In this post we are going to look at utilizing a tool called DelProf and a small PowerShell script to delete user profiles on workstations remotely.

First we need to download the tool, it’s just one executable file that can be found here

The reason for using DelProf2.exe over the syntax’s Remove-Item or leveraging WMI to delete user profile folders, is you are guaranteed to run into permission problems with recursive junction folders when you aren’t using DefProf.

This blog post explains why junction folders are such a pain when it comes to automating local profile deletion. In short they are a symbolic link to another directory on the computer with Deny All access to Everyone.

If you have tried it yourself, you will be familiar with PowerShell errors similar to the one below:

Access to the path ‘\COMPUTERNAME\C$\Users\PROFILEFOLDER\AppData\Local\Application Data’ is denied. + CategoryInfo : PermissionDenied: (\COMPUTERNAME\C$…ncken-a\AppData:String) [Remove-Item ], UnauthorizedAccessException + FullyQualifiedErrorId : RemoveItemUnauthorizedAccessError,Microsoft.PowerShell.Commands.RemoveIte mCommand + PSComputerName : COMPUTERNAME

After downloading DefProf2.exe-

Place the DelProf2.exe in a folder on your C: drive, call the folder delprof. This is important because the script will look for the executable at the filepath “C:\delprof\DelProf2.exe.”



After that create your small script-

When the script below is run , all you need to do is input the hostname of the workstation(s) and the name of the profile folder, this being the username of the account. Feel free to use wildcards if you want to target multiple workstations or profiles.

############################################### # Delete local profile folders # # Cameron Yates - sysadminguides.org # ############################################### Param ( [ parameter ( mandatory = $true , HelpMessage = "Please type the Hostname of the workstation(s) Use wildcards for a collection" )][ValidateNotNullOrEmpty()] [String] $Hostname , [ parameter ( mandatory = $true , HelpMessage = "Please enter the user account (profile folder name)" )][ValidateNotNullOrEmpty()] [String] $UserProfile ) If ( $UserProfile -ne $null ){ $Computers = Get-ADComputer -Filter {Name -like $Hostname } ForEach ( $computer in $computers ) { $ComputerN = $computer .Name $runpath = "C:\delprof\DelProf2.exe" $arguments = "/u /c:\\$ComputerN /id:$UserProfile" Start-Process -filepath $runpath -Verb runAs -ArgumentList $arguments }}

User Friendly Version – Asks for confirmation to run and has more instructions

############################################### # Delete local profile folders # # Created by - Cameron Yates # ############################################### Param ( [ parameter ( mandatory = $true , HelpMessage = "Please type the Hostname of the workstation(s) Use wildcards for a collection" )][ValidateNotNullOrEmpty()] [String] $Hostname , [ parameter ( mandatory = $true , HelpMessage = "Please enter the user account (profile folder name)" )][ValidateNotNullOrEmpty()] [String] $UserProfile ) If ( $UserProfile -ne $null ){ Write-host ' ' Write-host '**Make sure you have created a folder on your C: drive called "del prof" containing DelProf2.exe** ' -foreground "Yellow" Write-host ' ' Write-host 'Are you happy with your inputs? Wildcards (*) in this instance can be dangerous' $Command = Read-Host "Enter Yes continue" If ( $Command -eq "Yes" ){ $Computers = Get-ADComputer -Filter {Name -like $Hostname } ForEach ( $computer in $computers ) { $ComputerN = $computer .Name $runpath = "C:\delprof\DelProf2.exe" $arguments = "/u /c:\\$ComputerN /id:$UserProfile" Start-Process -filepath $runpath -Verb runAs -ArgumentList $arguments }} Else { Write-host ' ' Write-host 'Incorrect input, please re-run the script and next time input Yes to confirm you are happy for the script to run' -foreground "Red" Write-host ' ' $host .enternestedprompt() } }

What the script does is it uses your input for the variable $Hostname to query AD for the workstation(s), to which it then runs DelProf2.exe against that workstation(s) from the executable on your machine. Delprof will then query the remote workstations C:\Users filepath, and delete the profile folder(s) you specified in the $UserProfile variable.

That’s it – you are all set!

Hope this was helpful – enjoy effortlessly deleting local profiles from workstations remotely.

Thanks for reading – feel free to follow and stay updated 🙂 View sysadminguides’s profile on Facebook View GuidesSysadmin’s profile on Twitter View 115372466162675927272’s profile on Google+