Dieses Script löscht alle lokalen Benutzerprofile, die nicht in der ExclusionList enthalten sind. Es kommt schon mal vor, das man versuchen möchte alle Benutzerprofile zu löschen, ausser natürlich SYSTEM, Administrator und ggf. einigen speziellen Accounts. Man kann es zum Beispiel mittels automatischer Softwareverteilung an Rechner verteilen und die Profile dann löschen :-)
-
-
-
-
- <#
- .SYNOPSIS
- Deletes all local Userprofiles
- .DESCRIPTION
- This script deletes local Userprofiles. Exceptions could be configured like (local Administrator)
- or local Serviceaccounts
- .NOTES
- File Name : delete_all_userprofiles.ps1
- Author : Martin Bettin
-
- #>
- #$ComputerName = "NBWG092"
- $ComputerName = $env:computername
- #ExclusionList - Which profiles are Excluded from delete action.
- $excludeFiles = 'S_LocalAdmin','S_Matrix42Admin','NETZWERKDIENST','LOKALER DIENST','SYSTEM','Administrator'
-
-
-
- foreach($Computer in $ComputerName)
- {
- Write-Verbose "Working on $Computer"
- if(Test-Connection -ComputerName $Computer -Count 1 -ea 0)
- {
- $Profiles = Get-WmiObject -Class Win32_UserProfile -Computer $Computer -ea 0
- foreach ($profile in $profiles)
- {
- # Traslate User SID to Profilename
- $objSID = New-Object System.Security.Principal.SecurityIdentifier($profile.sid)
- $objuser = $objsid.Translate([System.Security.Principal.NTAccount])
- $profilename = $objuser.value.split("\")[1]
- if ($excludeFiles -notcontains $profilename)
- {
-
- try
- {
- $profile.delete()
- Write-Host "$profilename profile deleted successfully on $Computer"
- } catch
- {
- Write-Host "Failed to delete the profile, $profilename on $Computer"
- }
- }
- }
-
- }
- }
-
-
-
-