Quick tip: uninstall a driver

  • Context

Before upgrading to the next Windows 10 branch, we thought it would be handy to have a script to update the drivers set installed on the computer if required.

  • Issue

We packaged many drivers set but we encountered an issue while upgrading the Intel Chipset drivers.
The newest drivers wouldn’t install on top the previous version. I think it’s due the the fact that the date in the inf file is in 1968.

  • Solution

To fix it, we first installed the new Intel chipset drivers. They have been made available into the local drivers store.

To force Windows to use them, I had to uninstall these drivers like this. Yes, there’s no cmdlet to remove a driver from an online image.

Get-WindowsDriver -Online | 
Where {$_.Version -eq ''} | Foreach-Object {
 pnputil.exe /delete-driver $_.Driver  /force 

Disclaimer: Be careful, you cannot always do that. Some drivers are more (boot) critical to Windows than others.
If you force the uninstall of a driver that was critical, Windows may not boot anymore.

About the Exchange Online (EXO) module and multi-factor authentication (MFA)

It’s officially documented on this page (you should start there)

The only thing missing on this page is what happens if you’re behind a proxy.

After the first use, you have an .appref-ms file sitting on your desktop that points to the URL below.

To get it right the first time, immediately, here are the basic steps

# Launch a new shell
saps https://cmdletpswmodule.blob.core.windows.net/exopsmodule/Microsoft.Online.CSE.PSModule.Client.application

# type the following in this new shell
$o = New-PSSessionOption -ProxyAccessType IEConfig
Connect-EXOPSSession -UserPrincipalName `
"my.account@tenantname.onmicrosoft.com" -PSSessionOption $o

The first visit to the URL above will download Microsoft.Online.CSE.PSModule.Client.exe somewhere under ~/AppData\Local\Apps\2.0\
If you don’t have an application whitelisting solution blocking it, you’ll see

Once executed, it will download whatever dependencies are required (System.Management.Automation.dll, Microsoft.IdentityModel.Clients.ActiveDirectory.dll, Microsoft.Exchange.Management.ExoPowershellModule.dll, Microsoft.IdentityModel.Clients.ActiveDirectory.WindowsForms.dll,…) and run the downloaded CreateExoPSSession.ps1 script that will display this new shell

# it runs this actually to start a new shell
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NoExit -ExecutionPolicy RemoteSigned -File ~\AppData\Local\Apps\2.0\YO2PKAE1.DKY\GAOJE34E.RXK\micr..tion_1975b8453054a2b5_0010.0000_22e56f9efbc200c6\CreateExoPSSession.ps1

Then you can capture the proxy settings defined in your profile and use them when you need to connect to the remote endpoint that allows you to manage the remote Exchange online infrastructure.

The Connect-EXOPSSession function should be used with a UserPrincipalName parameter and not credentials. The UserPrincipalName allows you to get the MFA form while the credentials assume that you don’t have MFA enabled. If you use credentials instead of the UserPrincipalName, you get an error saying that you’ve MFA enabled and you didn’t go through the MFA validation process:
New-ExoPSSession : AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access ‘00000002-0000-0ff1-ce00-000000000000’.

Enjoy EXO with MFA 😎