Advice please :D

Hi All!

Hope you are having a great day. Bit of background…

There is a folder share on a server, that needs housekeeping. It holds old Roaming profiles that need to be cleared out and also live profiles.

I’ve been asked to create a script that compares the folder names (each named after their SamAccountName) to our AD environment, if they no longer exist in AD, purge the folder from the share.

I’d just like to know (while i’m waiting for AD role to be added to target server) if my code would, so far, at least tell me correctly if a user exists. If that makes no sense, let me know and i’ll try and expand.

$s = New-PSSession -ComputerName mcrfs16 -Credential ***\***

Import-Module ActiveDirectory

Invoke-Command -Session $s -Scriptblock {

D:

cd .\Profiles\

$files = @(Get-ChildItem)

# $DeletionFiles = @(import-csv ~\Downloads\NotInAD.csv)

$files.Name | ForEach-Object {

$accountnames = Get-ADUser -Filter * | Select-Object -Expand SamAccountName |

Where-Object {$accountnames -notcontains $_.Name | Write-Error "User" $accountnames "Does not exist"}

}

}

Once i’m confident of the following, i might be back to try and figure out how to delete the non-existing folders!

Many thanks :smiley:

Ok, so i’ve changed to running the script locally on the server for now, so don’t worry about the PSSession - I’m trying to get the where-object working and give me some sort of indication that the user does / does not exist, but so far all i’m getting is errors.

Here’s my current code

Import-Module ActiveDirectory

cd D:\Profiles\

$files = @(Get-ChildItem)

$files.Name | ForEach-Object {

$accountNames = Get-ADUser -Filter * | Select-Object -ExpandProperty SamAccountName |

Where-Object {$accountNames -notcontains $_.Name}  Write-Host "User " $accountNames " does not exist"

}

The corresponding error is:

Where-Object : A positional parameter cannot be found that accepts argument 'Write-Host'.

At line:10 char:9

+         Where-Object {$accountNames -notcontains $_.Name}  Write-Host "User " $a ...

+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+ CategoryInfo          : InvalidArgument: (:) [Where-Object], ParameterBindingException

+ FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.WhereObjectCommand

Your script logic would not work very well as you’re grabbing EVERY user in AD and checking to see if the user exists for EVERY folder. Look at this simple solution to get a boolean (true\false) of a folder. I would recommend using your C:\Users on your desktop to test, it’s the same principal.

#Get the files
$files = Get-ChildItem -Path 'D:\Profiles' -Directory
#Use a calculated expression to see if the folder name exists as a samaccountname in AD
$profiles = $files |
            Select *,
                   @{Name='ExistsInAd';Expression={[bool]([adsisearcher]"samaccountname=$($_.Name")).FindOne()}}

#Delete the profiles with no AD samaccountname
$profiles | Where{$_.ExistsInAd -eq $false} | Remove-Item -Recurse -Force -WhatIf

If you look at the $profiles, you can review account that do not exist:

PS H:\> $profiles | Where{$_.ExistsInAd -eq $false} | Select Name, FullName | ft -AutoSize

Name                 FullName                     
----                 --------                     
.NET v4.5            C:\Users\.NET v4.5           
Public               C:\Users\Public              
TEMP                 C:\Users\TEMP                

Then change the where to Where{$_.ExistsInAd -eq $true} to validate the accounts that DO exist. The script also has a -WhatIf on Remove-Item, so it will only tell you what would be deleted and not perform the actual delete. When you have tested, and then test again, and again then you just need to remove the -WhatIf switch to perform the delete.

Hi Rob,

 

That’s great thank you! I looked at the complications of the script i made and had some adjustments too, i now have:

Import-Module ActiveDirectory

 

$files = @(Get-ChildItem)

 

 

foreach ($f in $files)

{

 

try {

Get-AdUser -Identity $f.name

 

Write-Host "User $($f.name) exists"

} catch {

Remove-Item  $f.Name -recurse -Confirm:$false -WhatIf

}

}

This seems to work, tested with the -WhatIf also - thank you for your input :smiley: