Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Delete user profiles older than a specified number of days on system restart. not working

Posted on 2009-03-30
4
Medium Priority
?
3,129 Views
Last Modified: 2012-05-06
We have about 300 Vista Enterprise SP1 x86 Lab computers on a 2003 domain that is a child domain of a 2008 forest/parent domain. I have built a new group policy that is using the "Delete user profiles older than a specified number of days on system restart" setting and specifying 30 days.  But for some reason after the systems reboot, and I log in with an administrator, the user profile service never searches and cleans up old profiles.  I can see profiles that are clearly older than 30 days in the c:\users directory and the application log doesn't show any events from search-ProfileNotify event source.

I've tried disabling roaming profiles thinking that was an issue.  I've verified through rsop.msc that the policy is indeed applying successfully, it just never does anythying.  

Is there something else that I'm supposed to set and I'm missing?
0
Comment
Question by:bry1000_wpi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 56

Expert Comment

by:McKnife
ID: 24033723
Hi. The problem seems to be the number 300...see http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Windows/Windows_Vista/Q_24254270.html
No, I finally found out - it's simply a bug.
Solution: apply the corresponding registry value - I could confirm it working.
HKLM\Software\Policies\Microsoft\Windows\System
Type:RegDWord(32)
Name:CleanupProfiles
Value: maximum age in days
0
 
LVL 56

Expert Comment

by:McKnife
ID: 24033759
To distribute/deploy this registry setting, use either a startup script or group policy preferences (GPP).
0
 

Author Comment

by:bry1000_wpi
ID: 24038417
Yeah, I had deployed that registry setting via group policy and it still wasn't working.
I have however figured out what the problem is.

When I looked in the User Profiles menu on all of my machines, the modified date was saying the current date always.  After some digging it looks like every morning at 2am, Windows Defender was runninng and modifying the ntuser.dat in each user's profile account, thus marking it as modified that morning.  

Yesterday I disabled Windows Defender with Policy and this morning the modified dates on the profiles are no longer updated to today, they are still at 3/31/2009.  This means that windows defender didn't scan and change the modified flag on the ntuser.dat files this morning so the policy "should" start working once I deploy it more globally.  

The bigger question (not for this forum I guess) is why was Windows Defender Marking any files as modified when it's running a scan.  McAfee doesn't do that, nor do any backup programs I've ever seen.  So does that mean that windows defender actually opens up these user hive files and is doing something within them.  Kind of scary and odd to me... but at least I know why now.
0
 

Accepted Solution

by:
bry1000_wpi earned 0 total points
ID: 24038552
I just verified on one of my test machines by setting the policy to 1 day and now it is working.  

In the end turning off windows defender fixed the issue.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many reasons a PC runs slower than when it was new, ranging from malicious software intended to mess things up to simple general Windows use.  Your PC performance may slowly degrade over time without you noticing but when you buy a PC from…
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question