{"id":124,"date":"2015-08-17T17:46:05","date_gmt":"2015-08-17T17:46:05","guid":{"rendered":"http:\/\/zewwy.ca\/?p=124"},"modified":"2018-01-13T18:05:27","modified_gmt":"2018-01-13T18:05:27","slug":"remotely-working-with-user-profiles","status":"publish","type":"post","link":"https:\/\/zewwy.ca\/index.php\/2015\/08\/17\/remotely-working-with-user-profiles\/","title":{"rendered":"Remotely working with user profiles"},"content":{"rendered":"<div class=\"blogbody\">\n<p>Checking up on my daily emails, I see my usual AV report. I open it up to see a who&#8217;s the bad surfer, turns out only one system. And it turned out to be the new temp we hired. I didn&#8217;t expect him to actually go to any bad sites, didn&#8217;t seem to be the type, so I quickly viewed the infected file.<\/p>\n<p>Turns out the file specified was from an old user profile, of someone who used the system before him&#8230; making me wonder how many old profiles are on his system. I&#8217;m a systems admin who prefers to get some things done without affecting other peoples work. I manage to do these with different remote applications. Most of these applications share the users screen and allow taking over of the system. This still interrupts the user, so often I resort to sysinternals psexec.<\/p>\n<p>So I wanted to find out how I could enumerate a list of local profile accounts on a system via command. Doing a bit of research showed this to not be as easy as I had expected (was hoping for a simple wmic command). As it turns out sometimes I forget I&#8217;m stuck in the past and should really get with the times, <a href=\"http:\/\/blogs.technet.com\/b\/heyscriptingguy\/archive\/2005\/06\/03\/hey-scripting-guy-how-can-i-list-all-the-user-profiles-on-a-computer.aspx\">old way<\/a>&#8230;<\/p>\n<p>Which is from 2005, thankfully Since Vista they introduced a new class to handle these. \ud83d\ude00 Check out <a href=\"http:\/\/blogs.technet.com\/b\/heyscriptingguy\/archive\/2009\/12\/01\/hey-scripting-guy-december-1-2009.aspx\">this post<\/a> for more info.<\/p>\n<p>Easy Peasy way using Win32_UserProfile class and PowerShell \ud83d\ude00<\/p>\n<p>To Paraphrase to solution:<\/p>\n<pre>1) Open PS in elevated mode.\r\n2) gwmi win32_userprofile -co $REMOTESYSTEM | ft sid, localpath -a\r\n3) Where gwmi = Get-WinObject | Win32_UserProfile is the class | -co is the remote system attribute | |is the pipe | and ft is format table\r\n4) Note as with all object based programming\/applications This can be very easily used to manage user profiles as well, ex:\r\n5) (gwmi win32_userprofile -co Server1 | where {$_.LocalPath -like '*\\cjohn*'}).Delete()\r\n<\/pre>\n<p>So that&#8217;s it! Ever since Vista managing user profiles has become a breeze and no longer requires intensive scripting to be managed remotely! Thanks MS you finally did something right!<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Checking up on my daily emails, I see my usual AV report. I open it up to see a who&#8217;s the bad surfer, turns out only one system. And it turned out to be the new temp we hired. I didn&#8217;t expect him to actually go to any bad sites, didn&#8217;t seem to be the &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/zewwy.ca\/index.php\/2015\/08\/17\/remotely-working-with-user-profiles\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Remotely working with user profiles&#8221;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"sfsi_plus_gutenberg_text_before_share":"","sfsi_plus_gutenberg_show_text_before_share":"","sfsi_plus_gutenberg_icon_type":"","sfsi_plus_gutenberg_icon_alignemt":"","sfsi_plus_gutenburg_max_per_row":"","footnotes":""},"categories":[8],"tags":[],"class_list":["post-124","post","type-post","status-publish","format-standard","hentry","category-server-administration"],"_links":{"self":[{"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/posts\/124","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/comments?post=124"}],"version-history":[{"count":2,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/posts\/124\/revisions"}],"predecessor-version":[{"id":126,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/posts\/124\/revisions\/126"}],"wp:attachment":[{"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/media?parent=124"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/categories?post=124"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/tags?post=124"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}