fswiontek
asked on
Roaming profiles not deleting upon logoff
We recently implemented roaming profiles into our network.
The C: partition was made to 10GB. Our users log into many different workstations, and in doing this the C: drive is filled up very quickly due to the amount of data they require (users).
I went into the Group policy editor and enabled the Delete Locally cached profiles upon logoff policy. Gave it the precedence of 1 and enforced the policy.
This didn't work, so i did some research and came across the UPHClean service and this is what I came up with.
Now this being the antivirus I do not know where to go from here.
The C: partition was made to 10GB. Our users log into many different workstations, and in doing this the C: drive is filled up very quickly due to the amount of data they require (users).
I went into the Group policy editor and enabled the Delete Locally cached profiles upon logoff policy. Gave it the precedence of 1 and enforced the policy.
This didn't work, so i did some research and came across the UPHClean service and this is what I came up with.
Now this being the antivirus I do not know where to go from here.
The following handles opened in user profile hive domain\user (S-1-5-21-3479431408-2233564226-1683169087-1391) are preventing the profile from unloading:
svchost.exe (1344)
HKCU (0x22c)
call stack data collection not enabled for this process
Rtvscan.exe (1512)
HKCU\Software\Intel\LANDesk\VirusProtect6\CurrentVersion\Custom Tasks (0x618)ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You need to edit group policy on the local or AD level, whichever you are currently doing.
Since the file must be accessible to Everyone, you should drop it on the local drive. I'm not a big fan of having a network share laid open.
In group policy, go to Computer Configuration\Windows settings\scripts\startup
You want to click "Add', then for script name put the file name and path, e.g. c:\delprof.exe
For the parameters you want /Q /I
Save that and it will delete all profiles when rebooted.
Since the file must be accessible to Everyone, you should drop it on the local drive. I'm not a big fan of having a network share laid open.
In group policy, go to Computer Configuration\Windows settings\scripts\startup
You want to click "Add', then for script name put the file name and path, e.g. c:\delprof.exe
For the parameters you want /Q /I
Save that and it will delete all profiles when rebooted.
ASKER
After adding this to the group policy I now receive an error stating:
winlogon.exe
at "0x1000449e" referenced memory at "0x1000449e" the memory could not be read.
after clicking cancel to debug or ok to ignore it comes up with a winlogon fatal error.
winlogon.exe
at "0x1000449e" referenced memory at "0x1000449e" the memory could not be read.
after clicking cancel to debug or ok to ignore it comes up with a winlogon fatal error.
Is this during logon or after logging in?
Can you login and remove the settings? If not, try safe mode...
Adding delprof.exe to the startup should not cause an error. Check the event log to see if there is any other entries.
Can you login and remove the settings? If not, try safe mode...
Adding delprof.exe to the startup should not cause an error. Check the event log to see if there is any other entries.
ASKER
This happens during the startup (startup scripts more specifically) There isnt a chance to logon. It stop and teh error occurs.
Removing the policy takes away this error.
A quick look at the event viewer showed nothing wrong. I will go over in more detail now.
Removing the policy takes away this error.
A quick look at the event viewer showed nothing wrong. I will go over in more detail now.
ASKER
Could not execute the following script \\server\E:\startup scripts\delprof.exe. The system cannot find the path specified.
This is the error I'm getting in event viewer. I have tried mapping using the browse feature.
Typing in the full path gives me no error and does not delete anything.
Browse gives me the error and gives me the blue screen without the deletion as well.
This is the error I'm getting in event viewer. I have tried mapping using the browse feature.
Typing in the full path gives me no error and does not delete anything.
Browse gives me the error and gives me the blue screen without the deletion as well.
ASKER
I got it, I just added the file locally to the c: and it worked. thanks for the help!
1. is the share E: or E$
2. Is the share accessible by the EVERYONE group and not just users or domain users?
When the computer is started, no one is logged on so there is no Domain User trying to access the share.
It can not delete profiles when they are in use.
Open a dos window and try and run it so you can see the error messages returned by delprof.exe
2. Is the share accessible by the EVERYONE group and not just users or domain users?
When the computer is started, no one is logged on so there is no Domain User trying to access the share.
It can not delete profiles when they are in use.
Open a dos window and try and run it so you can see the error messages returned by delprof.exe
ASKER