Product and service reviews are conducted independently by our editorial team, but we sometimes make money when you click on links. Learn more.
 

How To Manage User Profiles With PowerShell

How To Manage User Profiles With PowerShell
By

Managing Windows user profiles can be time consuming and tedious. Here are some tips and tricks on how to leverage PowerShell to enumerate and remove single and multiple Windows user profiles with ease.

A common pain point in an IT administrator's career is managing user profiles. User profiles are a ubiquitous part of a Windows IT pro's life—especially those that manage virtual desktop environments like Remote Desktop Services (RDS). IT pros have to deal with corrupted user registry hives and files that need to be shared across all user profiles; they also need to figure out how to recreate corrupt profiles and so on.

What was once a frustrating experience has gotten a little less frustrating with PowerShell. Here are a few ways that PowerShell can make managing Windows user profiles easier.

MORE: All PowerShell Tutorials

Enumerating User Profiles

It's easy to take a peek at user profiles on the file system on a single Windows computer. Simply look in the C:Users folder. However, when you do this not only are you not getting the full picture, it's also troublesome due to potential file system access problems. There's a better way and that's through WMI. 

In WMI, a class exists called Win32_UserProfile. This class contains all of the profiles that exist on a machine and lots of other useful information that a simple file system folder won't show you.

Using PowerShell you can access this WMI class with the Get-CimInstance or Get-WmiObject cmdlets. In Figure 1 below, we're finding the first user profile on the local computer. You'll notice many useful tidbits of information like LastUseTime, SID and from here, you can also drill down further and get specific paths like Desktop, Documents, Favorites, etc.

Figure 1 - Example Win32_UserProfile profileFigure 1 - Example Win32_UserProfile profile

Since this is part of WMI, we can easily extend this from a single computer to many computers using the ComputerName parameter. In order to be compatible with down-level operating systems, we can use the Get-WmiObject cmdlet here to enumerate user profiles on the MEMBERSRV1 and CLIENT2 computers.

Get-WmiObject -Class Win32_UserProfile -ComputerName 'MEMBERSRV1','CLIENT2'

Removing User Profiles

Another common task when managing user profiles is removing them. I can't count how many times I've had to remove user profiles because something got corrupted and I just needed the user to log in again and recreate it. At one time, I would simply have the user log off and remove the C:Users<UserName> folder from the file system. Usually it works, sometimes it doesn't. What I didn't realize was that I was actually leaving some remnants behind. The proper way to do this—and the easier way—is to initiate a removal via WMI.

Using the same WMI class we just went over, it's possible to not only just view profiles but I can completely remove them as well. This is the same as going into the User Profiles box under System settings and hitting the Delete button.

Figure 2 - User Profile WindowFigure 2 - User Profile Window

To do this, I'll enumerate the user profiles again and this time apply a filter to pick a single user profile to remove. In this case, I'd like to remove the user profile called Administrator.CLIENT1. I can do this by using PowerShell's Where-Object cmdlet and some string manipulation to grab the user folder name from the LocalPath property—that section is shown below in bold.

Get-WmiObject -Class Win32_UserProfile | where {$_.LocalPath.split('')[-1] -eq 'Administrator.CLIENT1'} | foreach {$_.Delete()}

Once I'm enable to narrow down that single profile I can then call the Delete() method for each object that Get-WmiObject outputs—in this case only 1—which will then remove the user profile from the file system as well as the registry.

Get-WmiObject -Class Win32_UserProfile | where {$_.LocalPath.split('')[-1] -eq 'Administrator.CLIENT1'} | foreach {$_.Delete()}

Again, if you'd like to extend this to multiple computers you'd simply use the –ComputerName parameter on Get-WmiObject.

Get-WmiObject -Class Win32_UserProfile –ComputerName CLIENT1,CLIENT2 | where {$_.LocalPath.split('')[-1] -eq 'Administrator.CLIENT1'} | foreach {$_.Delete()}

Use WMI, Not The File System

You've now seen an easy way to enumerate and remove Windows user profiles. If you weren't aware of the WMI class Win32_UserProfile you may have been correlating the C:Users<Username> folder as the profile. Now you can see there's much more to the user profile than a simple file system folder. Use WMI the next time you need to query or remove user profiles from computers in your environment.

RELATED: