In today’s era of data security, the proper disposal of data on hard drives is crucial. For IT professionals and Managed Service Providers (MSPs), having reliable tools for these tasks is essential. In this blog post, we’re diving into the details of a versatile PowerShell script designed for secure and efficient disk wiping. We’ll also provide essential tips to ensure its successful execution and data removal.
The Power of PowerShell for Disk Management
PowerShell, Microsoft’s powerful scripting language, offers vast capabilities for managing and securing data. With its robust functionalities, such as the ability to format disks and wipe hard drives, PowerShell becomes an invaluable tool for anyone dealing with frequent data management tasks.
Unlocking the Potential of the PowerShell Script for Remote Wipe
The PowerShell script under discussion is crafted to execute a remote wipe on a device. It’s capable of running several methods, each providing varying levels of data deletion and system reset to suit different data security requirements.
But how do you ensure that this script runs correctly and all data is successfully wiped from the hard drive? Here are some tips:
- Check Compatibility: Ensure that the target system is compatible with the chosen method. For instance, the ‘WipeProtected’ and ‘WipePersistUserData’ methods are only supported on specific Windows 10 build versions or higher.
- Verify Computer Name: The ComputerName parameter needs to match the name of the computer the script is running on. If it doesn’t, the script will exit without making any changes. The ComputerNameBypass switch can be used to override this.
- Test Before Deployment: Always test the script in a controlled environment before deploying it in a production setting. This helps to identify and rectify any issues before they impact critical systems.
- Monitor Script Execution: Keep an eye on the script execution. Pay attention to any errors or exceptions thrown by the script. These messages can give valuable insights into any issues that may arise.
- Verify Data Wipe: After the script has run, verify that the data wipe was successful. This can be done by attempting to retrieve data from the drive. If retrieval is impossible, the data wipe can be considered successful.
- Document the Process: Keep a record of the entire process, from the initial script execution to the verification of the data wipe. This documentation can be a valuable resource for future reference or in case of audits.
The Script: Remote Wipe a Windows Device
#Requires -Version 5.1
<#
.SYNOPSIS
Remote Wipe a device.
.DESCRIPTION
Remote Wipe a device via InvokeMethod from a Cim Session. doWipe, doWipeProtected, doWipePersistUserData, and doWipePersistProvisionedData are supported.
See examples for how to use each.
.EXAMPLE
-Method Wipe -ComputerName "PC-001"
Runs the doWipe method. Equivalent to running "Reset this PC > Remove everything" from the Settings app, with Clean Data set to No and Delete Files set to Yes.
ComputerName needs to match the computer name of the computer the script is running on. If it doesn't then the script will exit, doing nothing.
.EXAMPLE
-Method Wipe -ComputerNameBypass
Runs the doWipe method. Equivalent to running "Reset this PC > Remove everything" from the Settings app, with Clean Data set to No and Delete Files set to Yes.
Will bypass the computer name check and run regards less.
.EXAMPLE
-Method WipeProtected -ComputerName "PC-001"
Runs the doWipeProtected method. Performs a remote reset on the device and also fully cleans the internal drive.
Windows 10 build version 1703 and above.
ComputerName needs to match the computer name of the computer the script is running on. If it doesn't then the script will exit, doing nothing.
.EXAMPLE
-Method WipePersistUserData
Runs the doWipeProtected method. Equivalent to selecting "Reset this PC > Keep my files" when manually starting a reset from the Settings app.
Windows 10 build version 1709 and above.
ComputerName needs to match the computer name of the computer the script is running on. If it doesn't then the script will exit, doing nothing.
.EXAMPLE
-Method WipePersistProvisionedData
Runs the doWipeProtected method. Provisioning packages in the %SystemDrive%ProgramDataMicrosoftProvisioning folder will be retained and then applied to the OS after the reset.
The information that was backed up will be restored and applied to the device when it resumes.
ComputerName needs to match the computer name of the computer the script is running on. If it doesn't then the script will exit, doing nothing.
.NOTES
Reference: https://docs.microsoft.com/en-us/windows/client-management/mdm/remotewipe-csp
Release Notes:
Initial Release
By using this script, you indicate your acceptance of the following legal terms as well as our Terms of Use at https://www.ninjaone.com/terms-of-use.
Ownership Rights: NinjaOne owns and will continue to own all right, title, and interest in and to the script (including the copyright). NinjaOne is giving you a limited license to use the script in accordance with these legal terms.
Use Limitation: You may only use the script for your legitimate personal or internal business purposes, and you may not share the script with another party.
Republication Prohibition: Under no circumstances are you permitted to re-publish the script in any script library or website belonging to or under the control of any other software provider.
Warranty Disclaimer: The script is provided “as is” and “as available”, without warranty of any kind. NinjaOne makes no promise or guarantee that the script will be free from defects or that it will meet your specific needs or expectations.
Assumption of Risk: Your use of the script is at your own risk. You acknowledge that there are certain inherent risks in using the script, and you understand and assume each of those risks.
Waiver and Release: You will not hold NinjaOne responsible for any adverse or unintended consequences resulting from your use of the script, and you waive any legal or equitable rights or remedies you may have against NinjaOne relating to your use of the script.
EULA: If you are a NinjaOne customer, your use of the script is subject to the End User License Agreement applicable to you (EULA).
#>
[CmdletBinding()]
param (
[Parameter(Mandatory = $true)]
[ValidateSet("Wipe", "WipeProtected", "WipePersistProvisionedData", "WipePersistUserData")]
[String]
$Method,
[Parameter()]
[String]
$ComputerName,
[Parameter()]
[switch]
$ComputerNameBypass
)
# ComputerNameBypass was used, continue on.
if ($PSBoundParameters.ContainsKey("ComputerNameBypass") -and $ComputerNameBypass) {
Write-Host "Bypassing Computer Name check."
}
else {
# If computer name matches, continue on.
if ($ComputerName -notlike $env:COMPUTERNAME) {
Write-Error "Computer Name does not match."
exit 1
}
}
# Check if the requested Method is supported or not
$BuildVersion = [System.Environment]::OSVersion.Version.Build
if ($BuildVersion -lt 1703 -and $Method -like "WipeProtected") {
Write-Host "WipeProtected is only supported on Windows 10 build version 1703 and above."
exit 1
}
if ($BuildVersion -lt 1709 -and $Method -like "WipePersistUserData") {
Write-Host "WipePersistUserData is only supported on Windows 10 build version 1709 and above."
exit 1
}
$session = New-CimSession
$params = New-Object Microsoft.Management.Infrastructure.CimMethodParametersCollection
$param = [Microsoft.Management.Infrastructure.CimMethodParameter]::Create("param", "", "String", "In")
$params.Add($param)
$CimSplat = @{
Namespace = "rootcimv2mdmdmmap"
ClassName = "MDM_RemoteWipe"
Filter = "ParentID='./Vendor/MSFT' and InstanceID='RemoteWipe'"
}
try {
$instance = Get-CimInstance @CimSplat
$session.InvokeMethod($CimSplat["Namespace"], $instance, "do$($Method)Method", $params)
}
catch {
Write-Error $_
exit 1
}
Access over 300+ scripts in the NinjaOne Dojo
PowerShell scripts, like the one discussed in this blog post, can be powerful tools for IT professionals and MSPs, providing efficiency and robust data security. With a clear understanding of the script and by following these tips, you can ensure successful execution and secure data wiping. In the realm of data management, having such dependable tools and knowledge is invaluable.
You may be asking, “What about wiping a Mac hard drive?” and we’ve got you covered. Check out our blog post on “How to Wipe a Mac Hard Drive with a Bash Script“.
How NinjaOne Can Help
For organizations looking to take their data security and IT management to the next level, integrating a solution like NinjaOne can make a significant difference. While PowerShell scripts are powerful for tasks like disk wiping, managing these scripts across a large number of devices can be cumbersome. NinjaOne streamlines this by offering centralized script deployment and automation capabilities. You can deploy your PowerShell scripts to wipe data remotely across multiple devices, all from a single dashboard.
Moreover, NinjaOne offers advanced reporting and analytics, so you can easily verify the success of your data wipe operations and maintain compliance records. In case the script runs into issues or exceptions, NinjaOne’s real-time monitoring will alert you, allowing for quick intervention. This minimizes risks and ensures that your data removal process is thorough and secure.
So, whether you’re an IT professional or a Managed Service Provider, integrating NinjaOne into your data management and security practices can offer an extra layer of efficiency and reliability. It’s not just about running a script; it’s about managing it effectively across your organization, and NinjaOne can help you do just that. Watch a demo to see why NinjaOne is voted the #1 Endpoint Management Software on G2 Crowd.
