Powershell Needful Things put that in your pipeline

11Mar/0923

Automatically clean up orphaned user directories

We've had a huge problem where users were removed from Active Directory, but somehow the administrators neglected to remove the home folder for the user from the file servers. This left someone with the nasty task of cleaning up the mess.
This script will work through a directory of home folders and lookup the user in AD. This is assuming that the home folder and the user id are the same. If the user is not found, or the account is disabled, the folder will be renamed with a leading "orphan-" followed by the original name. The script requires a parameter, which is the path where the folders are located. e.g. "findorphans.ps1 c:\users" The script requires that the Quest Powershell Commandlets are installed, and they can be downloaded free, here.

param($target)
$folders=Get-ChildItem -Path $target | Where-Object {$_.Name -notlike "orphan*" -and ($_.PSISContainer)} | Select-Object name
foreach ($folder in $folders){
Write-Host ""
$userid=""
"PROCESSING FOLDER: {0} "   -f $folder.name
write-host "Searching for a possible owner..."
$user=Get-QADUser $folder.name
$useracc=$user.AccountIsDisabled
$userid=$user.samaccountname
$newid="orphan-" + $folder.name
$fullpath=$target + "\" + $folder.name
$fullpath
"Account Disabled: {0} "   -f $user.AccountIsDisabled

if ($userid.length -lt "0" -or $user.AccountIsDisabled -eq "True") {
Write-Host "No owner found or account disabled, orphan folder renamed to" $newid -ForegroundColor Red
rename-Item -Path $fullpath -NewName $newid
}
else {
Write-Host "Owner found" $user -ForegroundColor Green
}
}
Comments (23) Trackbacks (0)
  1. this looks like it is something i could definetly use. One question, will it accept UNC paths? Can i run this from my desktop machine against my file server, or should it run directly on the file server?

    thanks

    app

  2. It does work against UNC paths, and it is a GREAT script. Will definetly have a place in my toolbox.

    app

  3. Hey, thanks for the feedback, I am glad you can use it. Yes its designed to run from your admin workstation to drive mappings and UNC paths.

    Also, I have made some updates to it, but I havent posted it yet, some folders where users have removed permissions cant be renamed, so the script attempts to take ownership and then rename the folder. Ill post a copy of that script for you on Monday.

    Thanks again for the feedback!

  4. Hi,
    This is great, but how can I add the option of deleting home folders?

    • Jake,

      Thanks for using the script. The section where the script renames the orphaned folder can be used to delete the folder too.

      You should be able to add a line to delete the folder, or replace the rename line with remove.

      Let me know if this doesn’t make sense.

  5. Hi Jean,
    This is just what I have been looking for, if only I could get it to work! The only change I have made is to add the line: Add-PSSnapin Quest.ActiveRoles.ADManagement. The problem is that the only files that are renamed are folders on my local C: drive.

    Any help would be greatly appreaciated.

    Norrie

    • Norrie,

      Thanks for downloading the script! Please send me the cmdline you use when you execute the script.

      Jean

      • Hi Jean,
        lanched from CMD run as administrator

        powershell -file FindOrphan.ps1

        • Hi Jean,
          lanched from CMD run as administrator
          powershell -file FindOrphan.ps1 \\storageec1\student\test

          I have moved copied folders from the home directory to test for test purposes it is under the same share ‘Student”

          • I wonder if the UNC path is making a difference. Could you try mapping an actual drive letter to the path and test it again?

  6. Hi

    Mapped a network drive and pointed to that it did the same.

    • Can you send me a screen shot of the output, and a text copy of the exact script file that you use, to jeanlouw@gmail.com. Let me test it and see if I can reproduce the problem here.

    • Hey Jean, I am having the exact same issue as Norrie here. What did you guys find out? Before it tries to run the script against my C drives folders it gives me an error that states:
      param | The term ‘param’ is not recognized as the name of a cmdlet, function, script file or operable program.

  7. Can some one help with VB script which does same function

  8. Hi Jean….Thank you so much for this amazing script – been on the look out for something like this for a very long time… Internet is such a wonderful place 🙂

    your script works perfect for me and i just need one addition to it – i.e. after renaming the folders – is there any way i can move these “orphan’ only folders to another location? i was trying to see if i can incorporate robocopy to do this – but i believe it cannot identify folder names..

  9. Hi,

    this is exactly what I needed, In addition, can you please add one more line to skip home folders called “Documents” , Users’ home folders are redirected to their homedrives on servers however due to issue with group policy ( actuallyit is a microsfoft bug) some of users’ usernames are taken off and their home folders are in our file servers sits as “Documents” So, your script will certainly not going to find any user in AD called “Documents” and will mark it as orphan which we don’t want. IS it possible to do that?

  10. Hi,
    In addition, can you please add one more line to skip home folders called “Documents” , Users’ home folders are redirected to their homedrives on servers however due to issue with group policy ( actuallyit is a microsfoft bug) some of users’ usernames are taken off and their home folders are in our file servers sits as “Documents” So, your script will certainly not going to find any user in AD called “Documents” and will mark it as orphan which we don’t want. IS it possible to do that?

  11. I have a similar but different problem, where the home folder was already deleted but the user’s share is still there. I need to search the shares on a server and delete the orphaned shares.

  12. Works Great!
    thanks for sharing


Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

No trackbacks yet.