(imported topic written by SystemAdmin)
Ok, I’ve searched the forum and found a few references to deleting profiles on windows 7 machines, but none of them seem to work as I really want them to.
What I need to do is target a specific string of profiles on a machine and delete them. All of our ‘student’ users on our domain start with a 2 digit number and then a first initial and last name. I need to get a way to have my relevance search for these users (example “14ptest”) and delete them. I also need it to clear the registry’s setting in the HKLM\Software\Microsoft\WindowsNT\CurrentVersion\ProfileList so that when that user tries to log back onto the system they dont get a profile error.
I also have to make sure that it does not modify any of the builtin accounts like Administrator, Public, etc., as well as leave the teacher/admin accounts that have a standard first initial last name username to them (example “Pat Smith would be psmith”); as our teacher/admin accounts save settings for their email, and any visual enhancements that they have made to their profile.
Here is the code that I have, which seems to delete most accounts on the computers…randomly leaving different folders on the computers. On each computer that I have run this on, different username folders are left behind (usually always they are just an empty folder and you can browse to the computer and delete them), but I dont want to have to touch each computer to delete those straggler names (considering I have 2600 computers).
The code I am testing was written by boyd on this page: http://forum.bigfix.com/viewtopic.php?id=7530
I modified it slightly:
not exists logged on users AND (exists elements of ((set of names of parent folders of (files
"ntuser.dat" of folders of it) whose (now - modification time of it > (
"0 days, 00:00:00.00" as time interval)) of folder
"C:\Users" - set of names of logged on users) - set of (
"All Users";
"Default";
"Default User";
"Public")) OR exists (elements of ((set of (names of keys of key
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" of
native registry) whose (it as uppercase starts with
"S-1-5-21") - set of (component strings of sids of security accounts (names of logged on users))) - set of (names of keys of key
"HKU" of
native registry))) OR exists elements of (set of (names of (keys of key
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileGUID" of
native registry) whose (not (set of (component strings of sids of security accounts (names of logged on users)) contains value
"SidString" of it as string) and not (set of names of keys of key
"HKU" of
native registry contains value
"SidString" of it as string)))))