better than mine ?, it can be downloaded from here:
The script does the following:
- Takes ownership of then registry key
- Creates and sets the registry value
- Sets the ownership back to TrustedInstaller
- Uninstalls Personal Teams if it is already installed
I deploy this as a Win32App in Intune and add it as a blocking app in the Enrollment Status Page so the value is set the first time the user logs on. Works great! Now that Windows 11 23H2 will be delivered as an eKB (Enablement Package) and hopefully not put it back as Windows 11 21H2 – Windows 11 22H2 did. If that is the case, we can easily use success.cmd as I wrote about here to keep it away. https://ccmexec.com/2023/03/windows-servicing-personal-teams-and-success-cmd/
Deploy it as a Win32App
To be able to use it as a blocking app I wrap it and use the following:
Install Command: %WINDIR%\sysnative\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Bypass -File RemoveConsumerTeams.ps1
Uninstall Command: %WINDIR%\sysnative\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Bypass -File RemoveConsumerTeams.ps1
Detection Rule: Registry
Key Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Communications
Value Name: ConfigureChatAutoInstall
As shown in the picture below.
I hope this will be of value so we can remove personal Teams and move on!