We have encountered an issue with several PCs in regards to updating properly with SCCM. During our troubleshooting we encountered a Local User in the Local Admin group created by ThinkVantage System Update. These users are dynamically created, each beginning with tvsu_tmp_ and then random Alpha-Numeric characters after the underscore. According to Lenovo, these accounts should automatically disappear once operations have finished, but they have not.
Somehow they seem to interfering with SCCM updating PCs, or either it is coincident that SCCM updates begin working properly once the account is removed from the PC.
Is there a way to use a wildcard after tvsu_tmp_ to allow group policy to delete these user accounts from the PCs? It will be time consuming to go to 200+ machines to remove these.