Solved

Delete user profiles older than a specified number of days on system restart. not working

Posted on 2009-03-30
4
2,887 Views
Last Modified: 2012-05-06
We have about 300 Vista Enterprise SP1 x86 Lab computers on a 2003 domain that is a child domain of a 2008 forest/parent domain. I have built a new group policy that is using the "Delete user profiles older than a specified number of days on system restart" setting and specifying 30 days.  But for some reason after the systems reboot, and I log in with an administrator, the user profile service never searches and cleans up old profiles.  I can see profiles that are clearly older than 30 days in the c:\users directory and the application log doesn't show any events from search-ProfileNotify event source.

I've tried disabling roaming profiles thinking that was an issue.  I've verified through rsop.msc that the policy is indeed applying successfully, it just never does anythying.  

Is there something else that I'm supposed to set and I'm missing?
0
Comment
Question by:bry1000_wpi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 54

Expert Comment

by:McKnife
ID: 24033723
Hi. The problem seems to be the number 300...see http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Windows/Windows_Vista/Q_24254270.html
No, I finally found out - it's simply a bug.
Solution: apply the corresponding registry value - I could confirm it working.
HKLM\Software\Policies\Microsoft\Windows\System
Type:RegDWord(32)
Name:CleanupProfiles
Value: maximum age in days
0
 
LVL 54

Expert Comment

by:McKnife
ID: 24033759
To distribute/deploy this registry setting, use either a startup script or group policy preferences (GPP).
0
 

Author Comment

by:bry1000_wpi
ID: 24038417
Yeah, I had deployed that registry setting via group policy and it still wasn't working.
I have however figured out what the problem is.

When I looked in the User Profiles menu on all of my machines, the modified date was saying the current date always.  After some digging it looks like every morning at 2am, Windows Defender was runninng and modifying the ntuser.dat in each user's profile account, thus marking it as modified that morning.  

Yesterday I disabled Windows Defender with Policy and this morning the modified dates on the profiles are no longer updated to today, they are still at 3/31/2009.  This means that windows defender didn't scan and change the modified flag on the ntuser.dat files this morning so the policy "should" start working once I deploy it more globally.  

The bigger question (not for this forum I guess) is why was Windows Defender Marking any files as modified when it's running a scan.  McAfee doesn't do that, nor do any backup programs I've ever seen.  So does that mean that windows defender actually opens up these user hive files and is doing something within them.  Kind of scary and odd to me... but at least I know why now.
0
 

Accepted Solution

by:
bry1000_wpi earned 0 total points
ID: 24038552
I just verified on one of my test machines by setting the policy to 1 day and now it is working.  

In the end turning off windows defender fixed the issue.
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we will discuss all things related to StageFright bug, the most vulnerable bug of android devices.
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question