Solved

Windows Logoff GPO script/batch file to clear my documents and desktop, leaving shortcuts intact.

Posted on 2011-02-16
2
1,706 Views
Last Modified: 2012-05-11
Hi,

I am currently looking for a logoff script or batch file that i can place in our group policy for certain AD accounts. I need to clear the desktop and my documents of these accounts at each logoff, however i must ensure that it does NOT DELETE shortcut/link LNK files on the desktop.

Many thanks in advance

0
Comment
Question by:barryscott007
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 65

Accepted Solution

by:
RobSampson earned 500 total points
ID: 34923653
Hi there, try this to delete all items from Desktop and My Documents, without deleting .lnk files from the Desktop.

Please test it on a test system first.

Regards,

Rob.
' THIS LINE MUST BE PLACED IN THE MAIN CODE TO ALLOW THE DICTIONARY
' OBJECT TO REMAIN PERSISTENT FOR THE ISMEMBEROFGROUP FUNCTION
Dim objMemberships

Set objNetwork = CreateObject("WScript.Network")
Set objADSysInfo = CreateObject("ADSystemInfo")
Set objUser = GetObject("LDAP://" & objADSysInfo.UserName)
Set objShell = CreateObject("WScript.Shell")
Set objShellApp = CreateObject("Shell.Application")

Const DESKTOP = &H10&
Const MY_DOCUMENTS = &H5&

strGroup = "Test Group"
If IsMemberOfGroup(objUser, strGroup) = True Then

	strFolder = objShellApp.Namespace(DESKTOP).Self.Path
	' DeleteFiles accepts a certain file extension of files to NOT delete
	DeleteFiles strFolder, ".lnk"

	strFolder = strFolder = objShellApp.Namespace(MY_DOCUMENTS).Self.Path
	' DeleteFiles accepts a certain file extension of files to NOT delete
	DeleteFiles strFolder, ""

Else
	'WScript.Echo "You are not a member of " & strGroup
End If

Sub DeleteFiles(strFolderPath, strExcludeExtension)
	For Each objSubFolder In objFSO.GetFolder(strFolderPath).SubFolders
		DeleteFiles objSubFolder.Path, strExcludeExtension
	Next
	For Each objFile In objFSO.GetFolder(strFolderPath).Files
		If strExcludeExtension <> "" Then
			If Right(LCase(objFile.Name), Len(strExcludeExtension)) <> LCase(strExcludeExtension) Then objFile.Delete True
		Else
			objFile.Delete
		End If
	Next
	objFSO.DeleteFolder strFolderPath
End Sub

Function IsMemberOfGroup(objADUser, strGroupCN)
	If IsEmpty(objMemberships) = True Then
		Set objMemberships = CreateObject("Scripting.Dictionary")
		objMemberships.Add LCase("ALL"), 0
		If IsNull(objADUser.MemberOf) = False Then
			If TypeName(objADUser.MemberOf) = "String" Then
				objMemberships.Add LCase(Mid(Split(objADUser.MemberOf, ",")(0), 4)), 0
			Else
				For Each strGroupName In objADUser.MemberOf
					objMemberships.Add LCase(Mid(Split(strGroupName, ",")(0), 4)), 0
				Next
			End If
		End If
	End If
	If objMemberships.Exists(LCase(strGroupCN)) = True Then
		IsMemberOfGroup = True
	Else
		IsMemberOfGroup = False
	End If
End Function

Open in new window

0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question