Deleting Old User Profiles

(imported topic written by ltd200991)

looking to run a script on user’s machines to delete any profiles older than XX amount of days and exclude the Administrator folder so that it does not get deleted… Anyone had any success with this? Can’t find much in the forum.

thanks!

(imported comment written by MattBoyd)

Here’s something we were using for Windows 7 (won’t work in XP)… we stopped because it was occasionally deleting user’s profile as they were logging on. If you run it only at startup, I think it would be fine. Please use at your own risk.

delete cleanupProfileList.bat delete cleanupProfileGuid.bat delete cleanupProfileFolders.bat delete cleanupProfileHive.bat   dos echo %date:~4% %time:~0,8%      ==========START=========== >> C:\Windows\ProfileCleanup.log 2>&1   
//Remove registry keys under ProfileList that are associated with users that are not logged on AND whose registry hive(s) have been unloaded  

if 
{exists (elements of ((set of (names of keys of key 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" of 

native registry) whose (it as uppercase starts with 
"S-1-5-21") - set of (component strings of sids of security accounts (names of logged on users))) - set of (names of keys of key 
"HKU" of 

native registry)))
} createfile until ENDOFFILE @echo OFF echo %date:~4% %time:~0,8%       START: Cleanup ProfileList registry keys 
{concatenation 
"%0a" of (concatenation of 
"echo %25date:~4%25 %25time:~0,8%25            Deleting key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\" & it & " && reg delete %22HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\
" & it & "%22 /f
") of (elements of ((set of (names of keys of key "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
" of native registry) whose (it as uppercase starts with "S-1-5-21
") - set of (component strings of sids of security accounts (names of logged on users))) - set of (names of keys of key "HKU
" of native registry)))} echo %date:~4% %time:~0,8%     END: Cleanup ProfileList registry keys ENDOFFILE   copy __createfile cleanupProfileList.bat waithidden cleanupProfileList.bat >> C:\Windows\ProfileCleanup.log 2>&1   endif   
//Remove registry keys under ProfileGuid that are associated with users that are not logged on AND whose registry hive(s) have been unloaded  

if 
{exists elements of (set of (names of (keys of key 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileGUID" of 

native registry) whose (not (set of (component strings of sids of security accounts (names of logged on users)) contains value 
"SidString" of it as string) and not (set of names of keys of key 
"HKU" of 

native registry contains value 
"SidString" of it as string))))
} createfile until ENDOFFILE @echo OFF echo %date:~4% %time:~0,8%        START: Cleanup ProfileGuid registry keys 
{concatenation 
"%0a" of (concatenation of 
"echo %25date:~4%25 %25time:~0,8%25            Deleting key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileGuid\" & it & " && reg delete %22HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileGuid\
" & it & "%22 /f
") of elements of (set of (names of (keys of key "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileGUID
" of native registry) whose (not (set of (component strings of sids of security accounts (names of logged on users)) contains value "SidString
" of it as string) and not (set of names of keys of key "HKU
" of native registry contains value "SidString
" of it as string))))} echo %date:~4% %time:~0,8%   END: Cleanup ProfileGuid registry keys ENDOFFILE   copy __createfile cleanupProfileGuid.bat waithidden cleanupProfileGuid.bat >> C:\Windows\ProfileCleanup.log 2>&1   endif   
//Delete the user profile folders for any users that are not logged on and whose profile hasn't been modified in the last 24 hours. 

if 
{exists elements of ((set of names of folders of folder 
"C:\Users" - set of names of logged on users) - set of (
"All Users"; 
"Default"; 
"Default User"; 
"Public"))
} createfile until ENDOFFILE @echo OFF echo %date:~4% %time:~0,8%    START: Cleanup profile folders 
{concatenation 
"%0a" of (concatenation of 
"echo %25date:~4%25 %25time:~0,8%25             Deleting folder C:\users\" & it & " && rmdir /s /q c:\users\
" & it) of elements of ((set of names of folders of folder "C:\Users
" - set of names of logged on users) - set of ("All Users
"; "Default
"; "Default User
"; "Public
"))} echo %date:~4% %time:~0,8%      END: Cleanup profile folders ENDOFFILE   copy __createfile cleanupProfileFolders.bat waithidden cleanupProfileFolders.bat >> C:\Windows\ProfileCleanup.log 2>&1   endif   dos echo %date:~4% %time:~0,8%    ==========END=========== >> C:\Windows\ProfileCleanup.log 2>&1

Relevance:

not exists logged on users AND (exists elements of ((set of names of parent folders of (files 
"ntuser.dat" of folders of it) whose (now - modification time of it > (
"1 days, 00:00:00.00" as time interval)) of folder 
"C:\Users" - set of names of logged on users) - set of (
"All Users"; 
"Default"; 
"Default User"; 
"Public")) OR exists (elements of ((set of (names of keys of key 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" of 

native registry) whose (it as uppercase starts with 
"S-1-5-21") - set of (component strings of sids of security accounts (names of logged on users))) - set of (names of keys of key 
"HKU" of 

native registry))) OR exists elements of (set of (names of (keys of key 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileGUID" of 

native registry) whose (not (set of (component strings of sids of security accounts (names of logged on users)) contains value 
"SidString" of it as string) and not (set of names of keys of key 
"HKU" of 

native registry contains value 
"SidString" of it as string)))))

(imported comment written by ltd200991)

thanks! We are in process of moving some users from XP to new Windows 7 systems so I don’t need to worry about total profile remover, just physically removing the user profile directories under documents and settings…

(imported comment written by ltd200991)

Im trying to get the following to work, delete any folders in C:\Documents and Settings that are older than 80days… Not working… Any ideas?

waithidden cmd.exe /c rd /S /Q {concatenations " " of (pathnames of folders whose(name of it as lowercase does not starts with “administrator” AND (now - (modification time of it)) > (80*day)) of folder “c:\Documents and Settings”)}

(imported comment written by ltd200991)

can ignore this, built a fixlet that uses Microsoft’s utility delprof.exe

waithidden cmd.exe /c mkdir c:\USMT

waithidden cmd.exe /c copy \networklocation\delprof.exe c:\USMT /y

waithidden cmd.exe /c copy \networklocation\delprof.mht c:\USMT /y

waithidden cmd.exe /c c:\USMT\delprof.exe /q /i /d:90

^^ will delete any profile folders older than 90 days.

(imported comment written by miteshvasa91)

Regarding your script,

waithidden cmd.exe /c mkdir c:\USMT
waithidden cmd.exe /c copy \networklocation\delprof.exe c:\USMT /y
waithidden cmd.exe /c copy \networklocation\delprof.mht c:\USMT /y
waithidden cmd.exe /c c:\USMT\delprof.exe /q /i /d:90

This will delete all older than 90 days user profiles, but how do you ensure it doesn’t delete profiles such as “administrator” or “db2admin” etc. ?

(imported comment written by ltd200991)

I’m thinking theres probably a way to script it to leave specific profiles out of the deletion, or you could probably do something like copy a txt file to the profile to make it’s last modified date current.