Forum Discussion

ryedogg72's avatar
ryedogg72
Copper Contributor
Nov 06, 2024

UserProfile Management with PowerShell

We have an issue where quarterly Nessus scans enumerate vulnerability findings for every user profile on an endpoint. This started me on a path to remove obsolete user profiles to reduce the noise fr...
User profiles
Windows PowerShell
DarkStar's avatar
DarkStar
Copper Contributor
Nov 22, 2024

Personally I would change to 90 days to have a better error on the side of caution. Here is a down and dirty script, 4 lines. Excludes, All Users, Default*, Admin* and Public. Deletes the User Folder if empty.  Use with much caution and test test test before deploying. 

Set-ExecutionPolicy Bypass -Force
$CleanUpFolder = "C:\Users"

Get-ChildItem -Directory $CleanUpFolder -Recurse -Force | Where {$_.LastWriteTime -lt (Get-Date).AddDays(-90) -and $_.Name -notlike "Default*" -and $_.Name -ne "Public" -and $_.Name -ne "All Users" -and $_.Name -notlike "Admin*"} | Remove-Item -Force -Recurse -ErrorAction SilentlyContinue
Get-ChildItem -Directory $CleanUpFolder -Recurse -Force | Sort-Object -Property FullName -Descending | Where { $_.GetFiles().Count -eq 0 -and $_.GetDirectories().Count -eq 0 } | Remove-Item -Force -ErrorAction SilentlyContinue

 

Resources