Is it at all possible to remove/uninstall UFs by pushing some script(s) from the deployment server. I do not have OS access on these endpoints & servers. OS access option is not possible, hence need to think of some alternative ways to achieve this (if possible).
I can always disable the inputs on the UF but the requirement is to remove the UF installation itself, if not the installation then all configs like inputs.conf/outputs.conf/deploymentclient.conf and other apps (essentially everything in $SPLUNK_HOME/etc/system/local)
Splunk Deployment server version 8.1.x
UF version >7.1
OS - Windows endpoints and servers, Linux servers
That is one of the reasons I'm not a big fan of the deployment server. With it you can push anything to the forwarder. Including scripts and binaries, which you can call as scripted input. This "something" will be executed with the privileges of user running the splunk process. So in linux case it would most typically be the "splunk" user so you wouldn't be able to do much harm. But on windows the forwarder often runs as Local System user...
Since you don't have OS access to those UF servers, I'm assuming you didn't install them and most probably won't have access to un-install them. You can't uninstall them using Splunk. Work with Server owners to get the UF un-installed.
You can, however, disabled all inputs on that UF as long as you're managing those inputs via deployment server. On the deployment server, edit app.conf for each of the apps that are distributed to the UFs, adding the following
[install] state = disabled
Then reload the deployment server so it will distribute the updated/disabled app to all the forwarders.
A disabled app is completely ignored, so this effectively disables all the inputs.conf and outputs.conf that are configured in apps. The only risk may be any UFs that have set inputs or outputs in etc/system/local - hopefully there are none of those in your environment.