如何使用 PowerShell 删除用户配置文件 [英] How to remove user profiles with PowerShell
问题描述
我有下面的脚本.如果我取消注释注释 #3
的行,我会收到错误
I have the script below. If I uncomment the line commented #3
, I get the error
Exception calling "Delete" with "0" argument(s): ""
At Z:\Scripts\Powershell\Remove-UserProfile.ps1:48 char:21
+ $Profile.Delete()
+ ~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : DotNetMethodException
无论我是使用 #1
还是 #2
中的格式查询 WMI.如果我留下 #3
注释,并取消注释 #4
,我会收到错误
regardless of whether I interrogate WMI using the format in #1
or #2
. If I leave #3
commented, and uncomment #4
, I get the error
Remove-WmiObject :
At Z:\Scripts\Powershell\Remove-UserProfile.ps1:49 char:21
+ Remove-WmiObject -InputObject $Profile
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [Remove-WmiObject], COMException
+ FullyQualifiedErrorId : RemoveWMICOMException,Microsoft.PowerShell.Commands.RemoveWmiObject
与 Get-WMIObject
的查询字符串无关.
regardless of the query string for Get-WMIObject
.
我在网上能找到的一切——包括其他几个 SO 问题——暗示这两种方法中的任何一种都应该有效,但似乎都没有.我已经检查过是否加载了目标配置文件,但没有加载.为什么我不能使用 WMI 删除用户配置文件?我该怎么做才能行得通,并且不涉及从第三方下载实用程序(我们的信息安全"团队不允许这样做)?
Everything I can find on the web - including a couple of other SO questions - implies that either of these methods should work, but neither seems to. I have checked to see if the target profile is loaded, and it is not. Why can I not use WMI to delete user profiles? What can I do that does work, and doesn't involve downloading a utility from a third-party (which is not permitted by our "information security" team)?
脚本:
function Remove-UserProfile {
<#
.SYNOPSIS
Removes user profiles from computers
#>
[CmdletBinding(SupportsShouldProcess=$true,ConfirmImpact="High")]
param(
[Parameter(ValueFromPipeline=$true,ValueFromPipelineByPropertyName=$true)]
[String[]]$ComputerName = $env:ComputerName,
[Alias("UserName","sAMAccountName")]
[String]$Identity,
[Int]$Age,
[Switch]$DomainOnly
)
BEGIN {
$NoSystemAccounts = "SID!='S-1-5-18' AND SID!='S-1-5-19' AND SID!='S-1-5-20' " # Don't even bother with the system accounts.
if ($DomainOnly) {
$SIDQuery = "SID LIKE '$((Get-ADDomain).DomainSID)%' " # All domain account SIDs begin with the domain SID
} elseif ($Identity.Length -ne 0) {
$SIDQuery = "SID LIKE '$(Get-UserSID -AccountName $Identity)' "
}
$CutoffDate = (Get-Date).AddDays(-$Age)
$Query = "SELECT * FROM Win32_UserProfile "
}
PROCESS{
ForEach ($Computer in $ComputerName) {
Write-Verbose "Processing Computer $Computer..."
if ($SIDQuery) {
$Query += "WHERE " + $SIDQuery
$FilterStr = $SIDQuery
} else {
$Query += "WHERE " + $NoSystemAccounts
$FilterStr = $NoSystemAccounts
}
Write-Verbose "Querying WMI using '$Query' and filtering for profiles last used before $CutoffDate ..."
#1 $Profiles = Get-WMIObject -Query $Query | Where-Object { [Management.ManagementDateTimeConverter]::ToDateTime($_.LastUseTime) -lt $CutoffDate }
#2 $Profiles = Get-WMIObject -ComputerName $Computer -Class Win32_UserProfile -Filter $FilterStr | Where-Object { [Management.ManagementDateTimeConverter]::ToDateTime($_.LastUseTime) -lt $CutoffDate }
ForEach ($Profile in $Profiles) {
if ($PSCmdlet.ShouldProcess($Profile)) {
#3 $Profile.Delete()
#4 Remove-WmiObject -InputObject $Profile
}
}
}
}
END {}
}
推荐答案
您必须以管理员身份运行脚本.
You have to run the script as Administrator.
这篇关于如何使用 PowerShell 删除用户配置文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!