?
Solved

Roaming profiles not deleting upon logoff

Posted on 2007-12-05
9
Medium Priority
?
1,713 Views
Last Modified: 2010-05-11
We recently implemented roaming profiles into our network.
The C: partition was made to 10GB. Our users log into many different workstations, and in doing this the C: drive is filled up very quickly due to the amount of data they require (users).

I went into the Group policy editor and enabled the Delete Locally cached profiles upon logoff policy. Gave it the precedence of 1 and enforced the policy.

This didn't work, so i did some research and came across the UPHClean service and this is what I came up with.
Now this being the antivirus I do not know where to go from here.

The following handles opened in user profile hive domain\user (S-1-5-21-3479431408-2233564226-1683169087-1391) are preventing the profile from unloading: 
 
svchost.exe (1344)
  HKCU (0x22c)
    call stack data collection not enabled for this process
 
Rtvscan.exe (1512)
  HKCU\Software\Intel\LANDesk\VirusProtect6\CurrentVersion\Custom Tasks (0x618)

Open in new window

0
Comment
Question by:fswiontek
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 3

Accepted Solution

by:
top_gizmo earned 2000 total points
ID: 20417257
It's easier than all that.  Drop delprof.exe on the local drive or on a share that is accessible by EVERYONE even non-authenticated users (not good) and execute it as a startup script.

Startup scripts are ran as the system.  If you use the /Q /I parameters it will delete all profiles off the computer on reboot.

I think UPHClean only unloads the hive, not remove the profile.
0
 

Author Comment

by:fswiontek
ID: 20438647
That worked great, but how do I add it to the startup script so this becomes automated.
0
 
LVL 3

Expert Comment

by:top_gizmo
ID: 20438672
You need to edit group policy on the local or AD level, whichever you are currently doing.

Since the file must be accessible to Everyone, you should drop it on the local drive.  I'm not a big fan of having a network share laid open.

In group policy, go to Computer Configuration\Windows settings\scripts\startup

You want to click "Add', then for script name put the file name and path, e.g. c:\delprof.exe

For the parameters you want /Q /I

Save that and it will delete all profiles when rebooted.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:fswiontek
ID: 20438735
After adding this to the group policy I now receive an error stating:

winlogon.exe
at "0x1000449e" referenced memory at "0x1000449e" the memory could not be read.

after clicking cancel to debug or ok to ignore it comes up with a winlogon fatal error.
0
 
LVL 3

Expert Comment

by:top_gizmo
ID: 20438757
Is this during logon or after logging in?

Can you login and remove the settings?  If not, try safe mode...

Adding delprof.exe to the startup should not cause an error.  Check the event log to see if there is any other entries.
0
 

Author Comment

by:fswiontek
ID: 20438775
This happens during the startup (startup scripts more specifically) There isnt a chance to logon. It stop and teh error occurs.
Removing the policy takes away this error.

A quick look at the event viewer showed nothing wrong. I will go over in more detail now.
0
 

Author Comment

by:fswiontek
ID: 20438899
Could not execute the following script \\server\E:\startup scripts\delprof.exe. The system cannot find the path specified.
This is the error I'm getting in event viewer. I have tried mapping using the browse feature.

Typing in the full path gives me no error and does not delete anything.
Browse gives me the error and gives me the blue screen without the deletion as well.
0
 

Author Comment

by:fswiontek
ID: 20438973
I got it, I just added the file locally to the c: and it worked. thanks for the help!
0
 
LVL 3

Expert Comment

by:top_gizmo
ID: 20438984
1.  is the share E: or E$

2.  Is the share accessible by the EVERYONE group and not just users or domain users?

When the computer is started, no one is logged on so there is no Domain User trying to access the share.  

It can not delete profiles when they are in use.

Open a dos window and try and run it so you can see the error messages returned by delprof.exe



0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question