0
Alessandro Panzetta 
0 pts. | Apr 27 2009 11:59AM GMT
What about checking the USER.DAT modified date in the c:documents and settings folders? This will tell you the latest user who legged on
Spotter0005 25 pts. | Apr 28 2009 4:20AM GMT
Good thought however would need to first know who is logged into it.
Trying to achieve by some sort of Bot or AD Query whch will provide data for the following task.
When removing an account from the AD. Search all computers this user has logged in to and then remove thier profiles from the workstations. Assigning users specific machines to log in to is not a viable solution for our network Been shot down several times on that principle.
Considered using the VBE scripts for search machines with username XXXX however this requires more systadmin time to review again the initial question of who is the primary user. Attempted Kixtart for creating the functions but again did not provide an easier means only more time spent machine by machine searching manually.
Should have been more explicit.
When removing a user form the domain want to perform the following task:
Remove the account (obvously) then remove the home folders, then perform a search on a given list of machines for the user’s profile and remove it from the workstation(s) clearing HD space for the next user.
Alessandro Panzetta 0 pts. | Apr 28 2009 10:15AM GMT
Well in order to see who is actually logged to a system you can use a simple VBS like this:
strComputer = “RemoteComputer”
Set objWMIService = GetObject(”winmgmts:” _
& “{impersonationLevel=impersonate}!\” & strComputer & “rootcimv2″)
Set colComputer = objWMIService.ExecQuery _
(”Select * from Win32_ComputerSystem”)
For Each objComputer in colComputer
Wscript.Echo <a href="http://objComputer.Us" title="http://objComputer. " target="_blank">objComputer.Us</a>erName
Next
MacLeod 80 pts. | Apr 28 2009 2:58PM GMT
Hello,
To find out where a specific user is logged on I use the SysInternals tool PSLOGGEDON.
Kind regards,
Duncan
Mshen 23535 pts. | Apr 28 2009 7:10PM GMT
The group policy logon script that I suggested will work because you can search the logon log to see which computer the user logged into and remove the user profile from each machine. That will eliminate any guess work in trying to find out which machine they logged on to. A similar logout script will give you a full cycle of when they logged in and when they logged out.
Spotter0005 25 pts. | Apr 30 2009 1:46AM GMT
Turns out Microsoft has a server 2003 resource kit tool delprof.
This enables the remote removal of profiles that have not been used in a specified number of days.
This combined with a home generated looping script for comparing a list of user accounts (domain login name) to a list of workstation accounts (pulled from AD) enables the removal of accounts from those who are leaving using ps tools PSexec running the bat file on the local machine to delete the content of the c:documents and settings
Thanks for your help
