3 Description of the installation and uninstallation process

The installer performs the following, which is reverted completely when you uninstall the utility:

  1. Sets the PowerShell environment variable SIUPath to the SIU Scripts subfolder and appends this to the PSModulePath environment variable.

  2. When run with local or domain administrative privileges, prompts whether the installer should configure the computer to support SIU remote mode.

    Warning: Installing SIU in remote mode may expose your system to potential vulnerabilities.

    Installing the SIU in remote mode performs the following additional steps:

    1. Changes the PowerShell execution policy for the local machine to RemoteSigned.

      This is the default execution policy for Windows server computers. Scripts must be signed by a trusted certificate.

      See docs.microsoft.com/en-us/powershell/module/microsoft.powershell.security/set-executionpolicy?view=powershell-7.1 for details.

    2. Creates registry keys and properties for credential delegation.

      Provides an exportable version of credentials to the remote host.

      Warning: This exposes users to the risk of credential theft from attackers on the remote host.

      See docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-credentialsdelegation for details

      Allows delegating fresh credentials with NTLM-only server authentication. See docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-admx-credssp#admx-credssp-allowfreshcredentialswhenntlmonly for details.

    3. Enables PowerShell remoting.

      Configures the server to receive remote PowerShell commands. The parameter enables a firewall rule for public networks that allows remote access only from computers in the same local subnet. See docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/enable-psremoting?view=powershell-7.1 for details.

    4. Enables Credential Security Support Provider (CredSSP) authentication as server to receive credentials from a remote client computer.

      Warning: This practice increases the security risk of the remote operation. If the remote computer is compromised, when credentials are passed to it, the credentials can be used to control the network session.

      See docs.microsoft.com/en-us/powershell/module/microsoft.wsman.management/enable-wsmancredssp?view=powershell-7.1 for details.

    5. Appends the domain to the trusted hosts file.

      Other computers within the same domain are treated as trusted hosts, which implies they can perform a remote log in session.

      See docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_remote_troubleshooting?view=powershell-7.1 for details.

    Installing the SIU in local mode does not carry out any of the above configuration.

Installation and uninstallation are fully logged in the SIU-Installation.log file.