From 9c10c00ff2948f0644fd2b5125545e48d0612259 Mon Sep 17 00:00:00 2001
From: poslop <brunnertcb@gmail.com>
Date: Thu, 13 Feb 2025 12:09:20 -0600
Subject: [PATCH] New script

---
 scripts/DeleteOldProfiles.ps1 | 127 +++++++++++++++++++++++++---------
 1 file changed, 94 insertions(+), 33 deletions(-)

diff --git a/scripts/DeleteOldProfiles.ps1 b/scripts/DeleteOldProfiles.ps1
index f692690..d77bc10 100644
--- a/scripts/DeleteOldProfiles.ps1
+++ b/scripts/DeleteOldProfiles.ps1
@@ -1,43 +1,104 @@
-# Define the path to the user profiles directory
-$profilesPath = "C:\\Users"
+#Requires -RunAsAdministrator
+[cmdletbinding(ConfirmImpact = 'High', SupportsShouldProcess=$True)]
 
-# Get all user directories (excluding hidden and system directories)
-$userDirs = Get-ChildItem -Path $profilesPath -Exclude "Default*", "*Public" | Where-Object { $_.Attributes -notmatch 'Hidden|System' }
+$UserName = "*"
+$ExcludedUserNames = @("Administrator", "Default Profile")
+$InactiveDays = 14
+$ComputerName = $env:computername
 
-# Define the exclusion list
-$exclusionList = @(
-    "Administrator",
-    "Default User"
-)
 
-# Determine the cutoff date (14 days ago from today)
-$cutoffDate = (Get-Date).AddDays(-14)
 
-foreach ($userDir in $userDirs) {
-    # Get the user profile name
-    $username = $userDir.Name
+ForEach ($computer in $ComputerName)
+{
+  $profilesFound = 0
+  Try {
+    $profiles = Get-CimInstance -Class Win32_UserProfile
+  } Catch {            
+    Write-Warning "Failed to retreive user profiles on $ComputerName"
+    Exit
+  }
 
-    # Check if the username is in the exclusion list
-    if ($exclusionList -contains $username) {
-        Write-Host "Excluding profile: $username" -ForegroundColor Yellow
-        continue
-    }
+  
+  ForEach ($profile in $profiles) {
+    $sid = New-Object System.Security.Principal.SecurityIdentifier($profile.SID)               
+    $account = $sid.Translate([System.Security.Principal.NTAccount])
+    $accountDomain = $account.value.split("\")[0]           
+    $accountName = $account.value.split("\")[1]
+    $profilePath = $profile.LocalPath
+    $loaded = $profile.Loaded
+    $lastUseTime = $profile.LastUseTime
+    $isExcluded = $False
+    $special = $profile.Special
 
-    # Check for ntuser.dat file to confirm it's a user profile
-    $ntUserFile = Join-Path -Path $userDir.FullName -ChildPath "ntuser.dat"
-    if (Test-Path $ntUserFile) {
-        # Get the last write time of the ntuser.dat file
-        $lastWriteTime = (Get-Item $ntUserFile).LastWriteTime
 
-        # Determine if the profile should be deleted based on the cutoff date
-        if ($lastWriteTime -lt $cutoffDate) {
-            Write-Host "Deleting profile: $username" -ForegroundColor Red
-            # Delete the user profile directory
-            Remove-Item -Path $userDir.FullName -Force -Recurse
-        } else {
-            Write-Host "Profile still active: $username" -ForegroundColor Green
+    If ($special) {continue}
+
+    #Calculation of the login date
+    $lastLoginDate = $null
+    If ($accountDomain.ToUpper() -eq $computer.ToUpper()) {$lastLoginDate = [datetime]([ADSI]"WinNT://$computer/$accountName").LastLogin[0]}
+
+    #Calculation of the unused days of the profile
+    $profileUnusedDays=0
+    If (-Not $loaded){
+      If($lastLoginDate -eq $null){ $profileUnusedDays = (New-TimeSpan -Start $lastUseTime -End (Get-Date)).Days }
+      Else{$profileUnusedDays = (New-TimeSpan -Start $lastLoginDate -End (Get-Date)).Days} 
+    }   
+              
+    If($accountName.ToLower() -Eq $UserName.ToLower() -Or 
+      ($UserName.Contains("*") -And $accountName.ToLower() -Like $UserName.ToLower())) {
+      
+        ForEach ($eun in $ExcludedUserNames) {
+          If($eun -ne [string]::Empty -And -Not $eun.Contains("*") -And ($accountName.ToLower() -eq $eun.ToLower())){
+              $isExcluded = $True
+              break
+              }
+          If($eun -ne [string]::Empty -And $eun.Contains("*") -And ($accountName.ToLower() -Like $eun.ToLower())){
+              $isExcluded = $True
+              break
+            }
         }
-    } else {
-        Write-Host "Skipping profile without ntuser.dat: $username" -ForegroundColor Yellow
+
+      If($isExcluded) {Write-Host "Profile $accountName was excluded!" continue}
+
+      If($InactiveDays -ne [uint32]::MaxValue -And $profileUnusedDays -le $InactiveDays){
+        
+      Write-Host "`nSkipping ""$account"" as it is recently used." -ForegroundColor Blue 
+      Write-Host "Account SID: $sid"
+      Write-Host "Special system service user: $special"
+      Write-Host "Profile Path: $profilePath"
+      Write-Host "Loaded : $loaded"
+      Write-Host "Last use time: $lastUseTime"
+      If ($lastLoginDate -ne $null) { Write-Host "Last login: $lastLoginDate" }
+      Write-Host "Profile unused days: $profileUnusedDays"
+        continue}
+
+      $profilesFound ++
+
+      If ($profilesFound -gt 1) {Write-Host "`n"}
+      Write-Host "`nStart deleting profile ""$account"" on computer ""$computer"" ..." -ForegroundColor Red
+      Write-Host "Account SID: $sid"
+      Write-Host "Special system service user: $special"
+      Write-Host "Profile Path: $profilePath"
+      Write-Host "Loaded : $loaded"
+      Write-Host "Last use time: $lastUseTime"
+      If ($lastLoginDate -ne $null) { Write-Host "Last login: $lastLoginDate" }
+      Write-Host "Profile unused days: $profileUnusedDays"
+
+      If ($loaded) {
+       Write-Warning "Cannot delete profile because is in use"
+       Continue
+      }
+
+      Try {
+        $profile.Delete()           
+        Write-Host "Profile deleted successfully" -ForegroundColor Green        
+      } Catch {            
+        Write-Host "Error during delete the profile" -ForegroundColor Red
+      }
     }
+  }
+
+  If($profilesFound -eq 0){
+    Write-Warning "No profiles to delete"
+  }
 }