Well, I have a hard task of removing users' folders who have not logged for a specific day in computers, we will be doing that in users that have not logged for more than 90 days.
I encountered the problem when trying to query for NetworkLoginProfile.
We have an environment with more than 3000 computers and a lot of folders with vulnerable content and we wanted to use our endpoint management solution that supports PowerShell to correctly remove those folders.
Any ideas?
We get inconsistent data when we try to query windows to retrieve this information. I have tried many ways, such as:
Get-WmiObject -Class Win32_NetworkLoginProfile | Select-Object Name, FullName, @{Name="LastLogon"; Expression={[System.Management.ManagementDateTimeConverter]::ToDateTime($_.LastLogon).ToString("dd MMMM yyyy HH:mm:ss")}} | Format-Table
It seems to work and it actually worked, but when working with an environment where the user is not add into the computer user list, such in this case, where domain users are the computer administrator, then it fails and give dates such as 3 days ago, 1 day, even though that user have not logged in the machine for a year.
Is this querying the last login of the user in AD? Maybe that's the case.
I think it is possible to use PowerShell to delete user folders on a computer that were not logged in on a certain date. Here is a sample PowerShell script that can be used to query NetworkLoginProfile:
If you're getting inconsistent data when you try to query the window to retrieve this information, you may be querying AD for the user's last login time. You can try to use the following command to delete user profiles older than xx days (for example, the following command is for 90 days):
At the same time, I recommend trying to run it on a small number of computers for testing and then using it on all computers.