I'm looking for a Powershell script to be created that can remove all evidence of user accounts (both local users and domain users), from a Windows computer, that haven't been logged into after 90 days.
My intention for this script is to run it automatically on a schedule to automate the cleaning and freeing up of storage space on individual computers by removing unused (greater than 90 days without being logged into) user accounts that are, or are not, part of a domain.
If a local user account is included in any other group, built-in group or custom group, *except* the Users group, then evidence of these accounts should NOT be deleted after 90 days.
If a domain user account is part of the Domain Admin group, evidence of these accounts should NOT be deleted after 90 days.
> If a user account is in the Users group, this WOULD be deleted after 90 days not being logged into.
> If a user account is in the Remote Desktop Users group, this would NOT be deleted after 90 days of not being logged into.
> If a domain user account is not logged into after 90 days, then it WOULD be removed from the computer after 90 days.
> If a domain user account that's part of the Domain Admin group is not logged into after 90 days, this user would NOT be deleted after 90 days.
The following accounts should be included in the script as explicitly NOT to be deleted after 90 days:
> Match: Administrator
> Match: DefaultAccount
> Match: Guest
> Match: WDAGUtilityAccount
> Match: Public
> Match: NetworkService
> Match: Localservice
> Match: systemprofile
> Like: LocalAdmin*
> Like: SID *500
I need all evidence of user accounts (local and domain) that fit the above removal criteria to be removed in Windows, after 90 days of not being logged into, from the following areas:
> Computer Management > Local Users and Groups > Users
> Settings > Accounts > Other Users
> HKLM:\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\
IMPORTANT! When it comes to the domain users, I am NOT looking to delete these users from Active Directory as part of this script. I am ONLY looking to remove any evidence of the domain user having logged into the computer on which the script is running.
This script should be able to successfully run in the Windows 8, Windows 8.1, Windows 10, and Windows 11 environments, supporting a minimum of Powershell version 5.1.
13 freelancere byder i gennemsnit $22/timen for dette job
Hey there, I had developed tons of PowerShell scripts. I have the required skills and experience. I can develop your required script to remove inactive users for 90 days. Regards!
Hello, I am working as a PowerShell developer from last 8 years. Have created many such automation related to AD We can connect to work further on this