如何使用 PowerShell 删除用户配置文件 [英] How to remove user profiles with PowerShell

问题描述

我有下面的脚本.如果我取消注释注释 #3 的行，我会收到错误

I have the script below. If I uncomment the line commented #3, I get the error

Exception calling "Delete" with "0" argument(s): ""
At Z:\Scripts\Powershell\Remove-UserProfile.ps1:48 char:21
+                     $Profile.Delete()
+                     ~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : DotNetMethodException

无论我是使用 #1 还是 #2 中的格式查询 WMI.如果我留下 #3 注释，并取消注释 #4，我会收到错误

regardless of whether I interrogate WMI using the format in #1 or #2. If I leave #3 commented, and uncomment #4, I get the error

Remove-WmiObject : 
At Z:\Scripts\Powershell\Remove-UserProfile.ps1:49 char:21
+                     Remove-WmiObject -InputObject $Profile
+                     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [Remove-WmiObject], COMException
    + FullyQualifiedErrorId : RemoveWMICOMException,Microsoft.PowerShell.Commands.RemoveWmiObject

与 Get-WMIObject 的查询字符串无关.

regardless of the query string for Get-WMIObject.

我在网上能找到的一切——包括其他几个 SO 问题——暗示这两种方法中的任何一种都应该有效，但似乎都没有.我已经检查过是否加载了目标配置文件，但没有加载.为什么我不能使用 WMI 删除用户配置文件?我该怎么做才能行得通，并且不涉及从第三方下载实用程序(我们的信息安全"团队不允许这样做)?

Everything I can find on the web - including a couple of other SO questions - implies that either of these methods should work, but neither seems to. I have checked to see if the target profile is loaded, and it is not. Why can I not use WMI to delete user profiles? What can I do that does work, and doesn't involve downloading a utility from a third-party (which is not permitted by our "information security" team)?

脚本:

function Remove-UserProfile {
<#
.SYNOPSIS
Removes user profiles from computers
#>

    [CmdletBinding(SupportsShouldProcess=$true,ConfirmImpact="High")]

    param(
        [Parameter(ValueFromPipeline=$true,ValueFromPipelineByPropertyName=$true)]
        [String[]]$ComputerName = $env:ComputerName,

        [Alias("UserName","sAMAccountName")]
        [String]$Identity,

        [Int]$Age,

        [Switch]$DomainOnly
    )

    BEGIN {
        $NoSystemAccounts = "SID!='S-1-5-18' AND SID!='S-1-5-19' AND SID!='S-1-5-20' " # Don't even bother with the system accounts.
        if ($DomainOnly) {
            $SIDQuery = "SID LIKE '$((Get-ADDomain).DomainSID)%' "                      # All domain account SIDs begin with the domain SID
        } elseif ($Identity.Length -ne 0) {
            $SIDQuery = "SID LIKE '$(Get-UserSID -AccountName $Identity)' "
        }
        $CutoffDate = (Get-Date).AddDays(-$Age)
        $Query = "SELECT * FROM Win32_UserProfile "
    }

    PROCESS{
        ForEach ($Computer in $ComputerName) {
            Write-Verbose "Processing Computer $Computer..."
            if ($SIDQuery) {
                $Query += "WHERE " + $SIDQuery
                $FilterStr = $SIDQuery
            } else {
                $Query += "WHERE " + $NoSystemAccounts
                $FilterStr = $NoSystemAccounts
            }
            Write-Verbose "Querying WMI using '$Query' and filtering for profiles last used before $CutoffDate ..."
#1            $Profiles = Get-WMIObject -Query $Query | Where-Object { [Management.ManagementDateTimeConverter]::ToDateTime($_.LastUseTime) -lt $CutoffDate }
#2            $Profiles = Get-WMIObject -ComputerName $Computer -Class Win32_UserProfile -Filter $FilterStr | Where-Object { [Management.ManagementDateTimeConverter]::ToDateTime($_.LastUseTime) -lt $CutoffDate }
            ForEach ($Profile in $Profiles) {
                if ($PSCmdlet.ShouldProcess($Profile)) {
#3                    $Profile.Delete()
#4                    Remove-WmiObject -InputObject $Profile
                }
            }
        }
    }

    END {}
}

推荐答案

您必须以管理员身份运行脚本.

You have to run the script as Administrator.

这篇关于如何使用 PowerShell 删除用户配置文件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！