A tool that remotely deletes user profiles

User profiles in Windows NT 4.0 are collections of user-specific data, including desktop settings, the Programs menu, application settings (such as whether Microsoft Word hyphenates words), and the contents of the Send To menu that pops up when you right-click items on the NT desktop. If you store user profiles on a network share, every time users log on to a computer on the network their profile follows them.

Profiles' Problems
These roaming profiles are useful, but they can create clutter on network workstations. Suppose I'm an administrator with a roaming profile and I log on to the network from your workstation to fix a problem. NT downloads my entire profile to your hard disk and leaves my profile on your hard disk after I log off.

This residual profile is troublesome for two reasons. First, it consumes space on your hard disk. Second, it might include sensitive information that I don't want you to access. For example, if I write myself a note in Notepad and leave the note on my desktop, my profile includes a copy of the note. When I log off your workstation, the note remains on your hard disk. If your computer has an NTFS-formatted system disk, NTFS permissions protect access to the profile. But if the disk is FAT-formatted, nothing prevents you from reading my note.

As an administrator, I can change your computer's Registry to tell NT not to keep local copies of roaming profiles on your machine after the profile's owner logs off. If I go to HKEY_LOCAL_MACHINE\SOFTWARE\ Microsoft\Windows NT\ CurrentVersion\Winlogon, add the DeleteRoamingCache value entry (type REG_DWORD), and set DeleteRoamingCache to 1, your workstation won't keep my profile after I log off.

But if you have a roaming profile, your workstation won't keep your profile after you log off either; so, this Registry change will force you to wait for the profile to download every time to log on to your workstation. You probably won't thank me for making this change.

I need to remove my profile from your machine without affecting the way your workstation treats your profile. And, I can't simply go to the User Profiles tab on Control Panel's System applet to remove my profile before I log off your computer because I can't remove the profile I'm logged on under.

Delete Remote Profiles
To remove my profile from your hard disk, I need a remote profile zapper, a program I can run when I get back to my desk that erases the copy of my profile from your hard disk. Microsoft Windows NT Server 4.0 Resource Kit provides just such a tool, DELPROF.

The syntax for DELPROF is

delprof \[/p\] /c:\\

The /p option tells DELPROF to prompt me before it deletes any profiles from your machine. If your computer's name is GOLDEN, I type

delprof /p /c:\\golden

on my computer to remove my profile from your hard disk. NT then shows me all GOLDEN's profiles, one at a time, and asks whether I want to delete each profile. Here's a sample dialog:

Delete \\GOLDEN\admin$\Profiles\Administrator? (Yes/No/All) n
Delete \\GOLDEN\admin$\Profiles\NormUser? (Yes/No/All) n
Delete \\GOLDEN\admin$\Profiles\Mark? (Yes/No/All) y
Deleting \\GOLDEN\admin$\Profiles\Mark...  \[Ok\]

Clean Up Your Local Hard Disk
DELPROF can also easily remove multiple profiles from one computer. When I try out new programs on my NT workstation, I create user accounts that I use only once. After a while, my Profiles directory contains a lot of profiles that I haven't used in months.

I could use Control Panel's System applet to delete these accounts one by one, but DELPROF offers a better solution:

delprof \[/q\] /d:

This command deletes all profiles that no one has touched in numdays days. The /q option tells DELPROF to complete the deletions without prompting me for responses. For the easy solution to the tricky problem of removing unneeded roaming profiles, DELPROF earns a spot on the resource kit's Wall of Fame.