Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Article Number: 000125052

How to Run the Dell Data Security Uninstaller

Summary: Dell Data Security / Dell Data Protection products can be uninstalled using the Dell Data Security Uninstaller.

This article may have been automatically translated. If you have any feedback regarding its quality, please let us know using the form at the bottom of this page.

Article Content

Symptoms

Note:

The Dell Data Security Uninstaller provides a streamlined removal method for the listed Windows Dell Data Security (formerly Dell Data Protection) Affected Products.

Affected Products:

Dell Encryption Enterprise
Dell Encryption Personal
Dell Encryption External Media
Dell Data Guardian
Dell BitLocker Manager
Dell Full Disk Encryption
Dell Endpoint Security Suite Enterprise
Dell Threat Defense
Dell Data Protection | Enterprise Edition
Dell Data Protection | Personal Edition
Dell Data Protection | External Media Edition
Dell Data Protection | Secure Lifecycle
Dell Data Protection | Cloud Edition
Dell Data Protection | Endpoint Security Suite Pro
Dell Data Protection | Server Encryption
Dell Data Protection | Security Tools

Affected Versions:

v8.0.0 and Later

Affected Operating Systems:

Windows

Cause

Not applicable

Resolution

How to Run the Dell Data Security Uninstaller for Windows

Duration: 00:02:25 (hh:mm:ss)
Closed captions: None available

The Dell Data Security Uninstaller can be run through the user interface (UI) or through command-line interface (CLI) switches. A Dell Data Security administrator may also review the uninstall Logging. Click the appropriate tab for more information.

Note: Reference How to Download the Dell Data Security Uninstaller for more information about obtaining the uninstaller.

To run the Dell Data Security Uninstaller using UI:

  1. Double-click DataSecurityUninstaller.exe to launch the application.

DataSecurityUninstaller.exe

Note: DataSecurityUninstaller requires log4net.dll to reside in the same folder to run successfully.
  1. If user account control (UAC) is enabled, click Yes to elevate to administration permissions. Otherwise, go to Step 3.

User Account Control

  1. In the Dell Data Security Uninstaller User Interface (UI), click Next to proceed.

Dell Data Security Uninstaller welcome screen

  1. Optionally, clear the check boxes for any application from removal and then click Next.

Example uninstall list

Note:
  • Required dependencies are automatically selected or cleared.
  • The applications available on your endpoint may differ from the screenshot.
  1. If Dell Personal Encryption (formerly Dell Data Protection | Personal Edition) or Dell Enterprise Encryption (formerly Dell Data Protection | Enterprise Edition) policy-based encryption is present, go to Step 6. Otherwise, go to Step 7.
  2. In the Encryption Agent Options UI, select either:
Encryption Removal Agent - Download Keys from Server
  1. Select Encryption Removal Agent - Download Keys from Server and then click Next.

Encryption Removal Agent Options

  1. Populate the credentials of a Forensic Administrator for the listed Device Server. Once populated, click Next and go to Step 8.

User Encryption Key Information

Note:
  • The Device Server URL is pulled through registry queries to HKLM\SYSTEM\CurrentControlSet\Services\CMGShield REG_SZ: ServletURL.
  • The Machine ID is pulled through registry queries to HKLM\SYSTEM\CurrentControlSet\Services\CMGShield REG_SZ: MCID.
  • The Device Server and Forensic Administrator will differ in your environment from the screenshot above.
  • The Forensic Administrator must be populated in universal principal name (UPN) format. For example, Jane_Doe@Dell.com is using UPN format.

 

Encryption Removal Agent - Import Keys from a File
  1. Select Encryption Removal Agent - Import Keys from a File and then Click Next.

Encryption Removal Agent Options

  1. Browse to the location of the forensic Downloaded File and then enter the Passphrase for the file. Once populated, click Next and go to Step 8.

User Encryption Key Information

Do not install Encryption Removal Agent
  1. Select Do not Install Encryption Removal Agent, click Next, and then go to Step 8.

Encryption Removal Agent Options

Warning: Failure to install the Encryption Removal Agent prevents the endpoint from decrypting. Data that is protected by the SDE key remains usable. Data that is protected by the Common or User key is not accessible post uninstall until the Encryption Removal Agent is installed.
  1. If a self-encrypting drive is provisioned on an endpoint, it must be deactivated before removal. Click OK to close the Dell Data Security Uninstaller. If a self-encrypting drive is already deactivated or not used, go to Step 8.

Local PBA error

  1. Click Remove to uninstall the selected applications from Step 4.

Remove

  1. On completion, click Finish to reboot machine.

Configuration Completed

Note:
  • A reboot is required to clean up the removed applications from the boot cycle.
  • If any application fails to uninstall, click the Uninstall Logging tab.
  1. Click Yes to confirm you want to reboot the machine.

Reboot prompt

To run the Dell Data Security Uninstaller using CLI:

The Dell Data Security Uninstaller allows flexibility in command-line removal through the usage of parameters and values.

Note:
  • Parameters are case-sensitive.
  • DataSecurityUninstaller requires log4net.dll to reside in the same folder to run successfully.
  • The Device Server URL is pulled through registry queries to HKLM\SYSTEM\CurrentControlSet\Services\CMGShield REG_SZ: ServletURL.
  • The Machine ID is pulled through registry queries to HKLM\SYSTEM\CurrentControlSet\Services\CMGShield REG_SZ: MCID.
 
Parameters Values
CMG_Decrypt= 0 (Does not install the Encryption Removal Agent)
1 (Installs the Encryption Removal Agent using keys that are downloaded from the Dell Security Management Server)
2 (Installs the Encryption Removal Agent using keys that are from a forensic bundle for Enterprise Edition clients)
3 (Installs the Encryption Removal Agent using keys that are from a forensic bundle for Personal Edition clients)
FORENSIC_ADMIN= User name for the Forensic Administrator of the Dell Security Management Server. This option is required if CMG_Decrypt value 1 is chosen. Value must be contained within quotation marks (""). User name must be populated in universal principal name (UPN) format. For example, Jane_Doe@Dell.com is using UPN format.
FORENSIC_PWD= Password for the Forensic Administrator of the Dell Security Management Server. This option is required if CMG_Decrypt value 1 is chosen. Value must be contained within quotation marks ("").
DA_KM_Path= Location of forensic bundle if CMG_Decrypt value 2 (or 3) is chosen. Value must be contained within quotes.
DA_KM_PW= Password of forensic bundle if CMG_Decrypt value 2 (or 3) is chosen. Value must be contained within quotes.
/silent Runs the DataSecurityUninstaller without dialogs. CMG_Decrypt value 3 is set by default if no variables are defined. This parameter must be lowercase.
NOREBOOT Suppress reboot post uninstall. There are no switches or modifiers that are required to use the NOREBOOT flag.
LOGFILE_PATH= Optional parameter to set file path for uninstall logs. If this option is not chosen, the default locations that are listed under Uninstall Logging tab are used. Value must be contained within quotation marks ("").
LOGFILE_Name= Used to set the name of the uninstall log if LOGFILE_PATH is defined. Value must be contained within quotation marks ("").

CLI Uninstall Examples:

Example #1

The following example runs DataSecurityUninstaller with no UI and uses the forensic administrator (ExampleUser) to download the encryption key directly from the Dell Security Management Server. Post uninstall, the reboot requirement is suppressed.

Example Command-line Uninstall:

DataSecurityUninstaller.exe CMG_DECRYPT=1 FORENSIC_ADMIN="ExampleUser" FORENSIC_PWD="Passw0rd" NOREBOOT /silent

Example #2

The following example runs DataSecurityUninstaller with no UI and uses a predownloaded encryption key from the Dell Security Management Server that is downloaded through CMGAd (a utility within the Dell Administrative Utilities, available on support.dell.com at https://www.dell.com/support/home/us/en/04/product-support/product/dell-data-protection-encryption). Post uninstall, the reboot requirement is suppressed.

Example Command-line Uninstall:

DataSecurityUninstaller.exe CMG_DECRYPT=2 DA_KM_PATH="C:\Dell\KeyBundle\DeviceName.Domain.com" DA_KM_PW="Passw0rd" NOREBOOT /silent

The Dell Data Security uninstaller outputs uninstall logs by default to C:\ProgramData\Dell\Dell Data Protection). An uninstall log is generated for each application that is selected for removal.

  • DDP_AdvancedThreatProtection_Plugins_Uninstall_MSI.log - Contains information about uninstallation of the Dell plugins that are used to communicate from the Advanced Threat Protection agent to the Dell Client Security Framework.
  • DDP_AdvancedThreatProtection_Uninstall_MSI.log - Contains information about the uninstall of the Advanced Threat Protection agent.
  • DDP_Authentication_Uninstall_MSI.log - Contains information about uninstallation of the Advanced Authentication components.
  • DDP_ClientSecurityFramework_Uninstall_MSI.log - Contains information about the removal of the Dell Client Security Framework (Encryption Management Agent).
  • DDP_Data_Guardian_Uninstall_MSI.log - Contains information about the removal of Dell Data Guardian.
  • DDP_Encryption_Uninstall_MSI.log - Contains information about the removal of Dell's Policy-Based Encryption application.
  • DDP_ESSE_Uninstall.log - Contains information about the removal of the Suite installer if it was leveraged.
  • DDP_ESSE_Uninstall_MSI.log - Contains information about the removal of the Suite installer if it was leveraged.
  • DDPUninstall_Main.log - Contains all information about uninstalls that were attempted leveraging the DDS Uninstaller.
  • DDP_McAfee_Endpoint_Security_Firewall_Uninstall_MSI.log - Contains information about the uninstall of the Firewall component for Dell's Endpoint Security Suite Pro and Endpoint Security Suite Enterprise.
  • DDP_McAfee_Endpoint_Security_Security_Platform_Uninstall_MSI.log - Contains information about uninstallation of the base McAfee components for Dell's Endpoint Security Suite Pro and Endpoint Security Suite Enterprise.
  • DDP_McAfee_Endpoint_Security_Web_Control_Uninstall_MSI.log - Contains information about uninstallation of the Web Control component for Dell's Endpoint Security Suite Pro and Endpoint Security Suite Enterprise.
  • DDP_ThreatProtection_Uninstall_MSI.log - Contains information about uninstallation of the plugins between McAfee and Dell's Client Security Framework for Dell's Endpoint Security Suite Pro and Endpoint Security Suite Enterprise.

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

Additional Information

 

Videos

 

Article Properties

Affected Product

Dell Data Guardian, Dell Encryption, Dell Security Tools, Dell Endpoint Security Suite Enterprise

Last Published Date

19 Jan 2023

Version

17

Article Type

Solution

Back to Top