Our organization is a Windows 2003 AD Domain with several hundred XP Pro clients. We do not use roaming profiles. This, over time leaves numerous orphaned profiles as users leave and their domain accounts are deleted. I am looking for a way to programatically have non AD account profiles removed when the computer is rebooted or on log out.
When a user leaves, the account is disabled and moved to a Disabled User OU for a two week period. After that, the account is deleted from AD.
The way I see it working is as follows. Please forgive the bad pseudo code :)
Enumerate profiles in C:\Documents and Settings
Compare Profile 1 to active AD Users
If match, Do Nothing
If match Exempted account (Local Admin, Default User) Do Nothing
If no match, delete profile
Log Deletion to network storage
Any and all assistance is greatly appreciated.