New script
This commit is contained in:
poslop
@@ -1,43 +1,104 @@
|
||||
# Define the path to the user profiles directory
|
||||
$profilesPath = "C:\\Users"
|
||||
#Requires -RunAsAdministrator
|
||||
[cmdletbinding(ConfirmImpact = 'High', SupportsShouldProcess=$True)]
|
||||
|
||||
# Get all user directories (excluding hidden and system directories)
|
||||
$userDirs = Get-ChildItem -Path $profilesPath -Exclude "Default*", "*Public" | Where-Object { $_.Attributes -notmatch 'Hidden|System' }
|
||||
$UserName = "*"
|
||||
$ExcludedUserNames = @("Administrator", "Default Profile")
|
||||
$InactiveDays = 14
|
||||
$ComputerName = $env:computername
|
||||
|
||||
# Define the exclusion list
|
||||
$exclusionList = @(
|
||||
"Administrator",
|
||||
"Default User"
|
||||
)
|
||||
|
||||
# Determine the cutoff date (14 days ago from today)
|
||||
$cutoffDate = (Get-Date).AddDays(-14)
|
||||
|
||||
foreach ($userDir in $userDirs) {
|
||||
# Get the user profile name
|
||||
$username = $userDir.Name
|
||||
ForEach ($computer in $ComputerName)
|
||||
{
|
||||
$profilesFound = 0
|
||||
Try {
|
||||
$profiles = Get-CimInstance -Class Win32_UserProfile
|
||||
} Catch {
|
||||
Write-Warning "Failed to retreive user profiles on $ComputerName"
|
||||
Exit
|
||||
}
|
||||
|
||||
# Check if the username is in the exclusion list
|
||||
if ($exclusionList -contains $username) {
|
||||
Write-Host "Excluding profile: $username" -ForegroundColor Yellow
|
||||
continue
|
||||
}
|
||||
|
||||
ForEach ($profile in $profiles) {
|
||||
$sid = New-Object System.Security.Principal.SecurityIdentifier($profile.SID)
|
||||
$account = $sid.Translate([System.Security.Principal.NTAccount])
|
||||
$accountDomain = $account.value.split("\")[0]
|
||||
$accountName = $account.value.split("\")[1]
|
||||
$profilePath = $profile.LocalPath
|
||||
$loaded = $profile.Loaded
|
||||
$lastUseTime = $profile.LastUseTime
|
||||
$isExcluded = $False
|
||||
$special = $profile.Special
|
||||
|
||||
# Check for ntuser.dat file to confirm it's a user profile
|
||||
$ntUserFile = Join-Path -Path $userDir.FullName -ChildPath "ntuser.dat"
|
||||
if (Test-Path $ntUserFile) {
|
||||
# Get the last write time of the ntuser.dat file
|
||||
$lastWriteTime = (Get-Item $ntUserFile).LastWriteTime
|
||||
|
||||
# Determine if the profile should be deleted based on the cutoff date
|
||||
if ($lastWriteTime -lt $cutoffDate) {
|
||||
Write-Host "Deleting profile: $username" -ForegroundColor Red
|
||||
# Delete the user profile directory
|
||||
Remove-Item -Path $userDir.FullName -Force -Recurse
|
||||
} else {
|
||||
Write-Host "Profile still active: $username" -ForegroundColor Green
|
||||
If ($special) {continue}
|
||||
|
||||
#Calculation of the login date
|
||||
$lastLoginDate = $null
|
||||
If ($accountDomain.ToUpper() -eq $computer.ToUpper()) {$lastLoginDate = [datetime]([ADSI]"WinNT://$computer/$accountName").LastLogin[0]}
|
||||
|
||||
#Calculation of the unused days of the profile
|
||||
$profileUnusedDays=0
|
||||
If (-Not $loaded){
|
||||
If($lastLoginDate -eq $null){ $profileUnusedDays = (New-TimeSpan -Start $lastUseTime -End (Get-Date)).Days }
|
||||
Else{$profileUnusedDays = (New-TimeSpan -Start $lastLoginDate -End (Get-Date)).Days}
|
||||
}
|
||||
|
||||
If($accountName.ToLower() -Eq $UserName.ToLower() -Or
|
||||
($UserName.Contains("*") -And $accountName.ToLower() -Like $UserName.ToLower())) {
|
||||
|
||||
ForEach ($eun in $ExcludedUserNames) {
|
||||
If($eun -ne [string]::Empty -And -Not $eun.Contains("*") -And ($accountName.ToLower() -eq $eun.ToLower())){
|
||||
$isExcluded = $True
|
||||
break
|
||||
}
|
||||
If($eun -ne [string]::Empty -And $eun.Contains("*") -And ($accountName.ToLower() -Like $eun.ToLower())){
|
||||
$isExcluded = $True
|
||||
break
|
||||
}
|
||||
}
|
||||
} else {
|
||||
Write-Host "Skipping profile without ntuser.dat: $username" -ForegroundColor Yellow
|
||||
|
||||
If($isExcluded) {Write-Host "Profile $accountName was excluded!" continue}
|
||||
|
||||
If($InactiveDays -ne [uint32]::MaxValue -And $profileUnusedDays -le $InactiveDays){
|
||||
|
||||
Write-Host "`nSkipping ""$account"" as it is recently used." -ForegroundColor Blue
|
||||
Write-Host "Account SID: $sid"
|
||||
Write-Host "Special system service user: $special"
|
||||
Write-Host "Profile Path: $profilePath"
|
||||
Write-Host "Loaded : $loaded"
|
||||
Write-Host "Last use time: $lastUseTime"
|
||||
If ($lastLoginDate -ne $null) { Write-Host "Last login: $lastLoginDate" }
|
||||
Write-Host "Profile unused days: $profileUnusedDays"
|
||||
continue}
|
||||
|
||||
$profilesFound ++
|
||||
|
||||
If ($profilesFound -gt 1) {Write-Host "`n"}
|
||||
Write-Host "`nStart deleting profile ""$account"" on computer ""$computer"" ..." -ForegroundColor Red
|
||||
Write-Host "Account SID: $sid"
|
||||
Write-Host "Special system service user: $special"
|
||||
Write-Host "Profile Path: $profilePath"
|
||||
Write-Host "Loaded : $loaded"
|
||||
Write-Host "Last use time: $lastUseTime"
|
||||
If ($lastLoginDate -ne $null) { Write-Host "Last login: $lastLoginDate" }
|
||||
Write-Host "Profile unused days: $profileUnusedDays"
|
||||
|
||||
If ($loaded) {
|
||||
Write-Warning "Cannot delete profile because is in use"
|
||||
Continue
|
||||
}
|
||||
|
||||
Try {
|
||||
$profile.Delete()
|
||||
Write-Host "Profile deleted successfully" -ForegroundColor Green
|
||||
} Catch {
|
||||
Write-Host "Error during delete the profile" -ForegroundColor Red
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
If($profilesFound -eq 0){
|
||||
Write-Warning "No profiles to delete"
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user