When it comes to cleaning up the C:\Users directory of old and obsolete user profiles on Windows workstations and servers, especially RDS (Remote Desktop Services) terminal servers, you can remotely delete a user profile from the command line tool using PowerShell.
As for the terminal servers, in the C:\Users folder, there accumulates a huge number of directories with out-of-date user profiles on a regular basis. Setting quotas on a directory and thus limiting the total amount of storage consumed on the directory (using FSRM or NTFS quotas, roaming folders, etc.) can be somewhat of a solution. In this article, we’ll cover the question of how to delete a user profile remotely via PowerShell.
How to Remove Old User Profiles via Powershell
Use a PowerShell script to find and delete user profiles for inactive or blocked users.
STEP 1: Calculate the size of the profile of each user in the C:\Users folder with the following script:
gci -force ‘C:\Users’-ErrorAction SilentlyContinue | ? { $_ -is [io.directoryinfo] } | % {
$len = 0
gci -recurse -force $_.fullname -ErrorAction SilentlyContinue | % { $len += $_.length }
$_.fullname, ‘{0:N2} GB’ -f ($len / 1Gb)
$sum = $sum + $len
}
“Total size of profiles”,'{0:N2} GB’ -f ($sum / 1Gb)
For instance, in our case the total size of all user profiles in the C:\Users directory is about 22 GB (see below).
STEP 2: List users whose profiles haven’t been active for more than 60 days. Use the value of the LastUseTime profile field for searching:
Get-WMIObject -class Win32_UserProfile | Where {(!$_.Special) -and ($_.ConvertToDateTime($_.LastUseTime) -lt (Get-Date).AddDays(-60))}| Measure-Object
Below, we’ve got 143 inactive user profiles on the terminal server.
STEP 3: To remove all of these user profiles.
- You can add a redirect list to the Remove-WmiObject command (before using the script to delete old user profiles, we recommend to double-check its output using the -WhatIf parameter):
Get-WMIObject -class Win32_UserProfile | Where {(! $ _. Special) -and (! $ _. Loaded) -and ($ _. ConvertToDateTime ($ _. LastUseTime) -lt (Get-Date) .AddDays (-30))} | Remove-WmiObject –WhatIf
- To exclude some profiles — e.g. special System and Network Service accounts, a local administrator account, users with active sessions, etc. — you need to modify the script as follows:
NOTE: Before running an automatic cleanup of old user profiles, thoroughly examine the script and test it within your environment! You can schedule the run of the script via GPO shutdown scripts or Task Scheduler.
- To automatically delete all users added to a specific AD group (for example, the DisabledUsers group), modify the script:
$users = Get-ADGroupMember -Identity DisabledUsers | Foreach {$_.Sid.Value}
$profiles = Get-WmiObject Win32_UserProfile
$profiles | Where {$users -eq $_.Sid} | Foreach {$_.Delete()}
Action1’s Remote Management Solutions
Staying competitive in the market is always a challenge, and loud words don’t do wonders for optimizing administrative tasks and scaling up IT productivity. But actions do! With Action1’s cloud-based patch management solution, your IT department will timely deliver patches and updates, manage IT assets, maintain remote access, and run many other complex tasks.
Read the TechRadar review of our product or be the judge — use Action1 for free on up to 100 endpoints free forever.