Obviously the script will need to be run under an account that has the rights to remotely delete profiles. The deletion is achieved by calling the Delete() method of the win32_userprofile WMI object previously returned for that profile. Thanks to the great PowerShell Out-GridView cmdlet, it was straightforward to take the list of user profiles which were selected when the “OK” button was clicked in the grid view and then delete those profiles, albeit with PowerShell prompting for confirmation before deletions. The script requires the Active Directory PowerShell module to be present wher the script is run from since it will query AD and retrieve various AD properties for the domain users associated with profiles to make it easy to spot users who may have left because their AD account is disabled or their last AD logon was a long time ago. I’ve pulled out what I think are the most useful fields but if you were to use it, say, for persistent XenApp servers using roaming profiles then you might want to pull more of the fields out. This actually turned out to be easier than I anticipated, for once, in that I didn’t have to go anywhere near the ProfileList registry key directly since there is a WMI class Win32_UserProfile which contains the required information, albeit with the profile owner as a SID rather than username but in PowerShell it’s easy to get the username for a SID. copied to the clipboard from the properties of an OU in the AD Users and Computers MMC snap in) or an AD group. Having checked this manually for rather too long, I decided to write a script to give visibility of local profiles across a range of machines pulled from Active Directory where the machines to interrogate can be selected by a regular expression matching their name, an organisational unit (e.g. It can of course also be used on persistent XenApp/RDS servers to check for and delete stale or oversize profiles there. However, over time as people leave, we can get disk space issues caused by these stale profiles and even when people haven’t left, their profiles can become large without them realising which can potentially impact the performance of these servers since a machine with a full file system generally doesn’t function well. ![]() I’m not saying that this is an issue – it isn’t generally – as most people take the out of the box default which is local profiles. We EUC consultants can spend a considerable amount of time deciding on and building the most suitable user profile mechanism for our Citrix, VMware and RDS deployments but very little, if any, time is spent doing the same for infrastructure servers.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |