The format is based on and uses the types of changes according to Keep a Changelog, and this project adheres to Semantic Versioning.
- Removed bug from
Process-RegistryProfilesregarding populating theFolderNamevariable. - Refactored model to create a UserProfile object to better handel different removal scenarios.
- Fixed bug in
Join-UserProfilesregarding User Folders with no resolvable SIDS
-
New helper function
Validate-SIDFormatto verify SID value upon retrieval inGet-ProfilePathFromSID. -
Admin Detection and Environment Variable: Added logic to detect whether the current user is an administrator and set an environment variable
WinProfileOps_IsAdminaccordingly.-
If the user is an administrator,
$env:WinProfileOps_IsAdminis set to$true. If not, it's set to$false. -
The environment variable is automatically removed when the module is unloaded or when PowerShell exits.
-
Registered an
OnRemovescript block and aPowerShell.Exitingevent to ensure cleanup of the environment variable on module removal or session exit.
-
-
Remove-UserProfilesFromRegistry: Added a new function to remove user profiles from the Windows registry based on SIDs, Usernames, or UserProfile objects.
-
Supports three parameter sets:
UserProfileSet,SIDSet, andUserNameSet. -
Can be run in
AuditOnlymode, where no actual deletion is performed, or in deletion mode where profiles are removed. -
Includes a
Forceswitch to bypass confirmation prompts and aComputerNameparameter for targeting remote computers. -
Graceful error handling and logging for cases where the registry key cannot be opened or profiles cannot be processed for specific computers.
-
-
$env:WinProfileOps_IsAdmin: A boolean value that determines if the current user has administrative privileges. This is set by checking the user's security role against the built-in Administrator group using Windows security principals. -
$env:WinProfileOps_RegistryPath: Specifies the registry path used to manage user profiles. Default value:"SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList". -
$env:WinProfileOps_RegistryHive: Defines the registry hive to use, which is set toLocalMachineby default. -
$env:WinProfileOps_RegBackUpDirectory: Specifies the directory where registry backups are stored. Default value:"C:\LHStuff\RegBackUp". -
$env:WinProfileOps_ProfileFolderPath: The profile folder path, defaulting to the system drive'sUsersfolder. Example:"C:\Users".
-
Get-UserProfilesFromRegistry: Updated the function to handle scenarios where the current user does not have administrative privileges.
-
The function now checks if the user is an administrator by evaluating the
WinProfileOps_IsAdminenvironment variable. -
If the user has administrator privileges, the function retrieves user profiles from the registry using
Get-SIDProfileInfo. -
A warning is logged when the fallback method is used, indicating that special system accounts are excluded.
-
-
Updated
UserProfileobject creation inTest-OrphanedProfilefor$AccessErrorscenarios. -
The module is now using
WinRegOpsversion0.4.0for more refined registry value retrieval. -
Refactored
Get-SIDFromUsernameto use.NETclasses (System.Security.Principal.NTAccountandSystem.Security.Principal.SecurityIdentifier) instead of relying onGet-CimInstancefor SID resolution. -
Get-UserAccountFromSIDandGet-SIDFromUsernamenow invoke locally / Remotely to resolve without null values
-
Added core functions
-
configured
WinRegOpsas a dependant module -
Updated build file for release
-
Comment-based help documentation added for the following public functions:
Get-AllUserProfilesGet-OrphanedProfilesRemove-OrphanedProfilesRemove-SIDProfileGet-UserProfileFoldersGet-RegistryUserProfilesGet-UserFolders
-
Comment-based help documentation added for the following public functions:
New-UserProfileObjectRemove-RegistryKeyForSIDRemove-ProfilesForSIDsGet-RegistryKeyForSIDGet-SIDProfileInfoGet-ProfilePathFromSIDTest-FolderExistsTest-OrphanedProfileTest-SpecialAccount
-
Implemented and completed Unit Tests for private functions
-
Get-UserFolders-
Added error handling using a
try/catchblock to ensure that ifGet-ChildItemfails (e.g., due to permission issues), the function logs an error message and returns an empty array instead of throwing an unhandled exception. -
Implemented an
OutputTypeattribute for better PowerShell function introspection and to clearly indicate that the function returns an array of[PSCustomObject].
-
-
Invoke-UserProfileAuditSupporting Functions:-
These supporting functions are now utilized within
Invoke-UserProfileAuditto audit user profiles from both the file system and registry sources.-
Process-RegistryProfiles:- Processes profiles retrieved from the registry, compares them with folder profiles, and identifies orphaned profiles.
-
Process-FolderProfiles:- Processes user profiles from the folder system, identifies those without corresponding registry entries, and marks them as orphaned.
-
Test-ComputerReachability:- Encapsulates the common behavior of
Test-ComputerPingto check if a computer is reachable before proceeding with operations like profile audits. This ensures consistent handling of unreachable computers across different functions.
- Encapsulates the common behavior of
-
-
-
Moved
Get-SIDProfileInfoto the private functions folder. It will serve as an internal function forGet-RegistryUserProfiles -
Get-SIDProfileInfo-
Returns an empty array
@()when no registry key or SIDs are found, improving handling for cases where there are no profiles. -
Improved error handling to ensure proper error messages when the registry key or subkeys cannot be opened.
-
Enhanced handling of SIDs that are invalid or missing a
ProfileImagePath, logging appropriate warnings or verbose messages. -
Optimized function behavior to handle scenarios with no SIDs, invalid SID formats, and missing
ProfileImagePathvalues gracefully.
-
-
Get-UserFolders-
The function now logs errors when folder retrieval fails, improving diagnostic feedback.
-
The default value for the
ComputerNameparameter is set to$env:COMPUTERNAME, ensuring local computer behavior by default without requiring the user to specify it manually. -
Refined the
Get-DirectoryPathcall to ensure path conversion consistency across local and remote environments. -
General code clean-up and improved resilience, returning an empty array when no folders are found or in case of failure, rather than proceeding without valid data.
-
-
Get-UserProfilesFromRegistry-
Added error handling using a
try-catchblock to capture and log errors during the retrieval of registry profiles. -
Implemented a check using
Test-ComputerPingto verify if the target computer is online or reachable before attempting to retrieve registry profiles. -
Returns an empty array
@()when the target computer is offline or unreachable, logging a warning in such cases. -
Returns an empty array
@()when an error occurs while accessing the registry profiles, logging an error message. -
Integrated with the
-ErrorAction Stopparameter when callingGet-SIDProfileInfo, ensuring that errors are caught and handled appropriately in the calling function.
-
-
Get-UserProfilesFromFolders-
Added error handling using a
try-catchblock to capture and log errors during the retrieval of user profile folders. -
Implemented a check using
Test-ComputerPingto verify if the target computer is online or reachable before attempting to retrieve user folders. -
Returns an empty array
@()when the target computer is offline or unreachable, logging a warning in such cases. -
Returns an empty array
@()when an error occurs while accessing the user folders, logging an error message.
-
-
Invoke-UserProfileAudit- Renamed the previous
Get-AllUserProfilesfunction toInvoke-UserProfileAudit. - Added
Get-AllUserProfilesas an alias forInvoke-UserProfileAuditto maintain backward compatibility.
- Renamed the previous
-
Removed the old
Get-AllUserProfilesfunction and replaced it with the newInvoke-UserProfileAuditfunction. -
Temporarily Removed functions (
Remove-OrphanedProfilesandRemove-ProfilesForSIDs) related to Removing Users Folders and registry keys for further testing before implementing