I'm wondering if this is an possible through group policy.
Is possible to define a list of allowed programs and have the rest automatically un-installed when a user logs off/on their computer?
There is an option to define policy "uninstall when software falls out of scope" but this only applies when software is originally installed through through a global policy, Something that a lot of unwanted software is not.
Windows Server 2003, Active Directory. Windows XP and Windows 7 Clients.
Best Answer
There is no built-in functionality in the product to do what you're looking for.
A realistic scenario would be to identify "unwanted" software and script uninstalls of the software via Group Policy Startup Scripts. You could identify the existence of the software via some "marker" that it leaves (the presence of its main .EXE, a registry entry in the "Uninstall" key in HKLM, etc) and perform an uninstall.
Uninstalling arbitrary programs is going to be problematic. Getting silent uninstalls to work is difficult enough, typically, let alone trying to execute random uninstall routines and hoping they'll "just work". I think that's a pipe-dream.
Assuming your users don't have "Administrator" rights (a best practice) you shouldn't be getting persistently-installed software onto the machine-specific areas of the computer. (Software like Google Chrome, which installs into the user profile, will always be a possibility.)
Software Restriction Policy / AppLocker may also be a viable option for you. You could "whitelist" known-wanted software and all other software would be prevented from executing. That's not an easy configuration to get right but I've seen the feature used with some success in environments where the users run a very constrained set of programs.