Completely Delete User Profiles with a Script

Windows Server,access,permission,ipsec fails,printers offline,printer installation,trusted sites,item,installation file missing,user profiles

Here’s a useful script that will automatically delete ALL user profiles that are on a Windows Server 2008/R2 computer.

This is a dangerous operation, designed for use by an administrator who needs to do a complete purge; for instance at the end of a semester.

For purposes of this example, we will use the following path for the script files:

  • Copy the below provided code into the notepad and save it as delete_profiles.vbs in D:\Scripts 
  • Create a new notepad file and copy the following line:

cscript.exe “D:\Scripts\delete_profiles.vbs SRVNAME” > “D:\Scripts\profile_delete.txt”

  • Where SRVNAME is the name of the server where you want to delete the profiles.The redirection (>) in that command line acts to create (or append) a text file named profile_delete.txt that will act to log the deletions.
  • Save it as delete_all_profiles.bat and save it in D:\Scripts
  • Create a scheduled job and run delete_all_profiles.bat at the desired time.
    I suggest using a batch file and setting up a scheduled task as that lets the script run with the necessary permissions.

Here is the code for the script file: delete_profiles.vbs

On Error Resume Next

args = WScript.Arguments.Count

If args <> 1 Then
  WScript.Echo "usage: delete_profiles SVRNAME"
  WScript.Echo "example (for remote profiles): cscript.exe delete_profiles SOMESERVER  "
  WScript.Echo "example (for local profiles): cscript.exe delete_profiles .  "
End If

strComputer = WScript.Arguments.Item(0)
Set objWMIService = GetObject("winmgmts:\\" & strComputer &"\root\cimv2")
Set colProfiles = objWMIService.ExecQuery("Select * from Win32_UserProfile")
Wscript.Echo "==" & WScript.Arguments.Item(0) & "==" & vbNewLine

For Each objProfile in colProfiles
  Set objSID = objWMIService.Get("Win32_SID.SID='" & objProfile.SID &"'")
      If (objSID.ReferencedDomainName = "DOMAIN NAME") Then
      If Not ((objSID.AccountName = "USERNAME TO EXCLUDE") Or (Left (objSID.AccountName,2) = "USERNAME PREFIX TO EXCLUDE")) Then
          Set objUserProfile = GetObject("winmgmts:{impersonationlevel=impersonate}!\\" _
          & strComputer &"\root\cimv2:Win32_UserProfile." _
          &"SID='" & objProfile.Sid &"'")
     Wscript.Echo objSID.AccountName & ";" & objSID.ReferencedDomainName & ";" & objProfile.LocalPath & " - " & "DELETED"
     End If
End If

NOTES: In line 19 you have to specify the domain name to be used in the script and in line 20 you can specify user accounts that shouldn’t be deleted, like Administrator accounts.

Courtesy: KresimiK

You may also like...

15 Responses

  1. Matt says:

    I get the following error (in the .txt file)when running the script:

    “Microsoft (R) Windows Script Host Version 5.8
    Copyright (C) Microsoft Corporation. All rights reserved.

    Input Error: There is no script engine for file extension “.vbs WM-ROSWELL”.

    Where “WM-ROSWELL” is the name of the server.

  2. Nik says:

    Hi Matt,

    you’re trying to run the following command right.

    cscript.exe nameofthevbs.vbs WM-ROSWELL

    Have you changed the script part where you have to enter the domain name?

  3. Matt says:

    Yes, but I used the NetBIOS name rather than the FQDN.

    Does this need to be run on the local server, or can I do this from my workstation?

    Thanks for the help!

  4. Nik says:

    You can do this from your workstation too.
    Is it working for you now Matt?

  5. Matt says:

    No it is not. I can email you the files (.vbs and .bat) I am using if you would like…

  6. Nik says:

    Please upload your file somewhere and post a link here.
    I will check it out..

  7. Nik says:

    Check if you have admin permissions on the target machine.

    Make sure to run script like this:

    Cscript.exe delete_profiles.vbs TARGETMACHINE > deleted.txt

    Also, run CMD in elevated mode if you have UAC turned on.

  8. Matt says:

    Where do I set those permissions?

    Do I just make a local admin account that matches my domain account name?

  9. Nik says:

    Your domain account has to be local administrator on the target machine.
    I’ve tried the script and the script successfully deleted all of the profiles that currently were not in use on the target machine.

  10. Matt says:

    I got it to work! I needed to take the quotes out of the .bat file…duh moment. I am by no means a script guru. It successfully worked on two terminal servers!

    Thanks again!

  11. Josh says:

    How do I do this for multiple usernames I want to ignore?

    And additionally is it easy to add a function such as (older than 7 days)? now that I’ve found your script classes have started this week and I need to delete all the student accounts older than a week ago.

  12. Adam says:

    I am trying to get this to work but the profiles do not appear to be deleting. In the log file, the output only shows the server name. Any thoughts?

  13. Nik says:

    Hi Adam,
    Script seems fine. Do you have Admin Permission on the target machine?

    Please check that you did everything right.
    You can also attach your script so I can download and check.

  14. Ganesan K says:

    Thanks for sharing nice techie info for ours.. keep posted buddy….

Leave a Reply

Your email address will not be published. Required fields are marked *

19 + 14 =

This site uses Akismet to reduce spam. Learn how your comment data is processed.