Last active
June 26, 2024 16:02
-
-
Save noelruault/380805015f93f63ed2acae91d9d0b491 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Remove Windows users script | |
# Initial excluded users list | |
$excludedUsers = @("Admin", "admin", "Administrator", "administrator", "Administrador", "administrador", "Invitado", "DefaultAccount", "WDAGUtilityAccount", "USER", "User", "user", "gaia", "Professorat", "Profesorado", "profesorado", "professor", "profesor", "professorat") | |
# Get existing local users | |
$localUsers = Get-WmiObject -Class Win32_UserAccount -Filter "LocalAccount='True'" | Select-Object -ExpandProperty Name | |
# Filter excluded users that are in the local users list | |
$defaultChoices = $excludedUsers | Where-Object { $localUsers -contains $_ } | |
$nonDefaultChoices = $localUsers | Where-Object { $excludedUsers -notcontains $_ } | |
# Check if Gum is installed | |
Function Check-Gum { | |
try { | |
$gumVersion = Invoke-Expression "gum --version" | |
return $true | |
} catch { | |
return $false | |
} | |
} | |
# Function to prompt for Gum installation | |
Function Install-Gum { | |
Write-Host "Gum is not installed. Do you want to install it now? [Y/N]" | |
$response = Read-Host | |
if ($response -eq 'Y' -or $response -eq 'y') { | |
Invoke-Expression "winget install charmbracelet.gum" | |
if (-not (Check-Gum)) { | |
Write-Host "Failed to install Gum. Exiting." | |
exit | |
} | |
} else { | |
Write-Host "Gum installation skipped. Exiting." | |
exit | |
} | |
} | |
# Function to remove local users | |
Function Remove-LocalUser { | |
<# | |
.Synopsis | |
This function deletes a local user | |
.Description | |
This function deletes a local user | |
.Example | |
Remove-LocalUser -userName "usr" | |
Removes a new local user named usr. | |
.Parameter ComputerName | |
The name of the computer upon which to delete the user | |
.Parameter UserName | |
The name of the user to delete | |
.Notes | |
NAME: Remove-LocalUser | |
AUTHOR: Noël Ruault, based on ed wilson's version | |
LASTEDIT: 26/06/2023 10:07:42 | |
KEYWORDS: Local Account Management, Users | |
#Requires -Version 2.0 | |
#> | |
[CmdletBinding()] | |
Param( | |
[Parameter(Position=0, Mandatory=$True, ValueFromPipeline=$True)] | |
[string]$userName | |
) | |
$computerName = $env:ComputerName | |
$User = [ADSI]"WinNT://$computerName" | |
$user.Delete('user', $userName) | |
} | |
# Prompt whether to use Gum or default script | |
Write-Host "Do you want to use Gum for interactive prompts? [Y/N]" | |
$useGum = Read-Host | |
if ($useGum -eq 'Y' -or $useGum -eq 'y') { | |
# Check and install Gum if necessary | |
if (-not (Check-Gum)) { | |
Install-Gum | |
} | |
$defaultChoicesToSelectedParam = $defaultChoices -join "," | |
$gumChoicesCommand = "gum choose --no-limit --selected=$defaultChoicesToSelectedParam " + ($defaultChoices + $nonDefaultChoices) -join " " | |
# Introduction message | |
$introMessage = "This script is meant to delete local users except for specified excluded users. It will list all local users and prompt you to add any other users to the exclusion list. Are you sure you want to proceed?" | |
# Confirm the action | |
Invoke-Expression "gum confirm -- \"$introMessage\"" | Out-Null | |
if ($LASTEXITCODE -ne 0) { | |
Write-Host "Action canceled by user." | |
exit | |
} | |
# Prompt for additional excluded users | |
$selectedUsers = Invoke-Expression "$gumChoicesCommand" | Out-String | |
$selectedUsers = $selectedUsers.Trim() -split "\n" | |
Write-Host "You have selected the following users to exclude:" | |
$selectedUsers | ForEach-Object { Write-Host $_ } | |
# Confirm the selection | |
$confirmSelectionMessage = "The selected users will be excluded from deletion. Do you want to proceed?" | |
Invoke-Expression "gum confirm -- \"$confirmSelectionMessage\"" | Out-Null | |
if ($LASTEXITCODE -ne 0) { | |
Write-Host "Action canceled by user." | |
exit | |
} | |
# Update excluded users list | |
$excludedUsers = $selectedUsers | |
} else { | |
Write-Host "Running the default script without interactive prompts." | |
} | |
# Remove users not in the excluded list | |
foreach ($localUser in $localUsers) { | |
if ($excludedUsers -contains $localUser -or $excludedUsers -contains $localUser.ToUpperInvariant() -or $excludedUsers -contains $localUser.ToLowerInvariant()) { | |
Write-Host "Skipping user: $localUser" | |
} else { | |
Write-Host "Removing user: $localUser" | |
Remove-LocalUser -userName $localUser | |
} | |
} | |
# Note: Ideally the system should have an automatic removal user policy enabled: https://gpsearch.azurewebsites.net/#2583 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment