#Requires -RunAsAdministrator [cmdletbinding(ConfirmImpact = 'High', SupportsShouldProcess=$True)] # CHANGE ME # Change these settings $ExcludedUserNames = @("Administrator", "Example Profile") $InactiveDays = 14 $profilesFound = 0 $ComputerName = $env:computername Try { $profiles = Get-CimInstance -Class Win32_UserProfile } Catch { Write-Warning "Failed to retreive user profiles on $ComputerName" Exit } ForEach ($profile in $profiles) { $sid = New-Object System.Security.Principal.SecurityIdentifier($profile.SID) $account = $sid.Translate([System.Security.Principal.NTAccount]) $accountDomain = $account.value.split("\")[0] $accountName = $account.value.split("\")[1] $profilePath = $profile.LocalPath $loaded = $profile.Loaded $lastUseTime = $profile.LastUseTime $isExcluded = $False $special = $profile.Special # Check if the account is special/system account If ($special) {continue} # Check if the account is Excluded or not ForEach ($eun in $ExcludedUserNames) { If($eun -ne [string]::Empty -And -Not $eun.Contains("*") -And ($accountName.ToLower() -eq $eun.ToLower())){ $isExcluded = $True break } If($eun -ne [string]::Empty -And $eun.Contains("*") -And ($accountName.ToLower() -Like $eun.ToLower())){ $isExcluded = $True break } } # Continue if excluded If($isExcluded) { Write-Host "`nProfile $accountName was excluded!" -ForegroundColor Blue continue } #Calculation of the login date $lastLoginDate = $null If ($accountDomain.ToUpper() -eq $ComputerName.ToUpper()) {$lastLoginDate = [datetime]([ADSI]"WinNT://$ComputerName/$accountName").LastLogin[0]} #Calculation of the unused days of the profile $profileUnusedDays=0 If (-Not $loaded){ If($lastLoginDate -eq $null){ $profileUnusedDays = (New-TimeSpan -Start $lastUseTime -End (Get-Date)).Days } Else{$profileUnusedDays = (New-TimeSpan -Start $lastLoginDate -End (Get-Date)).Days} } If($InactiveDays -ne [uint32]::MaxValue -And $profileUnusedDays -le $InactiveDays){ Write-Host "`nSkipping ""$account"" as it is recently used." -ForegroundColor Blue Write-Host "Account SID: $sid" Write-Host "Special system service user: $special" Write-Host "Profile Path: $profilePath" Write-Host "Loaded : $loaded" Write-Host "Last use time: $lastUseTime" If ($lastLoginDate -ne $null) { Write-Host "Last login: $lastLoginDate" } Write-Host "Profile unused days: $profileUnusedDays" continue} $profilesFound ++ If ($profilesFound -gt 1) {Write-Host "`n"} Write-Host "`nStart deleting profile ""$account"" on computer ""$ComputerName"" ..." -ForegroundColor Red Write-Host "Account SID: $sid" Write-Host "Special system service user: $special" Write-Host "Profile Path: $profilePath" Write-Host "Loaded : $loaded" Write-Host "Last use time: $lastUseTime" If ($lastLoginDate -ne $null) { Write-Host "Last login: $lastLoginDate" } Write-Host "Profile unused days: $profileUnusedDays" If ($loaded) { Write-Warning "Cannot delete profile because is in use" Continue } Try { Remove-CimInstance $profile Write-Host "Profile deleted successfully" -ForegroundColor Green } Catch { Write-Host "Error during delete the profile" -ForegroundColor Red } } If($profilesFound -eq 0){ Write-Warning "No profiles to delete" }