locked
pleasea delete RRS feed

All replies

  • User profiles will have system locked files that cannot be deleted with the file system.

    Use WMI to get the profile and use the WMI "Delete()" method. It will remove the profile but can have issues with corrupted profiles or profiles where WER has pending updates. To avoid this restart the system before deleting the profile.


    \_(ツ)_/

    Tuesday, February 20, 2018 2:41 PM
  • Thanks JRV for the response, but isn't that what i'm doing above in my script?  Where am i going wrong?
    Tuesday, February 20, 2018 2:53 PM
  •  No.  Its not.

    $prof = Get-WmiObject Win32_UserProfile -Filter  "SID='S-1-5- ..... '"
    $prof.Delete()

    You have to get the specific profile by user SID and execute the "Delete()" method.


    \_(ツ)_/

    Tuesday, February 20, 2018 3:11 PM
  • Here is a more complete version of the code:

    $domain = 'ALPHA'
    $user = 'Testuser'
    $usersid = (Get-WmiObject Win32_useraccount -Filter "Domain='$domain' AND Name='$user'").GetRelated('Win32_SID').SID
    $prof = Get-WmiObject Win32_UserProfile -filter "SID='$usersid'"
    $prof.Delete()
    Test-Path $prof.LocalPath

    Each version of Windows has different requirements for profile removal.  THis method guarantees that all files will be closed and that all registry updates will be done correctly for the version.

    Corrupt profiles may still present a problem and require a restart before trying a removal.


    \_(ツ)_/



    • Edited by jrv Tuesday, February 20, 2018 3:27 PM
    Tuesday, February 20, 2018 3:24 PM
  • You may have to do it after a reboot.  Sometimes services are processing files in the profile even after logout.  Note that many app-related registry entries and files are left even after the profile is deleted.

    Tuesday, February 20, 2018 3:54 PM
  • You may have to do it after a reboot.  Sometimes services are processing files in the profile even after logout.  Note that many app-related registry entries and files are left even after the profile is deleted.

    No.  The WMI delete works like the GUI delete and waits for any services that are using the profile to complete. ON newer systems the services will be told to release.  Only rogue processes ca n lock profile files.

    The registry is also cleaned correctly by the WMI delete method which is why we use it and we do not use file deletion.

    This has been available since W2K but has always been poorly documented.

    When this method finishes it may finish with an error but the files causing the error will be unlocked after a restart.  They can usually be safely ignored and deleted at any convenient time using the file system.


    \_(ツ)_/

    Tuesday, February 20, 2018 4:02 PM
  • Believe me, in Windows 10, all kinds of SID-related cruft is left over after a profile delete:  https://social.technet.microsoft.com/Forums/en-US/1c59e5e2-0517-4ad5-a07b-8f291145c333/how-do-you-cleanly-delete-a-profile?forum=win10itprosetup

    Tuesday, February 20, 2018 4:06 PM
  • Believe me, in Windows 10, all kinds of SID-related cruft is left over after a profile delete:  https://social.technet.microsoft.com/Forums/en-US/1c59e5e2-0517-4ad5-a07b-8f291145c333/how-do-you-cleanly-delete-a-profile?forum=win10itprosetup

    Never happens.  The WMI delete and the GUI delete both clean the registry.  The machine key only has two or three locations that require removal.  Other keys are scratch keys and can be ignored.

    The link is about an unfounded obsession with the registry. Most of those keys get reset on every login. Remember all profile and GPO keys get set on each login but are never deleted on logoff because it is a waste of time.

    The GPO keys are rewritten on each GPO refresh but only if the user is logged in.  GPO does not apply to inactive accounts.


    \_(ツ)_/

    Tuesday, February 20, 2018 4:25 PM
  • Those leftover file and registry items get processed by services on every boot and login.  Eventually boot and login get slower and slower, and then search eventually stops working.  That is my experience.

    Tuesday, February 20, 2018 4:31 PM
  • Not true.  If the profile is deleted those entries will never get processed.  There are far too few of those entries to cause a slow login for other accounts.  Also the profile delete cleans out most of those keys.

    There are many things that can corrupt the registry and also the fast boot image can get damaged or loaded.  Performing a clean boot will delete the current acceleration and rebuild it cleanly.  Boots will be faster.  Login scripts in W10 and later are also notorious for slowing logins if GP sets them to run sync.  Don't set drives printers and other things in a login script.  Use GP Preferences and be sure all, profiles are not set to run sync.

    I have many desktops of all varieties that have never slowed down for years. I do have one W7 system that gets slowed and I have not been able to find what is bad. Of course I could just rebuild the profile that is slow and the problem would disappear but trying to figure it out is more fun and the user logs in before coffee so she never sees the wait.


    \_(ツ)_/

    Tuesday, February 20, 2018 4:40 PM
  • I have many multi-user labs.  I have confirmed my findings with process monitor.  For example, you will see many firewall rules per user created under here:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\AppIso\FirewallRules

    This used to be right here under (about 100 per user):

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System

    and the firewall service would peak at 25% cpu on every login.  Now Microsoft has "swept it under the rug" to postpone the problem.


    • Edited by JS2010 Tuesday, February 20, 2018 5:21 PM
    Tuesday, February 20, 2018 5:21 PM
  • please take also a look to https://helgeklein.com/free-tools/delprof2-user-profile-deletion-tool/

    its a oneliner simple tool for you


    Chris

    Tuesday, February 20, 2018 7:50 PM
  • Yes. DelProf2 is a very good utility although it is just a C wrapper around the WMI userprofile delete although he may be calling the WMIs underlying API.  I suspect not because the API does not support remoting and WMI does.  Either way it would always work on any version of Windows it is used with.


    \_(ツ)_/

    Tuesday, February 20, 2018 9:27 PM
  • I have many multi-user labs.  I have confirmed my findings with process monitor.  For example, you will see many firewall rules per user created under here:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\AppIso\FirewallRules

    This used to be right here under (about 100 per user):

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System

    and the firewall service would peak at 25% cpu on every login.  Now Microsoft has "swept it under the rug" to postpone the problem.


    None of this has anything to do with user profiles.  A user profile is entirely stored in the profile folder with the exception that the HKLM key keeps a list of profiles and a small bit of extra data to help with loading. 

    What you have here looks like a badly designed GP policy.  All of these should not be set per user but should be set per machine.  They are firewall restrictions on network access to and from services and apps.  Fix whatever policy is designed wrong and this issue will go away.

    Sometimes these issues come from third party apps and tools that are not used correctly or are not designed correctly. 


    \_(ツ)_/

    Wednesday, February 21, 2018 9:27 PM
  • Where is the function declaration at the top?  This command has a syntax error:  "Add-Member Size -Value  -PassThru".  



    • Edited by JS2010 Thursday, March 8, 2018 9:04 PM
    Thursday, March 8, 2018 9:01 PM
  • Where is the function declaration at the top?  This command has a syntax error:  "Add-Member Size -Value  -PassThru".  



    There is no rule that says a script has to have a "function" declaration.  Where did you find that bad advice? A script file behaves exactly like a function and does  not need to be dot sourced. 


    \_(ツ)_/

    Thursday, March 8, 2018 9:40 PM
  • You have to select the user by SID as I showed you above.

    For get about complicated scripts and functions.  Use my example until you understand how it works.  After understanding comes the making things look like a programmer did it. 


    \_(ツ)_/

    Thursday, March 8, 2018 9:43 PM