Solved

Roaming profiles not deleting upon logoff

Posted on 2007-12-05
9
1,707 Views
Last Modified: 2010-05-11
We recently implemented roaming profiles into our network.
The C: partition was made to 10GB. Our users log into many different workstations, and in doing this the C: drive is filled up very quickly due to the amount of data they require (users).

I went into the Group policy editor and enabled the Delete Locally cached profiles upon logoff policy. Gave it the precedence of 1 and enforced the policy.

This didn't work, so i did some research and came across the UPHClean service and this is what I came up with.
Now this being the antivirus I do not know where to go from here.

The following handles opened in user profile hive domain\user (S-1-5-21-3479431408-2233564226-1683169087-1391) are preventing the profile from unloading: 

 

svchost.exe (1344)

  HKCU (0x22c)

    call stack data collection not enabled for this process

 

Rtvscan.exe (1512)

  HKCU\Software\Intel\LANDesk\VirusProtect6\CurrentVersion\Custom Tasks (0x618)

Open in new window

0
Comment
Question by:fswiontek
  • 5
  • 4
9 Comments
 
LVL 3

Accepted Solution

by:
top_gizmo earned 500 total points
ID: 20417257
It's easier than all that.  Drop delprof.exe on the local drive or on a share that is accessible by EVERYONE even non-authenticated users (not good) and execute it as a startup script.

Startup scripts are ran as the system.  If you use the /Q /I parameters it will delete all profiles off the computer on reboot.

I think UPHClean only unloads the hive, not remove the profile.
0
 

Author Comment

by:fswiontek
ID: 20438647
That worked great, but how do I add it to the startup script so this becomes automated.
0
 
LVL 3

Expert Comment

by:top_gizmo
ID: 20438672
You need to edit group policy on the local or AD level, whichever you are currently doing.

Since the file must be accessible to Everyone, you should drop it on the local drive.  I'm not a big fan of having a network share laid open.

In group policy, go to Computer Configuration\Windows settings\scripts\startup

You want to click "Add', then for script name put the file name and path, e.g. c:\delprof.exe

For the parameters you want /Q /I

Save that and it will delete all profiles when rebooted.
0
 

Author Comment

by:fswiontek
ID: 20438735
After adding this to the group policy I now receive an error stating:

winlogon.exe
at "0x1000449e" referenced memory at "0x1000449e" the memory could not be read.

after clicking cancel to debug or ok to ignore it comes up with a winlogon fatal error.
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 
LVL 3

Expert Comment

by:top_gizmo
ID: 20438757
Is this during logon or after logging in?

Can you login and remove the settings?  If not, try safe mode...

Adding delprof.exe to the startup should not cause an error.  Check the event log to see if there is any other entries.
0
 

Author Comment

by:fswiontek
ID: 20438775
This happens during the startup (startup scripts more specifically) There isnt a chance to logon. It stop and teh error occurs.
Removing the policy takes away this error.

A quick look at the event viewer showed nothing wrong. I will go over in more detail now.
0
 

Author Comment

by:fswiontek
ID: 20438899
Could not execute the following script \\server\E:\startup scripts\delprof.exe. The system cannot find the path specified.
This is the error I'm getting in event viewer. I have tried mapping using the browse feature.

Typing in the full path gives me no error and does not delete anything.
Browse gives me the error and gives me the blue screen without the deletion as well.
0
 

Author Comment

by:fswiontek
ID: 20438973
I got it, I just added the file locally to the c: and it worked. thanks for the help!
0
 
LVL 3

Expert Comment

by:top_gizmo
ID: 20438984
1.  is the share E: or E$

2.  Is the share accessible by the EVERYONE group and not just users or domain users?

When the computer is started, no one is logged on so there is no Domain User trying to access the share.  

It can not delete profiles when they are in use.

Open a dos window and try and run it so you can see the error messages returned by delprof.exe



0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I have never ceased to be amazed how many problems you can encounter on a fresh install of a Windows operating system.  This is certainly case in point& Unable to complete ANY MSI installation.  This means Windows Updates are failing and I can't …
So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now