Uninstalling the agent using a script (MDM)

This task explains how to uninstall the SmartEdge Agent from Windows endpoints using a PowerShell script deployed through an MDM solution. The uninstall runs silently and does not require user interaction.

Before you begin
  • Script: Download Remove-SmartEdgeAgent.ps1 script from here.
  • Supported SmartEdge Agent all versions: 1.x, 2.x, and 3.x
  • Supported operating systems: Windows 10 and Windows 11 (x64)
  • Required privileges: Administrator or SYSTEM

The following procedures describe how to deploy Remove-SmartEdgeAgent.ps1 using supported MDM solutions. Select the method that matches your organization's deployment platform.

Microsoft Intune

  1. Upload Remove-SmartEdgeAgent.ps1 as a Windows PowerShell platform script.
  2. Configure the following script settings:
    Table 1.
    Setting Value
    Run this script using the logged-on credentials No
    Run script in 64-bit PowerShell host Yes
  3. Save the script and assign it to the required device group.

No additional wrapper or configuration is required. Once assigned, Intune deploys the script silently to all devices in the group. See the Exit codes section below to verify the result.

SCCM / Configuration Manager

  1. Create a Package and Program in SCCM.
  2. Configure the program by using the following command line:
    powershell.exe -NoProfile -ExecutionPolicy Bypass -File Remove-SmartEdgeAgent.ps1 -Force
  3. Set the program to run with the following settings:
    Table 2.
    Setting Value
    Run Hidden
    Run whether or not a user is logged on Enabled
  4. Configure the program to allow the following return codes:
    Table 3.
    Code Description
    0 Success
    3010 Soft reboot required

Once the program runs, SCCM reports the exit code against the device's record. See the Exit codes section below to verify the result.

Group Policy (Startup Script)

  1. Copy Remove-SmartEdgeAgent.ps1 to a network share that is accessible by computer accounts, for example: \\<domain>\NETLOGON\SEA_Removal\.
  2. Configure a Computer Startup Script (PowerShell) with the following settings:
    Table 4.
    Setting Value
    Script \\<domain>\NETLOGON\SEA_Removal\Remove-SmartEdgeAgent.ps1
    Parameters -Force -LogPath \\<domain>\NETLOGON\SEA_Removal\Logs
  3. Ensure the script runs in the computer context so that it executes the required privileges.

The script runs at the next device startup. See the Exit codes section below to verify the result.

Ivanti or other MDM solutions

  1. Create a silent deployment package using the following command line:
    powershell.exe -NoProfile -ExecutionPolicy Bypass -File ".\Remove-SmartEdgeAgent.ps1" -Force
  2. Ensure the script runs in the SYSTEM context or with elevated administrator privileges.

Once deployed, the MDM solution reports the exit code against the device's record. See the Exit codes section below to verify the result.

Manual (single endpoint)

  1. Open PowerShell as Administrator.
  2. Allow script execution for the current session: 
    Set-ExecutionPolicy Bypass -Scope Process -Force
  3. Run the uninstall script:
    .\Remove-SmartEdgeAgent.ps1 -Force -Verbose

The script runs immediately and logs the result to the default log location. See the Exit codes section below to verify the result.

Logging

Each script execution creates a timestamped log file in the following format:
SEA_Removal_<COMPUTERNAME>_<YYYYMMDD_HHMMSS>.log
Default log location:
C:\ProgramData\Forcepoint\SEA_Removal_Logs\
To write logs to a network location for centralized collection, use the -LogPath parameter:
powershell.exe -NoProfile -ExecutionPolicy Bypass -File Remove-SmartEdgeAgent.ps1 -Force -LogPath "\\fileserver\IT\SEA_Logs"
Each log entry follows this format:
[2026-04-15 02:11:21.076] [INFO] PHASE 2: Stop and Remove Services
[2026-04-15 02:11:21.173] [INFO] Stopping service: bgSmartEdge (Status: Running)
[2026-04-15 02:11:28.503] [INFO] sc.exe delete result: [SC] DeleteService SUCCESS

Every action is recorded with a timestamp and severity level: INFO, WARNING, or ERROR.

Exit codes

The script returns the following exit codes to indicate the result of execution.
Table 5.
Exit code Description Recommended action
0 The agent was removed successfully. No artifacts remain. Mark the deployment as successful.
3010 Removal is complete. A reboot is required to finish cleanup of locked files or driver objects. Schedule a reboot, then optionally re-run the script to verify.
12 Removal is incomplete. Some components could not be removed. Reboot the device and re-run the script.
740 Script did not run with administrator privileges. Update the deployment to run as SYSTEM or elevated administrator.