Earlier this year I was tasked with cleaning up the workstations on our network to help reduce the amount of time needed for our daily virus scan to complete. One of the issues I took on was cleaning up old cached profiles from the use of roaming profiles. This was not something I wanted to do manually for the 150 PCs that we have across our building, so I made a script that would look for profiles that had not been modified in the last 90 days and wasn’t a system account (localservice, networkservice, default user, all users). Also, an advantage of using a script to do this is it can produce a report of what it will remove without actually doing it. That way you can be sure that you are not deleting things that you do want to keep.
This script does depending on file and print sharing being turned on for the workstation so the script can access the administrative shares on each computer. It does make the assumption that your profiles are saved in the default windows location C:\Documents and Settings\%username% and that you are the administrator for the domain.
Configuration
- Be sure to update the LDAP string ‘LDAP://OU=workstations,DC=subdomain,DC=domain,DC=com’ to match your Active Directory structure. The script needs to know where all the workstation are in Active Directory
- Find objConnection.Open “DomainController” and modify the put your Domain Controller in place of DomainController
- Find OldProfile objRecordSet.Fields(“Name”).Value, “C:\deletedprofiles.csv” and modify the filename to save the file where you and and named what you want, just be sure to leave the extension as CSV so it will open properly with your spreadsheet application.
- Most Importantly – Comment out fsoFolder.DeleteFolder objSubfolder, TRUE if you just want a report of what it will delete when run, if not it is currently setup to remove the unwanted profiles
Const ADS_SCOPE_SUBTREE = 2
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "shs-login"
Set objCOmmand.ActiveConnection = objConnection
objCommand.CommandText = _
"Select Name, Location from 'LDAP://OU=workstations,DC=subdomain,DC=domain,DC=com' " _
& "Where objectClass='computer'"
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
OldProfile objRecordSet.Fields("Name").Value, "C:\deletedprofiles.csv"
objRecordSet.MoveNext
Loop
Sub OldProfile(strComputer, strFilename)
On Error Resume Next
Set StdOut = WScript.StdOut
Set objFSO = CreateObject("scripting.filesystemobject")
Set logStream = objFSO.opentextfile(strFilename, 8, True)
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\default:StdRegProv")
If Err.Number Then
logStream.writeline(strComputer & ",Offline")
Err.Clear
Else
On Error Resume Next
Set objShell = CreateObject("Shell.Application")
Set fsoFolder = CreateObject("Scripting.FileSystemObject")
root = "\\" & strComputer &"\C$\Documents and Settings"
Set objFolder = fsoFolder.GetFolder(root)
Set colSubfolders = objFolder.Subfolders
For Each objSubfolder in colSubfolders
If (lcase(objSubfolder.Name) <> "localservice" AND lcase(objSubfolder.Name) <> "networkservice"_
AND lcase(objSubfolder.Name) <> "default user" AND lcase(objSubfolder.Name) <> "all users") then
If (DateDiff("D", objSubfolder.DateLastModified, Date()) > 90) then
logStream.writeline(strComputer & ",Online,Delete," & objSubfolder & "," & objSubfolder.DateLastModified)
fsoFolder.DeleteFolder objSubfolder, TRUE
else
logStream.writeline(strComputer & ",Online,Active," & objSubfolder & "," & objSubfolder.DateLastModified)
End If
else
logStream.writeline(strComputer & ",Online,System," & objSubfolder & "," & objSubfolder.DateLastModified)
End If
Next
End If
logStream.Close
End Sub
Read More