Edit

ICertificateEnrollmentPolicyServerSetup::UnInstall method (casetup.h)

  • Article

The UnInstall method removes the Certificate Enrollment Policy (CEP) Web Service.

Syntax

HRESULT UnInstall(
  [in, optional] VARIANT *pAuthKeyBasedRenewal
);

Parameters

[in, optional] pAuthKeyBasedRenewal

A pointer to a VARIANT array that contains the authentication type and the optional KeyBasedRenewal values.

You can set the following values for authentication type in the first element of the array.

  • X509AuthKerberos
  • X509AuthUserName
  • X509AuthCertificate
The second (optional) element in the array value is VARIANT_TRUE for a KeyBasedRenewal CEP.

Return value

Return code Description
E_ACCESSDENIED
 The user must be a local administrator.

The ErrorString property value is set to "You have to be the local machine administrator in order to run this setup."
HRESULT_FROM_WIN32(ERROR_INVALID_STATE)
 The ICertificateEnrollmentPolicyServerSetup object has been initialized. An object is initialized when you successfully call InitializeInstallDefaults.

The ErrorString property value is set to "The object has been initialized. You cannot call UnInstall on an initialized object."

Remarks

You can call this method to remove the CEP service. However, because you cannot call the UnInstall method on an ICertificateEnrollmentPolicyServerSetup object that has already been initialized, you must create a new ICertificateEnrollmentPolicyServerSetup before calling UnInstall.

When the pAuthKeyBasedRenewal parameter is NULL, this function performs the following actions:

  • Initializes Windows Management Instrumentation (WMI).
  • Attempts to delete the %Windir%\Systemdata\Cep directory and all application subdirectories that may exist. For more information, see the Install Remarks section.
  • Attempts to delete the application pool and all applications in the pool.
  • Attempts to update the security descriptor of the Deleted Objects container in Active Directory to deny access by the computer. For more information, see the Install Remarks section.
When the pAuthKeyBasedRenewal parameter contains values for the authentication type and KeyBasedRenewal, this function performs the actions in the previous list but it only deletes the application that corresponds to the values set in pAuthKeyBasedRenewal and leaves other applications in place.

Requirements

Requirement Value
Minimum supported client Windows 7 [desktop apps only]
Minimum supported server Windows Server 2008 R2 [desktop apps only]
Target Platform Windows
Header casetup.h
DLL Certocm.dll

See also

ICertificateEnrollmentPolicyServerSetup

InitializeInstallDefaults

Install