{"id":409217,"date":"2024-12-31T15:12:21","date_gmt":"2024-12-31T15:12:21","guid":{"rendered":"https:\/\/www.ninjaone.com\/?post_type=script_hub&p=409217"},"modified":"2024-12-31T15:15:56","modified_gmt":"2024-12-31T15:15:56","slug":"report-orphaned-user-accounts","status":"publish","type":"script_hub","link":"https:\/\/www.ninjaone.com\/de\/script-hub\/report-orphaned-user-accounts\/","title":{"rendered":"Identifizieren und Verwalten verwaister Benutzerkonten in Windows mithilfe von PowerShell"},"content":{"rendered":"

Die Verwaltung von Benutzerkonten ist eine grundlegende Aufgabe f\u00fcr IT-Administratoren. Verwaiste Benutzerkonten – also solche, die nicht mehr mit einem aktiven Benutzer verbunden sind – bergen Risiken wie unn\u00f6tige Ressourcennutzung, potenzielle Datenlecks und Sicherheitsl\u00fccken. Das hier analysierte PowerShell-Skript<\/a> bietet einen automatisierten Ansatz zur effizienten Identifizierung und Verwaltung dieser Konten.<\/p>\n

Kontext<\/h2>\n

In Mehrbenutzerumgebungen, insbesondere in Unternehmen oder Organisationen, die von Managed Service Providern (MSPs<\/a>) verwaltet werden, bleiben Benutzerkonten oft zur\u00fcck, wenn Mitarbeiter das Unternehmen verlassen, die Rolle wechseln oder Systeme umstrukturiert werden. Diese verwaisten Profile sammeln sich im System an, beanspruchen wertvollen Speicherplatz und geben m\u00f6glicherweise sensible Informationen preis. Dieses Skript erkennt nicht nur verwaiste Profile, sondern liefert auch detaillierte Berichte, die IT-Experten helfen, ihre Systeme sauber und sicher zu halten.<\/p>\n

Das Skript zur Optimierung der Hintergrund-Verwaltung<\/h2>\n
#Requires -Version 5.1\r\n\r\n<#\r\n.SYNOPSIS\r\n    Looks for user profile folders that do not have an associated user account.\r\n.DESCRIPTION\r\n    Looks for user profile folders that do not have an associated user account.\r\n\r\n    By using this script, you indicate your acceptance of the following legal terms as well as our Terms of Use at https:\/\/www.ninjaone.com\/terms-of-use.\r\n    Ownership Rights: NinjaOne owns and will continue to own all right, title, and interest in and to the script (including the copyright). NinjaOne is giving you a limited license to use the script in accordance with these legal terms. \r\n    Use Limitation: You may only use the script for your legitimate personal or internal business purposes, and you may not share the script with another party. \r\n    Republication Prohibition: Under no circumstances are you permitted to re-publish the script in any script library or website belonging to or under the control of any other software provider. \r\n    Warranty Disclaimer: The script is provided \u201cas is\u201d and \u201cas available\u201d, without warranty of any kind. NinjaOne makes no promise or guarantee that the script will be free from defects or that it will meet your specific needs or expectations. \r\n    Assumption of Risk: Your use of the script is at your own risk. You acknowledge that there are certain inherent risks in using the script, and you understand and assume each of those risks. \r\n    Waiver and Release: You will not hold NinjaOne responsible for any adverse or unintended consequences resulting from your use of the script, and you waive any legal or equitable rights or remedies you may have against NinjaOne relating to your use of the script. \r\n    EULA: If you are a NinjaOne customer, your use of the script is subject to the End User License Agreement applicable to you (EULA).\r\n.EXAMPLE\r\n    (No Parameters)\r\n    \r\n    [Alert] Orphaned profiles found!\r\n\r\n    Username Size      Path             SID                                           \r\n    -------- ----      ----             ---                                           \r\n    UNKNOWN  554.97 MB C:\\Users\\tuser1  S-1-5-21-1255570301-2732419320-3119746845-1104\r\n    UNKNOWN  86.74 MB  C:\\Users\\tuser22 S-1-5-21-3797121902-2219393589-2867574441-1001\r\n\r\n\r\nPARAMETER: -CustomField \"ReplaceMeWithTheNameOfaWYSIWYGcustomField\"\r\n    Specify the name of an optional WYSIWYG Custom Field to save the results in.\r\n\r\n.NOTES\r\n    Minimum OS Architecture Supported: Windows 10, Windows Server 2016\r\n    Release Notes: Initial Release\r\n#>\r\n\r\n[CmdletBinding()]\r\nparam (\r\n    [Parameter()]\r\n    [String[]]$DirectoriesToIgnore = (\"All Users\", \"Default\", \"Default User\", \"Public\"),\r\n    [Parameter()]\r\n    [String]$CustomField\r\n)\r\n\r\nbegin {\r\n    # Set parameters using dynamic script variables.\r\n    if ($env:wysiwygCustomFieldName -and $env:wysiwygCustomFieldName -notlike \"null\") {\r\n        $CustomField = $env:wysiwygCustomFieldName\r\n    }\r\n\r\n    # Function to convert a size in bytes to a more human-readable format\r\n    function Get-FriendlySize {\r\n        param($Bytes)\r\n        # Array of size units\r\n        $Sizes = 'Bytes,KB,MB,GB,TB,PB,EB,ZB' -split ','\r\n        # Loop to find the appropriate size unit\r\n        for ($i = 0; ($Bytes -ge 1kb) -and ($i -lt $Sizes.Count); $i++) { $Bytes \/= 1kb }\r\n        # Number of decimal places to show\r\n        $decimalPlaces = 2\r\n        # If the size is in bytes, no decimal places are needed\r\n        if ($i -eq 0) { $decimalPlaces = 0 }\r\n        # Return the rounded size with the appropriate unit\r\n        if ($Bytes) { \"$([System.Math]::Round($Bytes,$decimalPlaces)) $($Sizes[$i])\" }else { \"0 B\" }\r\n    }\r\n    \r\n    # Function to retrieve user profile hives from the registry\r\n    function Get-UserHives {\r\n        param (\r\n            [Parameter()]\r\n            [ValidateSet('AzureAD', 'DomainAndLocal', 'All')]\r\n            [String]$Type = \"All\",\r\n            [Parameter()]\r\n            [String[]]$ExcludedUsers,\r\n            [Parameter()]\r\n            [switch]$IncludeDefault\r\n        )\r\n\r\n        # Define patterns to match user SIDs based on the Type parameter\r\n        $Patterns = switch ($Type) {\r\n            \"AzureAD\" { \"S-1-12-1-(\\d+-?){4}$\" }\r\n            \"DomainAndLocal\" { \"S-1-5-21-(\\d+-?){4}$\" }\r\n            \"All\" { \"S-1-12-1-(\\d+-?){4}$\" ; \"S-1-5-21-(\\d+-?){4}$\" } \r\n        }\r\n\r\n        # Retrieve user profiles from the registry\r\n        $UserProfiles = Foreach ($Pattern in $Patterns) { \r\n            Get-ItemProperty \"HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList\\*\" |\r\n                Where-Object { $_.PSChildName -match $Pattern } | \r\n                Select-Object @{Name = \"SID\"; Expression = { $_.PSChildName } },\r\n                @{Name = \"Username\"; Expression = { \"$($_.ProfileImagePath | Split-Path -Leaf)\" } }, \r\n                @{Name = \"UserHive\"; Expression = { \"$($_.ProfileImagePath)\\NTuser.dat\" } }, \r\n                @{Name = \"Path\"; Expression = { $_.ProfileImagePath } },\r\n                @{Name = \"Size\"; Expression = { $(Get-ChildItem -Path $_.ProfileImagePath -Recurse -Force -ErrorAction SilentlyContinue | Measure-Object -Sum Length -ErrorAction SilentlyContinue | Select-Object -ExpandProperty Sum -ErrorAction SilentlyContinue) } }\r\n        }\r\n\r\n        # Include the default profile if specified\r\n        switch ($IncludeDefault) {\r\n            $True {\r\n                $DefaultProfile = \"\" | Select-Object Username, SID, UserHive, Path\r\n                $DefaultProfile.Username = \"Default\"\r\n                $DefaultProfile.SID = \"DefaultProfile\"\r\n                $DefaultProfile.Userhive = \"$env:SystemDrive\\Users\\Default\\NTUSER.DAT\"\r\n                $DefaultProfile.Path = \"C:\\Users\\Default\"\r\n\r\n                $DefaultProfile | Where-Object { $ExcludedUsers -notcontains $_.Username }\r\n            }\r\n        }\r\n\r\n        # Iterate over the user profiles to resolve user names from SIDs\r\n        $UserProfiles | ForEach-Object {\r\n            $SidObject = $Null\r\n            $NewUsername = $Null\r\n\r\n            # Convert SID to user name\r\n            if ($_.SID) {\r\n                try {\r\n                    $SidObject = New-Object System.Security.Principal.SecurityIdentifier($_.SID)\r\n                    $NewUsername = $SidObject.Translate([System.Security.Principal.NTAccount])\r\n                }\r\n                catch {\r\n                    $NewUsername = $Null\r\n                }\r\n            }\r\n\r\n            # Assign the resolved user name or \"UNKNOWN\" if resolution fails\r\n            if ($NewUsername.Value) {\r\n                $_.Username = $NewUsername.Value\r\n            }\r\n            else {\r\n                $_.Username = \"UNKNOWN\"\r\n            }\r\n        }\r\n\r\n        $UserProfiles | Where-Object { $ExcludedUsers -notcontains $_.Username }\r\n    }\r\n\r\n    function Set-NinjaProperty {\r\n        [CmdletBinding()]\r\n        Param(\r\n            [Parameter(Mandatory = $True)]\r\n            [String]$Name,\r\n            [Parameter()]\r\n            [String]$Type,\r\n            [Parameter(Mandatory = $True, ValueFromPipeline = $True)]\r\n            $Value,\r\n            [Parameter()]\r\n            [String]$DocumentName\r\n        )\r\n        \r\n        $Characters = $Value | Out-String | Measure-Object -Character | Select-Object -ExpandProperty Characters\r\n        if ($Characters -ge 200000) {\r\n            throw [System.ArgumentOutOfRangeException]::New(\"Character limit exceeded: the value is greater than or equal to 200,000 characters.\")\r\n        }\r\n            \r\n        # If requested to set the field value for a Ninja document, specify it here.\r\n        $DocumentationParams = @{}\r\n        if ($DocumentName) { $DocumentationParams[\"DocumentName\"] = $DocumentName }\r\n            \r\n        # This is a list of valid fields that can be set. If no type is specified, assume that the input does not need to be changed.\r\n        $ValidFields = \"Attachment\", \"Checkbox\", \"Date\", \"Date or Date Time\", \"Decimal\", \"Dropdown\", \"Email\", \"Integer\", \"IP Address\", \"MultiLine\", \"MultiSelect\", \"Phone\", \"Secure\", \"Text\", \"Time\", \"URL\", \"WYSIWYG\"\r\n        if ($Type -and $ValidFields -notcontains $Type) { Write-Warning \"$Type is an invalid type. Please check here for valid types: https:\/\/ninjarmm.zendesk.com\/hc\/en-us\/articles\/16973443979789-Command-Line-Interface-CLI-Supported-Fields-and-Functionality\" }\r\n            \r\n        # The field below requires additional information to set.\r\n        $NeedsOptions = \"Dropdown\"\r\n        if ($DocumentName) {\r\n            if ($NeedsOptions -contains $Type) {\r\n                # Redirect error output to the success stream to handle errors more easily if nothing is found or something else goes wrong.\r\n                $NinjaPropertyOptions = Ninja-Property-Docs-Options -AttributeName $Name @DocumentationParams 2>&1\r\n            }\r\n        }\r\n        else {\r\n            if ($NeedsOptions -contains $Type) {\r\n                $NinjaPropertyOptions = Ninja-Property-Options -Name $Name 2>&1\r\n            }\r\n        }\r\n            \r\n        # If an error is received with an exception property, exit the function with that error information.\r\n        if ($NinjaPropertyOptions.Exception) { throw $NinjaPropertyOptions }\r\n            \r\n        # The types below require values not typically given to be set. The code below will convert whatever we're given into a format ninjarmm-cli supports.\r\n        switch ($Type) {\r\n            \"Checkbox\" {\r\n                # Although it's highly likely we were given a value like \"True\" or a boolean data type, it's better to be safe than sorry.\r\n                $NinjaValue = [System.Convert]::ToBoolean($Value)\r\n            }\r\n            \"Date or Date Time\" {\r\n                # Ninjarmm-cli expects the GUID of the option to be selected. Therefore, match the given value with a GUID.\r\n                $Date = (Get-Date $Value).ToUniversalTime()\r\n                $TimeSpan = New-TimeSpan (Get-Date \"1970-01-01 00:00:00\") $Date\r\n                $NinjaValue = $TimeSpan.TotalSeconds\r\n            }\r\n            \"Dropdown\" {\r\n                # Ninjarmm-cli expects the GUID of the option we're trying to select, so match the value we were given with a GUID.\r\n                $Options = $NinjaPropertyOptions -replace '=', ',' | ConvertFrom-Csv -Header \"GUID\", \"Name\"\r\n                $Selection = $Options | Where-Object { $_.Name -eq $Value } | Select-Object -ExpandProperty GUID\r\n            \r\n                if (-not $Selection) {\r\n                    throw [System.ArgumentOutOfRangeException]::New(\"Value is not present in dropdown options.\")\r\n                }\r\n            \r\n                $NinjaValue = $Selection\r\n            }\r\n            default {\r\n                # All the other types shouldn't require additional work on the input.\r\n                $NinjaValue = $Value\r\n            }\r\n        }\r\n            \r\n        # Set the field differently depending on whether it's a field in a Ninja Document or not.\r\n        if ($DocumentName) {\r\n            $CustomField = Ninja-Property-Docs-Set -AttributeName $Name -AttributeValue $NinjaValue @DocumentationParams 2>&1\r\n        }\r\n        else {\r\n            $CustomField = $NinjaValue | Ninja-Property-Set-Piped -Name $Name 2>&1\r\n        }\r\n            \r\n        if ($CustomField.Exception) {\r\n            throw $CustomField\r\n        }\r\n    }\r\n\r\n    # Function to check if the computer is joined to a domain\r\n    function Test-IsDomainJoined {\r\n        if ($PSVersionTable.PSVersion.Major -lt 5) {\r\n            return $(Get-WmiObject -Class Win32_ComputerSystem).PartOfDomain\r\n        }\r\n        else {\r\n            return $(Get-CimInstance -Class Win32_ComputerSystem).PartOfDomain\r\n        }\r\n    }\r\n\r\n    # Function to check if the computer is a domain controller\r\n    function Test-IsDomainController {\r\n        $OS = if ($PSVersionTable.PSVersion.Major -lt 5) {\r\n            Get-WmiObject -Class Win32_OperatingSystem\r\n        }\r\n        else {\r\n            Get-CimInstance -ClassName Win32_OperatingSystem\r\n        }\r\n    \r\n        if ($OS.ProductType -eq \"2\") {\r\n            return $true\r\n        }\r\n    }\r\n\r\n    function Test-IsElevated {\r\n        $id = [System.Security.Principal.WindowsIdentity]::GetCurrent()\r\n        $p = New-Object System.Security.Principal.WindowsPrincipal($id)\r\n        $p.IsInRole([System.Security.Principal.WindowsBuiltInRole]::Administrator)\r\n    }\r\n\r\n    function Test-IsDomainReachable {\r\n        try {\r\n            $searcher = [adsisearcher]\"(&(objectCategory=computer)(name=$env:ComputerName))\"\r\n            $searcher.FindOne()\r\n        }\r\n        catch {\r\n            Write-Host -Object \"[Error] Failed to connect to the domain!\"\r\n            Write-Host -Object \"[Error] $($_.Exception.Message)\"\r\n            $False\r\n        }\r\n    }\r\n\r\n    if (!$ExitCode) {\r\n        $ExitCode = 0\r\n    }\r\n}\r\nprocess {\r\n    # Check if the script is running with elevated privileges\r\n    if (!(Test-IsElevated)) {\r\n        Write-Host -Object \"[Error] Access Denied. Please run with Administrator privileges.\"\r\n        exit 1\r\n    }\r\n\r\n    # Check if the computer is domain joined, can connect to the domain controller, and is not itself a domain controller\r\n    if ((Test-IsDomainJoined) -and !(Test-IsDomainReachable) -and !(Test-IsDomainController)) {\r\n        Write-Host -Object \"[Error] Unable to connect to the domain controller! The domain must be reachable to confirm which profiles are orphaned.\"\r\n        exit 1\r\n    }\r\n\r\n    # Initialize a list to hold user profiles\r\n    $UserProfiles = New-Object System.Collections.Generic.List[Object]\r\n    # Retrieve user hives and add them to the list of user profiles\r\n    try {\r\n        $UserHives = Get-UserHives -Type \"All\"\r\n    }\r\n    catch {\r\n        Write-Host -Object \"[Error] Failed to retrieve the user profile information from the registry!\"\r\n        Write-Host -Object \"$($_.Exception.Message)\"\r\n        exit 1\r\n    }\r\n\r\n    $UserHives | ForEach-Object {\r\n        if ((Test-IsDomainJoined) -and $_.Username -notmatch [Regex]::Escape(\"$env:ComputerName\") -and $_.Username -notmatch \"AzureAD\" -and $_.Username -ne \"UNKNOWN\") {\r\n            try {\r\n                $ADSIsearch = [adsisearcher]\"(objectSid=$($_.SID))\"\r\n                if (!($ADSIsearch.FindOne())) {\r\n                    $_.Username = \"UNKNOWN\"\r\n                }\r\n            }\r\n            catch {\r\n                Write-Host -Object \"[Error] Failed to connect to the domain to verify the account with the sid $($_.SID) is active.\"\r\n                Write-Host -Object \"[Error] $($_.Exception.Message)\"\r\n                exit 1\r\n            }\r\n        }\r\n\r\n        try {\r\n            $UserProfiles.Add(\r\n                [PSCustomObject]@{\r\n                    SID          = $_.SID\r\n                    Username     = $_.Username\r\n                    UserHive     = $_.UserHive\r\n                    Path         = $_.Path\r\n                    Size         = $_.Size\r\n                    FriendlySize = (Get-FriendlySize -Bytes $_.Size)\r\n                }\r\n            )\r\n        }\r\n        catch {\r\n            Write-Host -Object \"[Error] Failed to add the profile with the SID $($_.SID) to the profile list!\"\r\n            Write-Host -Object \"[Error] $($_.Exception.Message)\"\r\n            exit 1\r\n        }\r\n    }\r\n    \r\n    # Attempt to retrieve the user profiles directory from the registry (typically C:\\Users)\r\n    try {\r\n        $ProfilesDirectory = (Get-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList' -ErrorAction Stop).ProfilesDirectory\r\n    }\r\n    catch {\r\n        Write-Host -Object \"[Error] Unable to find the user profiles directory!\"\r\n        Write-Host -Object \"[Error] $($_.Exception.Message)\"\r\n        exit 1\r\n    }\r\n\r\n    # Attempt to get information about directories in the profiles directory that have not already been identified\/found\r\n    try {\r\n        $ProfilesDirectory | Get-ChildItem -Directory -Force -ErrorAction Stop | Where-Object { $DirectoriesToIgnore -notcontains $_.Name -and $UserProfiles.Path -notcontains $_.FullName } | ForEach-Object {\r\n            $FriendlySize = $Null\r\n            $Size = $Null\r\n            $Hive = $Null\r\n\r\n            # Check if the NTuser.dat file exists in the profile directory\r\n            if (Test-Path -Path \"$($_.FullName)\\NTuser.dat\" -ErrorAction SilentlyContinue) {\r\n                $Hive = \"$($_.FullName)\\NTuser.dat\"\r\n            }\r\n            else {\r\n                $Hive = \"UNKNOWN\"\r\n            }\r\n\r\n            # Calculate the size of the profile directory\r\n            $Size = $(Get-ChildItem -Path $_.FullName -Recurse -Force -ErrorAction SilentlyContinue | Measure-Object -Sum Length -ErrorAction SilentlyContinue | Select-Object -ExpandProperty Sum -ErrorAction SilentlyContinue)\r\n            if ($Size) {\r\n                $FriendlySize = Get-FriendlySize -Bytes $Size\r\n            }\r\n\r\n            # Add the profile information to the list of user profiles\r\n            $UserProfiles.Add(\r\n                [PSCustomObject]@{\r\n                    SID          = \"UNKNOWN\"\r\n                    Username     = \"UNKNOWN\"\r\n                    UserHive     = $Hive\r\n                    Path         = $_.FullName\r\n                    Size         = $Size\r\n                    FriendlySize = $FriendlySize\r\n                }\r\n            )\r\n        }\r\n    }\r\n    catch {\r\n        Write-Host -Object \"[Error] Unable to get all of the user profile information for $($_.FullName)!\"\r\n        Write-Host -Object \"[Error] $($_.Exception.Message)\"\r\n        exit 1\r\n    }\r\n\r\n    # Filter the list to find orphaned profiles (those with \"UNKNOWN\" as a username)\r\n    $OrphanedProfiles = $UserProfiles | Where-Object { $_.Username -eq \"UNKNOWN\" }\r\n\r\n    # If a custom field is specified, generate an HTML report and set the custom field\r\n    if ($CustomField) {\r\n        $HTMLreport = $UserProfiles | Sort-Object Size -Descending | Select-Object Username, @{Label = \"Size\"; Expression = { $_.FriendlySize } }, Path, SID | ConvertTo-Html -Fragment\r\n\r\n        # Highlight orphaned profiles in the HTML report\r\n        $HTMLreport = $HTMLreport | ForEach-Object {\r\n            $_ -replace '<tr><td>UNKNOWN<\/td>', '<tr class=\"danger\"><td>UNKNOWN<\/td>'\r\n        }\r\n\r\n        try {\r\n            Write-Host \"Attempting to set Custom Field '$CustomField'.\"\r\n            Set-NinjaProperty -Name $CustomField -Value $HTMLreport\r\n            Write-Host \"Successfully set Custom Field '$CustomField'!\"\r\n        }\r\n        catch {\r\n            Write-Host \"[Error] $($_.Exception.Message)\"\r\n            $ExitCode = 1\r\n        }\r\n\r\n        Write-Host \"\"\r\n    }\r\n    \r\n    # Display a message about orphaned profiles\r\n    if ($OrphanedProfiles) {\r\n        Write-Host -Object \"[Alert] Orphaned profiles found!\"\r\n        $OrphanedProfiles | Sort-Object Size -Descending | Format-Table Username, @{Label = \"Size\"; Expression = { $_.FriendlySize } }, Path, SID | Out-String | Write-Host\r\n    }\r\n    else {\r\n        Write-Host -Object \"No orphaned profiles found!\"\r\n    }\r\n\r\n    exit $ExitCode\r\n}\r\nend {\r\n    \r\n    \r\n    \r\n}<\/pre>\n
 <\/p>\n\n
Sparen Sie Zeit mit \u00fcber 300+ Skripten aus dem NinjaOne Dojo.<\/p>\n
\u2192 Erhalten Sie noch heute Zugang<\/a>.<\/p>\n<\/div>\n
Detailansicht<\/h2>\n
Schl\u00fcsselkomponenten und Arbeitsablauf<\/h3>\n
1. Initialisierung und Parameter<\/h4>\n
a. Das Skript beginnt mit der Definition von Parametern wie $DirectoriesToIgnore, um bestimmte Standardordner (z. B. „Public“ oder „Default“) auszuschlie\u00dfen, und $CustomField, das zu Berichtszwecken mit NinjaOne integriert wird.<\/p>\n
b. Eine Reihe von Hilfsfunktionen wie Test-IsDomainJoined und Get-FriendlySize bereiten die Umgebung vor, indem sie f\u00fcr die richtigen Berechtigungen und die Formatierung der Ausgabe sorgen.<\/p>\n
2. Profil Entdeckung<\/h3>\n
a. Die Kernfunktionalit\u00e4t liegt in Get-UserHives, das die Windows-Registrierung nach Benutzerprofilinformationen abfragt. Es ruft Details wie den Benutzernamen, den Security Identifier (SID), den Profilpfad und die Gr\u00f6\u00dfe jedes Benutzerprofils ab.<\/p>\n
b. Profile werden mit aktiven Dom\u00e4nenbenutzern anhand ihrer SIDs abgeglichen. Jedes Profil, das nicht einem aktiven Benutzer zugeordnet werden kann, wird als „UNBEKANNT“ gekennzeichnet<\/p>\n
3. Berichterstellung<\/h3>\n
a. Das Skript stellt alle verwaisten Profile in einem Bericht zusammen. Wenn ein benutzerdefiniertes Feld angegeben wird, werden die Daten in einen HTML-Bericht f\u00fcr die Integration mit externen Tools wie NinjaOne umgewandelt.<\/p>\n
4. Ausgabe und Warnungen<\/h3>\n
a. Wenn verwaiste Profile gefunden werden, wird eine formatierte Tabelle angezeigt, die Benutzernamen, Profilgr\u00f6\u00dfen, Pfade und SIDs enth\u00e4lt.<\/p>\n
b. Wenn keine verwaisten Profile vorhanden sind, meldet das Skript einen Neuanfang.<\/p>\n
Potenzielle Anwendungsf\u00e4lle<\/h2>\n
Fallstudie: Aufr\u00e4umen eines Unternehmensnetzwerks<\/h3>\n
Stellen Sie sich einen MSP vor, der mit der Verwaltung einer Organisation mit 500 Mitarbeitern beauftragt ist. Im Laufe der Jahre werden mehrere Konten deaktiviert, wenn Mitarbeiter ausscheiden, aber ihre Profile bleiben bestehen. Mit diesem Skript kann das IT-Team:<\/p>\n