Created
March 31, 2015 15:33
-
-
Save vScripter/88664263a47361297c77 to your computer and use it in GitHub Desktop.
Script to remove a selected AD user profile from a system or multiple systems
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[cmdletbinding(PositionalBinding = $true)] | |
param ( | |
[parameter(Mandatory = $true, | |
Position = 0)] | |
[System.String[]]$ComputerName, | |
[parameter(Mandatory = $true, | |
Position = 1, | |
HelpMessage = "Enter the account name in 'DOMAIN\USERNAME' notation ")] | |
[System.String]$UserName, | |
[parameter(Mandatory = $false)] | |
[Switch]$List | |
) | |
#Requires -Module ActiveDirectory | |
#Requires -Version 3 | |
BEGIN { | |
# setting this at the script scope to make sure that calling Get-WmiObject methods cause terminating errors; they don't always do | |
$ErrorActionPreference = 'Stop' | |
$userNameUpper = $UserName.ToUpper() | |
$userSplit = ($userNameUpper).Split('\') | |
$userDomain = $userSplit[0] | |
$userAccount = $userSplit[1] | |
Write-Verbose -Message 'Checking AD for provided user name' | |
try { | |
$adUserQuery = Get-ADUser -Server $userDomain -Identity $userAccount -ErrorAction 'Stop' | |
$userSID = $adUserQuery.sid.value | |
} catch { | |
Write-Warning -Message '[ERROR] Could not find user in AD. Exiting' | |
Exit | |
} # end try/catch | |
} # end BEGIN block | |
PROCESS { | |
foreach ($computer in $ComputerName) { | |
$wmiUserProfile = $null | |
$objUserProfile = @() | |
$wmiUserName = $null | |
$wmiOsQuery = $null | |
$wmiOsName = $null | |
$wmiOsBuild = $null | |
$remotePath = $null | |
if (Test-Connection -ComputerName $computer -Count 1 -Quiet) { | |
Write-Verbose -Message "[$computer] Working..." | |
try { | |
$wmiOsQuery = Get-WmiObject -ComputerName $computer -Query "SELECT CSName,Caption,BuildNumber FROM win32_OperatingSystem" | |
$wmiOsName = $wmiOsQuery.Caption | |
$wmiOsBuild = $wmiOsQuery.BuildNumber | |
$wmiOsComputerName = $wmiOsQuery.CSName | |
} catch { | |
Write-Warning -Message "[$computer][ERROR] Could not gather info from WMI." | |
} # end try/catch | |
if (($wmiOsBuild -eq '3790') -or ($wmiOsBuild -eq '2195')) { | |
if ($List) { | |
$objUserProfile = [PSCustomObject] @{ | |
ComputerName = $wmiOsComputerName | |
UserName = 'WARNING - OS does not support the required WMI class' | |
UserSID = "Operating System: '$wmiOsName'" | |
ProfileStatus = 'N/A' | |
ProfilePath = 'N/A' | |
ErrorMessage = $null | |
} | |
$objUserProfile | |
} else { | |
Write-Verbose -Message "[$computer] Removing Profile Using Legacy Method" | |
try { | |
$remotePath = "\\$computer\c$\Documents and Settings\kir9000*" | |
Remove-Item -Path $remotePath -Recurse -Force | |
$objUserProfile = [PSCustomObject] @{ | |
ComputerName = $wmiOsComputerName | |
UserName = 'Successfully Removed' | |
UserSID = 'N/A' | |
ProfileStatus = 'N/A' | |
ProfilePath = 'Successfully Removed' | |
ErrorMessage = $null | |
} | |
$objUserProfile | |
} catch { | |
Write-Warning -Message "[$computer][ERROR] Could not remove profile using legacy method" | |
$objUserProfile = [PSCustomObject] @{ | |
ComputerName = $wmiOsComputerName | |
UserName = 'N/A Using Legacy Method' | |
UserSID = $null | |
ProfileStatus = $null | |
ProfilePath = $null | |
ErrorMessage = " | |
Process: Removing profile using legacy method | |
Operating System: $wmiOsName | |
Error Message: $_" | |
} | |
$objUserProfile | |
} # end try/catch | |
} # end if/else $list | |
} elseif ($wmiOsBuild) { | |
try { | |
$wqlQuery = "SELECT SID,Loaded,LocalPath FROM win32_userprofile WHERE SID = '$userSID'" | |
$wmiUserProfile = Get-WmiObject -ComputerName $computer -Query $wqlQuery | |
if ($List) { | |
$wmiUserName = ($wmiUserProfile.LocalPath).replace('C:\Users\', '') | |
$objUserProfile = [PSCustomObject] @{ | |
ComputerName = $wmiOsComputerName | |
UserName = $wmiUserName | |
UserSID = $wmiUserProfile.SID | |
ProfileStatus = if ($wmiUserProfile.Loaded -eq $true) { | |
'Loaded' | |
} elseif ($wmiUserProfile.Loaded -eq $false) { | |
'Unloaded' | |
} else { | |
'Unknown/Could Not Pull From WMI' | |
} # end if/elseif/else ProfileStatus | |
ProfilePath = $wmiUserProfile.LocalPath | |
ErrorMessage = $null | |
} | |
$objUserProfile | |
} else { | |
Write-Verbose -Message "[$computer] Deleting Profile $userNameUpper" | |
$wmiUserProfile.delete() | |
$objUserProfile = [PSCustomObject] @{ | |
ComputerName = $wmiOsComputerName | |
UserName = $wmiUserName | |
UserSID = $wmiUserProfile.SID | |
ProfileStatus = if ($wmiUserProfile.Loaded -eq $true) { | |
'Loaded' | |
} elseif ($wmiUserProfile.Loaded -eq $false) { | |
'Unloaded' | |
} else { | |
'Unknown/Could Not Pull From WMI' | |
} # end if/elseif/else ProfileStatus | |
ProfilePath = 'Successfully Deleted' | |
ErrorMessage = $null | |
} | |
$objUserProfile | |
} # end if/else $list | |
} catch { | |
Write-Warning -Message "[$computer][ERROR] Error Listing or Deleting profile - $_" | |
$objUserProfile = [PSCustomObject] @{ | |
ComputerName = $wmiOsComputerName + ' [ERROR]' | |
UserName = $wmiUserName | |
UserSID = $wmiUserProfile.SID | |
ProfileStatus = if ($wmiUserProfile.Loaded -eq $true) { | |
'Loaded' | |
} elseif ($wmiUserProfile.Loaded -eq $false) { | |
'Unloaded' | |
} else { | |
'Unknown/Could Not Pull From WMI' | |
} # end if/elseif/else ProfileStatus | |
ProfilePath = $null | |
ErrorMessage = " | |
Process: Listing or Deleting profile | |
Operating System: $wmiOsName | |
Error Message: $_" | |
} | |
$objUserProfile | |
} # end try/catch | |
} else { | |
Write-Warning -Message "[$computer][ERROR] Other Error - $_" | |
$objUserProfile = [PSCustomObject] @{ | |
ComputerName = $computer + ' [ERROR]' | |
UserName = $null | |
UserSID = $null | |
ProfileStatus = $null | |
ProfilePath = $null | |
ErrorMessage = " | |
Process: Other Error | |
Operating System: $wmiOsName | |
Error Message: $_" | |
} | |
$objUserProfile | |
} # end if/elseif/else OS Build | |
} else { | |
Write-Warning -Message "[$computer] Could not ping" | |
$objUserProfile = [PSCustomObject] @{ | |
ComputerName = $computer | |
UserName = $null | |
UserSID = $null | |
ProfileStatus = $null | |
ProfilePath = $null | |
ErrorMessage = 'Could not ping' | |
} | |
$objUserProfile | |
} # end if/else Test-Connection $computer | |
} # end foreach $computer | |
} # end PROCESS block | |
END { | |
# | |
} # end END block |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment