Remove Stale Profiles Windows 10

I am trying to automate the removal of old profiles from shared windows 10 machines on our domain. I have the below script that can run as a Scheduled task

 

Get-CimInstance win32_userprofile -Verbose | 
Where {(!$_.Special) -And ($_.LastUseTime -lt $(Get-Date).Date.AddDays(-30))} |
Remove-CimInstance -Verbose -WhatIf

But it would appear that something is modifying the usrclass.dat so the LastUseTime is not reporting correctly. i.e. a user may of not logged onto the machine for over a month but their usrclass.dat file was modified yesterday. Any ideas what other properties / files I can use to determine if a user has not logged in for 30 days ?

You don’ stay what OS you are running, and because even this effort may run into this issue …

Stale user profile folders are not deleted completely in Windows 7 or in Windows Server 2008 R2 https://support.microsoft.com/en-gb/help/2661663/stale-user-profile-folders-are-not-deleted-completely-in-windows-7-or

See also …

https://learn-powershell.net/2011/01/27/use-powershell-to-remove-local-profiles

How to delete user profiles older than a specified number of days in Windows
This PowerShell script sample shows how to delete user profiles older than a specified number of days.
https://gallery.technet.microsoft.com/scriptcenter/How-to-delete-user-d86ffd3c

Hi Postanote it is Windows 10 (1703) "I am trying to automate the removal of old profiles from shared windows 10 machines on our domain. "

That script uses the lastusetime (same as what I was using) see sample below, and this can get changed by symantec running even when that particular user has not logged in.

[pre]$UserProfileLists = Get-WmiObject -Class Win32_UserProfile | Select-Object @{Expression={$.__SERVER};Label=“ComputerName”},`
LocalPath,@{Expression={$
.ConvertToDateTime($.LastUseTime)};Label=“LastUseTime”} `
| Where{$
.LocalPath -notlike “$env:SystemRoot”}[/pre]

 

 

I just delete them all overnight. There’s a group policy that deletes them too. Or shared pc mode.

Unfortunately as the usrclass.dat and/or NTUser.dat last access time gets modified by Sep / windows update the Group policy is not working in our env. windows 10 2008 SP2 AD, so the only way I can get the GP to work is to run a script that modifies the last used date of the NT User.dat and I feel this is a bit of a cludge