NetLock RMMNetLock RMM Docs
III — How-To Guides

Uninstall an agent

Cleanly remove the NetLock RMM agent from a Windows, Linux, or macOS device using the installer's uninstall mode.

Uninstall an agent

This guide removes the NetLock RMM agent from a device and leaves it in a clean state — services deleted, processes stopped, install and data directories gone. It is the counterpart to Guide H.1. Uninstalling only affects the local device; the device record stays in the Console until you delete it there (see Verify it worked).

Before you start

  • You have administrator or root access on the target device. The uninstaller deletes services and protected directories, so it requires elevation on every supported OS.
  • You have the matching agent installer binary for the device's platform and architecture. Any build works for uninstalling — the embedded server configuration is ignored in this mode — but it must match the OS and architecture (for example a win-x64 build to uninstall on 64-bit Windows). If you no longer have the original .zip, rebuild one from the Agent Download wizard as described in Guide H.1.
  • The uninstaller is part of the Standard Installer (console). If you only kept the GUI Installer, download a Standard Installer build for the uninstall.

What gets removed

The uninstall mode performs a full cleanup, in order:

  1. Stops the servicesNetLock_RMM_Agent_Comm, NetLock_RMM_Agent_Remote, and NetLock_RMM_Agent_Health (plus the legacy 2.0.0.0 service names on Windows).
  2. Terminates the processes — the three agent services, the user process, the UAC helper, and the tray icon.
  3. Deletes the services — removes the Windows services, the Linux systemd units under /etc/systemd/system/, or the macOS LaunchDaemons under /Library/LaunchDaemons/, and unregisters the user-process and tray-icon Run entries on Windows.
  4. Deletes the directories and logs — the install tree under Program Files and the data tree under ProgramData, plus the agent service logs on Linux and macOS.

After it finishes, no NetLock RMM service, process, or directory remains on the device.

Steps

  1. Copy the agent installer .zip to the target device (or locate the one you already deployed with).
  2. Extract it and run the installer with the uninstall argument from an elevated shell.

Windows (PowerShell, elevated):

Expand-Archive .\NetLockAgent.zip -DestinationPath .\NetLockAgent
.\NetLockAgent\NetLock_RMM_Agent_Installer.exe uninstall

For an unattended removal via GPO, Intune, or a script, combine uninstall with the same flags the installer accepts:

.\NetLock_RMM_Agent_Installer.exe uninstall --hidden --no-log
  • --hidden / -h — hide the console window (Windows only).
  • --no-log / --nolog — delete installer logs after completion.
  • --temp <path> / -t <path> — use a custom temporary directory (useful on appliance distros that block execution from the default temp location).

Linux / macOS (Bash, with sudo):

unzip NetLockAgent.zip -d NetLockAgent
chmod +x NetLockAgent/NetLock_RMM_Agent_Installer
sudo ./NetLockAgent/NetLock_RMM_Agent_Installer uninstall
  1. Wait for the installer to print Uninstall complete. and exit with code 0.

Note: uninstall is one of the installer's positional modes, alongside clean "<path-to-server_config.json>" (fresh install with an external config) and fix "<path>" (repair while preserving the server config). See Guide H.1 for the install and repair modes.

Verify it worked

  • The installer reports Uninstall complete. and exits without an error code.
  • The agent services are gone — Get-Service NetLock_RMM_Agent_* returns nothing on Windows, systemctl status netlock-rmm-agent-comm reports "not found" on Linux, and launchctl list | grep netlock is empty on macOS.
  • The install and data directories no longer exist:
    • WindowsC:\Program Files\0x101 Cyber Security and C:\ProgramData\0x101 Cyber Security.
    • Linux/usr/0x101_Cyber_Security and /var/0x101 Cyber Security, and the logs under /var/log/netlock-rmm-agent-*.log.
    • macOS/usr/local/bin/0x101_Cyber_Security and /Library/Application Support/0x101 Cyber Security.
  • The device still shows in the Console — uninstalling does not delete the record. Remove it from Devices (or Unauthorized Devices) by hand once the agent stops reporting in. See Chapter 3 — Managing Devices.

Troubleshooting

  • "Failed to elevate" and the installer exits. The uninstaller needs administrative or root privileges to delete services and protected directories. Re-run from an elevated PowerShell prompt (Windows) or with sudo (Linux / macOS).
  • A service is "marked for deletion" or a directory is locked. A process still holds a handle. The uninstaller already waits for the service manager to release handles, but if it raced an open management console or a running agent process, reboot the device and run uninstall again — the second pass clears any leftovers.
  • The device keeps reappearing in the Console. That is the cached device record, not a live agent. Confirm the services are gone (above), then delete the record in Devices. If the device genuinely re-registers, an installer or deployment task is reinstalling it — check your GPO, Intune, or Ansible jobs.
  • Uninstaller fails on a Linux NAS or appliance distro. Some distributions — notably Synology and similar NAS systems — block execution from the default temporary directory. Re-run with --temp <path> / -t <path> pointing at a directory the system permits execution from, then retry.