Script for deleting cached user profiles
Hey everyone!
I'm a newbie here to this forum. I come in search of a good scripting solution. Here is what I want to do.
I work in IT at my local school district. We beginning to have problems related to cached profiles being stuck on computers. Group Policy is supposed to delete them on logoff, but most of the time it isn't reliable anymore. We created a .vbs script to run as a scheduled task at computer startup which deleted all user profile folders in C:\Documents and Settings\ except for the ones we specified in our script. While this method was very rough, it worked. Specifying profiles NOT to delete is a pain in the rear so I now want to make my solution better.
Most Domain Users are setup with mandatory profiles, and some with local profiles. I want the Local ones + Default User to stay untouched, and cached Mandatory Profile folders to delete. Here is where I need some assistance on the scripting end of it. Local profiles and the Default User folder contain a file called ntuser.dat within C:\Documents & Settings\UserName. Mandatory Profiles contain a file called ntuser.man within them instead.
I'm wondering if a script can:
A. Search for all files called "ntuser.man" within each user profile folder in C:\Documents and Settings\
B. Then delete the PARENT folder (User Profile) of any of the ntuser.man files.
What I want to happen: Script searches C:\Documents and Settings\ and finds "ntuser.man" found in C:\Documents and Settings\UserA and in C:\Documents and Settings\UserB. Script deletes all files within each of the folders that ntuser.man is found in and then deletes the UserA and UsersB folders. (Parent folders of ntuser.man files). It doesn't have to delete it in that order, just as long as UserA and UserBs profiles are gone after the script has been ran at Windows startup.
Any coding ideas?
-Dan
I'm a newbie here to this forum. I come in search of a good scripting solution. Here is what I want to do.
I work in IT at my local school district. We beginning to have problems related to cached profiles being stuck on computers. Group Policy is supposed to delete them on logoff, but most of the time it isn't reliable anymore. We created a .vbs script to run as a scheduled task at computer startup which deleted all user profile folders in C:\Documents and Settings\ except for the ones we specified in our script. While this method was very rough, it worked. Specifying profiles NOT to delete is a pain in the rear so I now want to make my solution better.
Most Domain Users are setup with mandatory profiles, and some with local profiles. I want the Local ones + Default User to stay untouched, and cached Mandatory Profile folders to delete. Here is where I need some assistance on the scripting end of it. Local profiles and the Default User folder contain a file called ntuser.dat within C:\Documents & Settings\UserName. Mandatory Profiles contain a file called ntuser.man within them instead.
I'm wondering if a script can:
A. Search for all files called "ntuser.man" within each user profile folder in C:\Documents and Settings\
B. Then delete the PARENT folder (User Profile) of any of the ntuser.man files.
What I want to happen: Script searches C:\Documents and Settings\ and finds "ntuser.man" found in C:\Documents and Settings\UserA and in C:\Documents and Settings\UserB. Script deletes all files within each of the folders that ntuser.man is found in and then deletes the UserA and UsersB folders. (Parent folders of ntuser.man files). It doesn't have to delete it in that order, just as long as UserA and UserBs profiles are gone after the script has been ran at Windows startup.
Any coding ideas?
-Dan
0 Comments
[ + ] Show comments
Answers (5)
Please log in to answer
Posted by:
AssmbLLYCoder
15 years ago
Hi Dan,
If I had enough time at hand then I would follow the below approach to implement a working solution (using a VBS or any other scripting language for that matter):
Enumerate the following Registry hive:
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\hivelist"
for NTUSR.MAN entries putting the Folder path from the value of the shortlisted keys into a temp txt file (or an array).
then use the txt file (or array elements) as a command line argument to Delete the Folders.
Hope this helps
Note: You may need to declare a few constants for "Device" and "HarddiskVolumeX" or you can use WMI to get the value of these variables in the above Registry.
If I had enough time at hand then I would follow the below approach to implement a working solution (using a VBS or any other scripting language for that matter):
Enumerate the following Registry hive:
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\hivelist"
for NTUSR.MAN entries putting the Folder path from the value of the shortlisted keys into a temp txt file (or an array).
then use the txt file (or array elements) as a command line argument to Delete the Folders.
Hope this helps
Note: You may need to declare a few constants for "Device" and "HarddiskVolumeX" or you can use WMI to get the value of these variables in the above Registry.
Posted by:
anonymous_9363
15 years ago
Some notes:
- there are innumerable examples of scripts which perform some operation recursively on folders. Have a browse of this forum for posts with links to, for example http://www.computerperformance.com. That should turn up posts with other links to good sites with examples.
- remember to make your code as modular as possible. For example, avoid the temptation to hard-code 'C:\Docukents and Settings', as this location doesn't exist in Vista: the last thing you want is to have to re-visit this when/if you roll out whichever OS you choose to replace XP.
- error-trap, error--trap, error-trap. Assume NOTHING. If your code creates an object, check that it got created (If IsObject...) If you create an array, make sure it has content, and so on. Although adding error-checking code can be tedious, there is a very good routine which some Microsoft scripts use which make it MUCH simpler. Search for 'BugAssert'.
- there are innumerable examples of scripts which perform some operation recursively on folders. Have a browse of this forum for posts with links to, for example http://www.computerperformance.com. That should turn up posts with other links to good sites with examples.
- remember to make your code as modular as possible. For example, avoid the temptation to hard-code 'C:\Docukents and Settings', as this location doesn't exist in Vista: the last thing you want is to have to re-visit this when/if you roll out whichever OS you choose to replace XP.
- error-trap, error--trap, error-trap. Assume NOTHING. If your code creates an object, check that it got created (If IsObject...) If you create an array, make sure it has content, and so on. Although adding error-checking code can be tedious, there is a very good routine which some Microsoft scripts use which make it MUCH simpler. Search for 'BugAssert'.
Posted by:
aogilmor
15 years ago
Wow, that seems like a real pain. What kinds of users are you talking about? domain users? Why does all this need to be done? It almost seems like in that situation you're talking bad security practice. Also doesn't it seem silly to have mandatory profiles, and THEN to delete them? Also, you say GPO is not reliable anymore?. So it used to be and now it's not?....Any guess as to why that might be?.....
If you're talking about users on kiosk machines (i.e. .library) then there's good management software to deal with that, IIRC Symantec makes softare like that.
Good luck and let us know how it goes.
If you're talking about users on kiosk machines (i.e. .library) then there's good management software to deal with that, IIRC Symantec makes softare like that.
Good luck and let us know how it goes.
Posted by:
jmcfadyen
15 years ago
search for delprof.exe its an MS endorsed product designed to do the job you want no point reinventing the wheel.
Posted by:
dodgy
15 years ago
Sounds like something is preventing the ntuser.man file from being unloaded at logoff (incase you're unaware the ntuser.man is the users registry).
You can try the Microsoft User Profile Cleanup Service to help unload the user profiles:
http://tinyurl.com/495ga
Failing that after the user has logged off check to see if the profile was deleted, if not log onto the machine as the local admin and run sysinternals Process Explorer (download from www.sysinternals.com). See if any applications are running that have open handles (registry, files etc) to the user profile in question.
I have seen some applications, vnc for example, seems to keep a registry key open under the logged on users reg hive when a remote control is initiated.
You can try the Microsoft User Profile Cleanup Service to help unload the user profiles:
http://tinyurl.com/495ga
Failing that after the user has logged off check to see if the profile was deleted, if not log onto the machine as the local admin and run sysinternals Process Explorer (download from www.sysinternals.com). See if any applications are running that have open handles (registry, files etc) to the user profile in question.
I have seen some applications, vnc for example, seems to keep a registry key open under the logged on users reg hive when a remote control is initiated.
Rating comments in this legacy AppDeploy message board thread won't reorder them,so that the conversation will remain readable.
