Just run the Script and have some fun while deleting local/remote Userprofiles 🙂
The parameters Username and ComputerName are mandatory.
The parameter -wildcard:$true allows to delete multiple profiles. For example all users with the profile name “John*“.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 |
#by J.Kühnis #Code Elements of https://gallery.technet.microsoft.com/scriptcenter/Remove-UserProfileps1-871f57c4 #Run with elevated rights $currentPrincipal = New-Object Security.Principal.WindowsPrincipal( [Security.Principal.WindowsIdentity]::GetCurrent( ) ) if ( -not ($currentPrincipal.IsInRole( [Security.Principal.WindowsBuiltInRole]::Administrator ) ) ) { Write-Host "This script must be executed in admin mode." -ForegroundColor Yellow Write-Error "This script must be executed in admin mode." -ErrorAction Stop Pause } Function Reset-LocalUserProfile { [CmdletBinding()] Param( [Parameter(Mandatory = $true)][string]$Username, [Parameter(Mandatory = $true)][string]$ComputerName, [switch]$IncludeSpecialUsers = $False, [switch]$Force = $True, [bool]$Wildcard ) IF ($Username -match '\*'){ IF($Wildcard){ Write-Warning "wildcard enabled, deletion for multiple users enabled" }Else{ Write-Warning "Username must be unique without wildcard '*'. If you like to use wildcard, please use '-Widlcard `$true' parameter. " return } } $profileFounds = 0 #Region Functions #https://www.petri.com/test-network-connectivity-powershell-test-connection-cmdlet Function Test-PSRemoting { [cmdletbinding()] Param( [Parameter(Position = 0, Mandatory, HelpMessage = "Enter a computername", ValueFromPipeline)] [ValidateNotNullorEmpty()] [string]$Computername, [System.Management.Automation.Credential()]$Credential = [System.Management.Automation.PSCredential]::Empty ) Begin { Write-Host -Message "Starting $($MyInvocation.Mycommand)" } #begin Process { Write-Host -Message "Testing $computername" Try { $r = Test-WSMan -ComputerName $Computername -Credential $Credential -Authentication Default -ErrorAction Stop $True } Catch { Write-Host $_.Exception.Message $False } } #Process End { Write-Host -Message "Ending $($MyInvocation.Mycommand)" } #end } #close function #Check IF WinRM is OK IF (!(Test-PSRemoting -Computername $ComputerName)) { Write-Host -Message "PS Remoting Error, can't reach Connect with WinRM" return } Try { $profiles = Get-WmiObject -Class Win32_UserProfile -Computer $ComputerName -Filter "Special = '$IncludeSpecialUsers'" -EnableAllPrivileges } Catch { Write-Warning "Failed to retreive user profiles on $ComputerName" return } ForEach ($profile in $profiles) { try { $sid = New-Object System.Security.Principal.SecurityIdentifier($profile.SID) $account = $sid.Translate([System.Security.Principal.NTAccount]) $accountName = $account.value.split("\")[1] $profilePath = $profile.LocalPath $loaded = $profile.Loaded $special = $profile.Special } catch { continue } If ($accountName.ToLower() -Eq $UserName.ToLower() -Or ($UserName.Contains("*") -And $accountName.ToLower() -Like $UserName.ToLower())) { #If ($ExcludeUserName -ne [string]::Empty -And -Not $ExcludeUserName.Contains("*") -And ($accountName.ToLower() -eq $ExcludeUserName.ToLower())) {Continue} #If ($ExcludeUserName -ne [string]::Empty -And $ExcludeUserName.Contains("*") -And ($accountName.ToLower() -Like $ExcludeUserName.ToLower())) {Continue} $profileFounds ++ If ($profileFounds -gt 1) {Write-Host "`n"} Write-Host "Start deleting profile ""$account"" on computer ""$ComputerName"" ..." -ForegroundColor Green Write-Host "Account SID: $sid" Write-Host "Special system service user: $special" Write-Host "Profile Path: $profilePath" Write-Host "Loaded : $loaded" If ($loaded) { Write-Warning "Cannot delete profile because is in use" Continue } If ($Force -Or $PSCmdlet.ShouldProcess($account)) { Try { $profile.Delete() Write-Host "Profile deleted successfully" -ForegroundColor Green } Catch { Write-Host "Error during delete the profile. Maybe the user with you executed the script has no rights or the script was not started with admin rights." -ForegroundColor Red } } } } If ($profileFounds -eq 0) { Write-Warning "No profiles found on $ComputerName with Name $UserName" } Write-Host '########## START SCRIPT ##########' -ForegroundColor yellow Reset-LocalUserProfile } Reset-LocalUserProfile |
0