Solved

Windows Logoff GPO script/batch file to clear my documents and desktop, leaving shortcuts intact.

Posted on 2011-02-16
2
1,755 Views
Last Modified: 2012-05-11
Hi,

I am currently looking for a logoff script or batch file that i can place in our group policy for certain AD accounts. I need to clear the desktop and my documents of these accounts at each logoff, however i must ensure that it does NOT DELETE shortcut/link LNK files on the desktop.

Many thanks in advance

0
Comment
Question by:barryscott007
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 65

Accepted Solution

by:
RobSampson earned 500 total points
ID: 34923653
Hi there, try this to delete all items from Desktop and My Documents, without deleting .lnk files from the Desktop.

Please test it on a test system first.

Regards,

Rob.
' THIS LINE MUST BE PLACED IN THE MAIN CODE TO ALLOW THE DICTIONARY
' OBJECT TO REMAIN PERSISTENT FOR THE ISMEMBEROFGROUP FUNCTION
Dim objMemberships

Set objNetwork = CreateObject("WScript.Network")
Set objADSysInfo = CreateObject("ADSystemInfo")
Set objUser = GetObject("LDAP://" & objADSysInfo.UserName)
Set objShell = CreateObject("WScript.Shell")
Set objShellApp = CreateObject("Shell.Application")

Const DESKTOP = &H10&
Const MY_DOCUMENTS = &H5&

strGroup = "Test Group"
If IsMemberOfGroup(objUser, strGroup) = True Then

	strFolder = objShellApp.Namespace(DESKTOP).Self.Path
	' DeleteFiles accepts a certain file extension of files to NOT delete
	DeleteFiles strFolder, ".lnk"

	strFolder = strFolder = objShellApp.Namespace(MY_DOCUMENTS).Self.Path
	' DeleteFiles accepts a certain file extension of files to NOT delete
	DeleteFiles strFolder, ""

Else
	'WScript.Echo "You are not a member of " & strGroup
End If

Sub DeleteFiles(strFolderPath, strExcludeExtension)
	For Each objSubFolder In objFSO.GetFolder(strFolderPath).SubFolders
		DeleteFiles objSubFolder.Path, strExcludeExtension
	Next
	For Each objFile In objFSO.GetFolder(strFolderPath).Files
		If strExcludeExtension <> "" Then
			If Right(LCase(objFile.Name), Len(strExcludeExtension)) <> LCase(strExcludeExtension) Then objFile.Delete True
		Else
			objFile.Delete
		End If
	Next
	objFSO.DeleteFolder strFolderPath
End Sub

Function IsMemberOfGroup(objADUser, strGroupCN)
	If IsEmpty(objMemberships) = True Then
		Set objMemberships = CreateObject("Scripting.Dictionary")
		objMemberships.Add LCase("ALL"), 0
		If IsNull(objADUser.MemberOf) = False Then
			If TypeName(objADUser.MemberOf) = "String" Then
				objMemberships.Add LCase(Mid(Split(objADUser.MemberOf, ",")(0), 4)), 0
			Else
				For Each strGroupName In objADUser.MemberOf
					objMemberships.Add LCase(Mid(Split(strGroupName, ",")(0), 4)), 0
				Next
			End If
		End If
	End If
	If objMemberships.Exists(LCase(strGroupCN)) = True Then
		IsMemberOfGroup = True
	Else
		IsMemberOfGroup = False
	End If
End Function

Open in new window

0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

631 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question