Delete Local User Home Dir powershell

问题

function deleteUsers($hash) {
   foreach ($h in $hash.GetEnumerator()) {
    Try
    {
        Remove-LocalUser -Name $($h.Name)
    }
    Catch{
        "Can't Delete User {0}" -f $($h.Name)
    }
   }
}

function createUsers($hash) {
   foreach ($h in $hash.GetEnumerator()) {

    $Password = ConvertTo-SecureString $($h.Value) –AsPlainText –Force
    New-LocalUser -Name $($h.Name) -Password $Password -AccountNeverExpires -FullName $($h.Name) -PasswordNeverExpires -UserMayNotChangePassword
    Add-LocalGroupMember -Group "Users" -Member $($h.Name)
   }
}


$users = @{"User blabla" = "pass"; 
           "User blabla2" = "pass2"
        }

createUsers($users)
deleteUsers($users)

This basic powershell works fine but simply doesn't delete the user home directories, what should i add to deleteUsers function to fix this? I can't find an easy way to make it happen for Get-LocalUser. I only see solutions with Get-ADUser :/

I would love a solution on the same kind as below

$homeDir = Get-LocalUser -Name $($h.Name) -Properties HomeDirectory | Select -ExpandProperty HomeDirectory

    If (Test-Path $homeDir) 
    {
        Remove-Item -Path $homeDir -Force
    }

Thanks a lot

回答1:

I wouldn't recommend constructing the profile path as "C:\\Users\\{0}" -f $h.Name and then filtering Win32_UserProfile by that path. It's not guaranteed that a user's profile will always reside in C:\Users\<username>. Generally a better approach is:

1. Determine the user's SID:

   $name = 'someuser'
   $fltr = "name='${name}' and domain='${env:computername}'"
   $sid  = Get-WmiObject Win32_UserAccount -Filter $fltr |
           Select-Object -Expand SID
   

   or

   $name = 'someuser'
   $acct = New-Object Security.Principal.NTAccount($name)
   $sid  = $acct.Translate([Security.Principal.SecurityIdentifier]).Value
   

2. Use the SID to find and delete the profile:

   Get-WmiObject Win32_UserProfile -Filter "sid='${sid}'" | ForEach-Object {
       $_.Delete()
   }
   

3. Delete the account:

   Remove-LocalUser -Name $name
   

   or (if you're running an older versin of Windows)

   ([adsi]'WinNT://.').Delete('user', $name)
   

In that order.

If you already deleted an account and need to remove the orphaned profile you can filter Win32_UserProfile for profiles with a reference count of zero:

Get-WmiObject Win32_UserProfile -Filter 'refcount=0' | ForEach-Object {
    $_.Delete()
}

Also, note that $profile is an automatic variable with the path to your PowerShell profile, so you shouldn't use that variable for other things.

回答2:

thanks to TheIncorrigible1, i finally end up doing this

function deleteUsers($hash) {
   foreach ($h in $hash.GetEnumerator()) {
    Try
    {
        Remove-LocalUser -Name $($h.Name)
        $pathUser = "C:\\Users\\{0}" -f "$($h.Name)" 
        $profile = GWMI -class Win32_UserProfile -Filter "LocalPath='$pathUser'"
        $profile.Delete()
        "[ OK ]User {0} deleted" -f $($h.Name)
    }
    Catch{
        "Can't Delete User {0}" -f $($h.Name)
    }
   }
}

来源：https://stackoverflow.com/questions/48384178/delete-local-user-home-dir-powershell