{"id":408627,"date":"2024-12-24T06:54:44","date_gmt":"2024-12-24T06:54:44","guid":{"rendered":"https:\/\/www.ninjaone.com\/?post_type=script_hub&p=408627"},"modified":"2024-12-24T07:02:53","modified_gmt":"2024-12-24T07:02:53","slug":"comptes-utilisateur-orphelins","status":"publish","type":"script_hub","link":"https:\/\/www.ninjaone.com\/fr\/script-hub\/comptes-utilisateur-orphelins\/","title":{"rendered":"Identifier et g\u00e9rer les comptes utilisateur orphelins dans Windows \u00e0 l’aide de PowerShell"},"content":{"rendered":"

La gestion des comptes utilisateur est une responsabilit\u00e9 fondamentale pour les administrateurs informatiques. Les comptes utilisateur orphelins, qui ne sont plus associ\u00e9s \u00e0 un utilisateur actif, pr\u00e9sentent des risques tels qu’une utilisation inutile des ressources, des fuites de donn\u00e9es potentielles et des vuln\u00e9rabilit\u00e9s en mati\u00e8re de s\u00e9curit\u00e9. Le script PowerShell<\/a> analys\u00e9 ici propose une approche automatis\u00e9e pour identifier et g\u00e9rer efficacement ces comptes.<\/p>\n

Contexte<\/h2>\n

Dans les environnements multi-utilisateurs, en particulier dans les entreprises ou celles g\u00e9r\u00e9es par des fournisseurs de services g\u00e9r\u00e9s (MSP)<\/a>, les comptes utilisateur sont souvent oubli\u00e9s lorsque les employ\u00e9s partent, changent de r\u00f4le ou que les syst\u00e8mes sont restructur\u00e9s. Ces profils orphelins s’accumulent dans le syst\u00e8me, occupant un espace disque pr\u00e9cieux et exposant potentiellement des informations sensibles. Ce script d\u00e9tecte non seulement les profils orphelins, mais fournit \u00e9galement des rapports d\u00e9taill\u00e9s, aidant ainsi les professionnels de l’informatique \u00e0 maintenir leurs syst\u00e8mes propres et s\u00e9curis\u00e9s.<\/p>\n

Le script\u00a0:<\/h2>\n
#Requires -Version 5.1\r\n\r\n<#\r\n.SYNOPSIS\r\n    Looks for user profile folders that do not have an associated user account.\r\n.DESCRIPTION\r\n    Looks for user profile folders that do not have an associated user account.\r\n\r\n    By using this script, you indicate your acceptance of the following legal terms as well as our Terms of Use at https:\/\/www.ninjaone.com\/terms-of-use.\r\n    Ownership Rights: NinjaOne owns and will continue to own all right, title, and interest in and to the script (including the copyright). NinjaOne is giving you a limited license to use the script in accordance with these legal terms. \r\n    Use Limitation: You may only use the script for your legitimate personal or internal business purposes, and you may not share the script with another party. \r\n    Republication Prohibition: Under no circumstances are you permitted to re-publish the script in any script library or website belonging to or under the control of any other software provider. \r\n    Warranty Disclaimer: The script is provided \u201cas is\u201d and \u201cas available\u201d, without warranty of any kind. NinjaOne makes no promise or guarantee that the script will be free from defects or that it will meet your specific needs or expectations. \r\n    Assumption of Risk: Your use of the script is at your own risk. You acknowledge that there are certain inherent risks in using the script, and you understand and assume each of those risks. \r\n    Waiver and Release: You will not hold NinjaOne responsible for any adverse or unintended consequences resulting from your use of the script, and you waive any legal or equitable rights or remedies you may have against NinjaOne relating to your use of the script. \r\n    EULA: If you are a NinjaOne customer, your use of the script is subject to the End User License Agreement applicable to you (EULA).\r\n.EXAMPLE\r\n    (No Parameters)\r\n    \r\n    [Alert] Orphaned profiles found!\r\n\r\n    Username Size      Path             SID                                           \r\n    -------- ----      ----             ---                                           \r\n    UNKNOWN  554.97 MB C:\\Users\\tuser1  S-1-5-21-1255570301-2732419320-3119746845-1104\r\n    UNKNOWN  86.74 MB  C:\\Users\\tuser22 S-1-5-21-3797121902-2219393589-2867574441-1001\r\n\r\n\r\nPARAMETER: -CustomField \"ReplaceMeWithTheNameOfaWYSIWYGcustomField\"\r\n    Specify the name of an optional WYSIWYG Custom Field to save the results in.\r\n\r\n.NOTES\r\n    Minimum OS Architecture Supported: Windows 10, Windows Server 2016\r\n    Release Notes: Initial Release\r\n#>\r\n\r\n[CmdletBinding()]\r\nparam (\r\n    [Parameter()]\r\n    [String[]]$DirectoriesToIgnore = (\"All Users\", \"Default\", \"Default User\", \"Public\"),\r\n    [Parameter()]\r\n    [String]$CustomField\r\n)\r\n\r\nbegin {\r\n    # Set parameters using dynamic script variables.\r\n    if ($env:wysiwygCustomFieldName -and $env:wysiwygCustomFieldName -notlike \"null\") {\r\n        $CustomField = $env:wysiwygCustomFieldName\r\n    }\r\n\r\n    # Function to convert a size in bytes to a more human-readable format\r\n    function Get-FriendlySize {\r\n        param($Bytes)\r\n        # Array of size units\r\n        $Sizes = 'Bytes,KB,MB,GB,TB,PB,EB,ZB' -split ','\r\n        # Loop to find the appropriate size unit\r\n        for ($i = 0; ($Bytes -ge 1kb) -and ($i -lt $Sizes.Count); $i++) { $Bytes \/= 1kb }\r\n        # Number of decimal places to show\r\n        $decimalPlaces = 2\r\n        # If the size is in bytes, no decimal places are needed\r\n        if ($i -eq 0) { $decimalPlaces = 0 }\r\n        # Return the rounded size with the appropriate unit\r\n        if ($Bytes) { \"$([System.Math]::Round($Bytes,$decimalPlaces)) $($Sizes[$i])\" }else { \"0 B\" }\r\n    }\r\n    \r\n    # Function to retrieve user profile hives from the registry\r\n    function Get-UserHives {\r\n        param (\r\n            [Parameter()]\r\n            [ValidateSet('AzureAD', 'DomainAndLocal', 'All')]\r\n            [String]$Type = \"All\",\r\n            [Parameter()]\r\n            [String[]]$ExcludedUsers,\r\n            [Parameter()]\r\n            [switch]$IncludeDefault\r\n        )\r\n\r\n        # Define patterns to match user SIDs based on the Type parameter\r\n        $Patterns = switch ($Type) {\r\n            \"AzureAD\" { \"S-1-12-1-(\\d+-?){4}$\" }\r\n            \"DomainAndLocal\" { \"S-1-5-21-(\\d+-?){4}$\" }\r\n            \"All\" { \"S-1-12-1-(\\d+-?){4}$\" ; \"S-1-5-21-(\\d+-?){4}$\" } \r\n        }\r\n\r\n        # Retrieve user profiles from the registry\r\n        $UserProfiles = Foreach ($Pattern in $Patterns) { \r\n            Get-ItemProperty \"HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList\\*\" |\r\n                Where-Object { $_.PSChildName -match $Pattern } | \r\n                Select-Object @{Name = \"SID\"; Expression = { $_.PSChildName } },\r\n                @{Name = \"Username\"; Expression = { \"$($_.ProfileImagePath | Split-Path -Leaf)\" } }, \r\n                @{Name = \"UserHive\"; Expression = { \"$($_.ProfileImagePath)\\NTuser.dat\" } }, \r\n                @{Name = \"Path\"; Expression = { $_.ProfileImagePath } },\r\n                @{Name = \"Size\"; Expression = { $(Get-ChildItem -Path $_.ProfileImagePath -Recurse -Force -ErrorAction SilentlyContinue | Measure-Object -Sum Length -ErrorAction SilentlyContinue | Select-Object -ExpandProperty Sum -ErrorAction SilentlyContinue) } }\r\n        }\r\n\r\n        # Include the default profile if specified\r\n        switch ($IncludeDefault) {\r\n            $True {\r\n                $DefaultProfile = \"\" | Select-Object Username, SID, UserHive, Path\r\n                $DefaultProfile.Username = \"Default\"\r\n                $DefaultProfile.SID = \"DefaultProfile\"\r\n                $DefaultProfile.Userhive = \"$env:SystemDrive\\Users\\Default\\NTUSER.DAT\"\r\n                $DefaultProfile.Path = \"C:\\Users\\Default\"\r\n\r\n                $DefaultProfile | Where-Object { $ExcludedUsers -notcontains $_.Username }\r\n            }\r\n        }\r\n\r\n        # Iterate over the user profiles to resolve user names from SIDs\r\n        $UserProfiles | ForEach-Object {\r\n            $SidObject = $Null\r\n            $NewUsername = $Null\r\n\r\n            # Convert SID to user name\r\n            if ($_.SID) {\r\n                try {\r\n                    $SidObject = New-Object System.Security.Principal.SecurityIdentifier($_.SID)\r\n                    $NewUsername = $SidObject.Translate([System.Security.Principal.NTAccount])\r\n                }\r\n                catch {\r\n                    $NewUsername = $Null\r\n                }\r\n            }\r\n\r\n            # Assign the resolved user name or \"UNKNOWN\" if resolution fails\r\n            if ($NewUsername.Value) {\r\n                $_.Username = $NewUsername.Value\r\n            }\r\n            else {\r\n                $_.Username = \"UNKNOWN\"\r\n            }\r\n        }\r\n\r\n        $UserProfiles | Where-Object { $ExcludedUsers -notcontains $_.Username }\r\n    }\r\n\r\n    function Set-NinjaProperty {\r\n        [CmdletBinding()]\r\n        Param(\r\n            [Parameter(Mandatory = $True)]\r\n            [String]$Name,\r\n            [Parameter()]\r\n            [String]$Type,\r\n            [Parameter(Mandatory = $True, ValueFromPipeline = $True)]\r\n            $Value,\r\n            [Parameter()]\r\n            [String]$DocumentName\r\n        )\r\n        \r\n        $Characters = $Value | Out-String | Measure-Object -Character | Select-Object -ExpandProperty Characters\r\n        if ($Characters -ge 200000) {\r\n            throw [System.ArgumentOutOfRangeException]::New(\"Character limit exceeded: the value is greater than or equal to 200,000 characters.\")\r\n        }\r\n            \r\n        # If requested to set the field value for a Ninja document, specify it here.\r\n        $DocumentationParams = @{}\r\n        if ($DocumentName) { $DocumentationParams[\"DocumentName\"] = $DocumentName }\r\n            \r\n        # This is a list of valid fields that can be set. If no type is specified, assume that the input does not need to be changed.\r\n        $ValidFields = \"Attachment\", \"Checkbox\", \"Date\", \"Date or Date Time\", \"Decimal\", \"Dropdown\", \"Email\", \"Integer\", \"IP Address\", \"MultiLine\", \"MultiSelect\", \"Phone\", \"Secure\", \"Text\", \"Time\", \"URL\", \"WYSIWYG\"\r\n        if ($Type -and $ValidFields -notcontains $Type) { Write-Warning \"$Type is an invalid type. Please check here for valid types: https:\/\/ninjarmm.zendesk.com\/hc\/en-us\/articles\/16973443979789-Command-Line-Interface-CLI-Supported-Fields-and-Functionality\" }\r\n            \r\n        # The field below requires additional information to set.\r\n        $NeedsOptions = \"Dropdown\"\r\n        if ($DocumentName) {\r\n            if ($NeedsOptions -contains $Type) {\r\n                # Redirect error output to the success stream to handle errors more easily if nothing is found or something else goes wrong.\r\n                $NinjaPropertyOptions = Ninja-Property-Docs-Options -AttributeName $Name @DocumentationParams 2>&1\r\n            }\r\n        }\r\n        else {\r\n            if ($NeedsOptions -contains $Type) {\r\n                $NinjaPropertyOptions = Ninja-Property-Options -Name $Name 2>&1\r\n            }\r\n        }\r\n            \r\n        # If an error is received with an exception property, exit the function with that error information.\r\n        if ($NinjaPropertyOptions.Exception) { throw $NinjaPropertyOptions }\r\n            \r\n        # The types below require values not typically given to be set. The code below will convert whatever we're given into a format ninjarmm-cli supports.\r\n        switch ($Type) {\r\n            \"Checkbox\" {\r\n                # Although it's highly likely we were given a value like \"True\" or a boolean data type, it's better to be safe than sorry.\r\n                $NinjaValue = [System.Convert]::ToBoolean($Value)\r\n            }\r\n            \"Date or Date Time\" {\r\n                # Ninjarmm-cli expects the GUID of the option to be selected. Therefore, match the given value with a GUID.\r\n                $Date = (Get-Date $Value).ToUniversalTime()\r\n                $TimeSpan = New-TimeSpan (Get-Date \"1970-01-01 00:00:00\") $Date\r\n                $NinjaValue = $TimeSpan.TotalSeconds\r\n            }\r\n            \"Dropdown\" {\r\n                # Ninjarmm-cli expects the GUID of the option we're trying to select, so match the value we were given with a GUID.\r\n                $Options = $NinjaPropertyOptions -replace '=', ',' | ConvertFrom-Csv -Header \"GUID\", \"Name\"\r\n                $Selection = $Options | Where-Object { $_.Name -eq $Value } | Select-Object -ExpandProperty GUID\r\n            \r\n                if (-not $Selection) {\r\n                    throw [System.ArgumentOutOfRangeException]::New(\"Value is not present in dropdown options.\")\r\n                }\r\n            \r\n                $NinjaValue = $Selection\r\n            }\r\n            default {\r\n                # All the other types shouldn't require additional work on the input.\r\n                $NinjaValue = $Value\r\n            }\r\n        }\r\n            \r\n        # Set the field differently depending on whether it's a field in a Ninja Document or not.\r\n        if ($DocumentName) {\r\n            $CustomField = Ninja-Property-Docs-Set -AttributeName $Name -AttributeValue $NinjaValue @DocumentationParams 2>&1\r\n        }\r\n        else {\r\n            $CustomField = $NinjaValue | Ninja-Property-Set-Piped -Name $Name 2>&1\r\n        }\r\n            \r\n        if ($CustomField.Exception) {\r\n            throw $CustomField\r\n        }\r\n    }\r\n\r\n    # Function to check if the computer is joined to a domain\r\n    function Test-IsDomainJoined {\r\n        if ($PSVersionTable.PSVersion.Major -lt 5) {\r\n            return $(Get-WmiObject -Class Win32_ComputerSystem).PartOfDomain\r\n        }\r\n        else {\r\n            return $(Get-CimInstance -Class Win32_ComputerSystem).PartOfDomain\r\n        }\r\n    }\r\n\r\n    # Function to check if the computer is a domain controller\r\n    function Test-IsDomainController {\r\n        $OS = if ($PSVersionTable.PSVersion.Major -lt 5) {\r\n            Get-WmiObject -Class Win32_OperatingSystem\r\n        }\r\n        else {\r\n            Get-CimInstance -ClassName Win32_OperatingSystem\r\n        }\r\n    \r\n        if ($OS.ProductType -eq \"2\") {\r\n            return $true\r\n        }\r\n    }\r\n\r\n    function Test-IsElevated {\r\n        $id = [System.Security.Principal.WindowsIdentity]::GetCurrent()\r\n        $p = New-Object System.Security.Principal.WindowsPrincipal($id)\r\n        $p.IsInRole([System.Security.Principal.WindowsBuiltInRole]::Administrator)\r\n    }\r\n\r\n    function Test-IsDomainReachable {\r\n        try {\r\n            $searcher = [adsisearcher]\"(&(objectCategory=computer)(name=$env:ComputerName))\"\r\n            $searcher.FindOne()\r\n        }\r\n        catch {\r\n            Write-Host -Object \"[Error] Failed to connect to the domain!\"\r\n            Write-Host -Object \"[Error] $($_.Exception.Message)\"\r\n            $False\r\n        }\r\n    }\r\n\r\n    if (!$ExitCode) {\r\n        $ExitCode = 0\r\n    }\r\n}\r\nprocess {\r\n    # Check if the script is running with elevated privileges\r\n    if (!(Test-IsElevated)) {\r\n        Write-Host -Object \"[Error] Access Denied. Please run with Administrator privileges.\"\r\n        exit 1\r\n    }\r\n\r\n    # Check if the computer is domain joined, can connect to the domain controller, and is not itself a domain controller\r\n    if ((Test-IsDomainJoined) -and !(Test-IsDomainReachable) -and !(Test-IsDomainController)) {\r\n        Write-Host -Object \"[Error] Unable to connect to the domain controller! The domain must be reachable to confirm which profiles are orphaned.\"\r\n        exit 1\r\n    }\r\n\r\n    # Initialize a list to hold user profiles\r\n    $UserProfiles = New-Object System.Collections.Generic.List[Object]\r\n    # Retrieve user hives and add them to the list of user profiles\r\n    try {\r\n        $UserHives = Get-UserHives -Type \"All\"\r\n    }\r\n    catch {\r\n        Write-Host -Object \"[Error] Failed to retrieve the user profile information from the registry!\"\r\n        Write-Host -Object \"$($_.Exception.Message)\"\r\n        exit 1\r\n    }\r\n\r\n    $UserHives | ForEach-Object {\r\n        if ((Test-IsDomainJoined) -and $_.Username -notmatch [Regex]::Escape(\"$env:ComputerName\") -and $_.Username -notmatch \"AzureAD\" -and $_.Username -ne \"UNKNOWN\") {\r\n            try {\r\n                $ADSIsearch = [adsisearcher]\"(objectSid=$($_.SID))\"\r\n                if (!($ADSIsearch.FindOne())) {\r\n                    $_.Username = \"UNKNOWN\"\r\n                }\r\n            }\r\n            catch {\r\n                Write-Host -Object \"[Error] Failed to connect to the domain to verify the account with the sid $($_.SID) is active.\"\r\n                Write-Host -Object \"[Error] $($_.Exception.Message)\"\r\n                exit 1\r\n            }\r\n        }\r\n\r\n        try {\r\n            $UserProfiles.Add(\r\n                [PSCustomObject]@{\r\n                    SID          = $_.SID\r\n                    Username     = $_.Username\r\n                    UserHive     = $_.UserHive\r\n                    Path         = $_.Path\r\n                    Size         = $_.Size\r\n                    FriendlySize = (Get-FriendlySize -Bytes $_.Size)\r\n                }\r\n            )\r\n        }\r\n        catch {\r\n            Write-Host -Object \"[Error] Failed to add the profile with the SID $($_.SID) to the profile list!\"\r\n            Write-Host -Object \"[Error] $($_.Exception.Message)\"\r\n            exit 1\r\n        }\r\n    }\r\n    \r\n    # Attempt to retrieve the user profiles directory from the registry (typically C:\\Users)\r\n    try {\r\n        $ProfilesDirectory = (Get-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList' -ErrorAction Stop).ProfilesDirectory\r\n    }\r\n    catch {\r\n        Write-Host -Object \"[Error] Unable to find the user profiles directory!\"\r\n        Write-Host -Object \"[Error] $($_.Exception.Message)\"\r\n        exit 1\r\n    }\r\n\r\n    # Attempt to get information about directories in the profiles directory that have not already been identified\/found\r\n    try {\r\n        $ProfilesDirectory | Get-ChildItem -Directory -Force -ErrorAction Stop | Where-Object { $DirectoriesToIgnore -notcontains $_.Name -and $UserProfiles.Path -notcontains $_.FullName } | ForEach-Object {\r\n            $FriendlySize = $Null\r\n            $Size = $Null\r\n            $Hive = $Null\r\n\r\n            # Check if the NTuser.dat file exists in the profile directory\r\n            if (Test-Path -Path \"$($_.FullName)\\NTuser.dat\" -ErrorAction SilentlyContinue) {\r\n                $Hive = \"$($_.FullName)\\NTuser.dat\"\r\n            }\r\n            else {\r\n                $Hive = \"UNKNOWN\"\r\n            }\r\n\r\n            # Calculate the size of the profile directory\r\n            $Size = $(Get-ChildItem -Path $_.FullName -Recurse -Force -ErrorAction SilentlyContinue | Measure-Object -Sum Length -ErrorAction SilentlyContinue | Select-Object -ExpandProperty Sum -ErrorAction SilentlyContinue)\r\n            if ($Size) {\r\n                $FriendlySize = Get-FriendlySize -Bytes $Size\r\n            }\r\n\r\n            # Add the profile information to the list of user profiles\r\n            $UserProfiles.Add(\r\n                [PSCustomObject]@{\r\n                    SID          = \"UNKNOWN\"\r\n                    Username     = \"UNKNOWN\"\r\n                    UserHive     = $Hive\r\n                    Path         = $_.FullName\r\n                    Size         = $Size\r\n                    FriendlySize = $FriendlySize\r\n                }\r\n            )\r\n        }\r\n    }\r\n    catch {\r\n        Write-Host -Object \"[Error] Unable to get all of the user profile information for $($_.FullName)!\"\r\n        Write-Host -Object \"[Error] $($_.Exception.Message)\"\r\n        exit 1\r\n    }\r\n\r\n    # Filter the list to find orphaned profiles (those with \"UNKNOWN\" as a username)\r\n    $OrphanedProfiles = $UserProfiles | Where-Object { $_.Username -eq \"UNKNOWN\" }\r\n\r\n    # If a custom field is specified, generate an HTML report and set the custom field\r\n    if ($CustomField) {\r\n        $HTMLreport = $UserProfiles | Sort-Object Size -Descending | Select-Object Username, @{Label = \"Size\"; Expression = { $_.FriendlySize } }, Path, SID | ConvertTo-Html -Fragment\r\n\r\n        # Highlight orphaned profiles in the HTML report\r\n        $HTMLreport = $HTMLreport | ForEach-Object {\r\n            $_ -replace '<tr><td>UNKNOWN<\/td>', '<tr class=\"danger\"><td>UNKNOWN<\/td>'\r\n        }\r\n\r\n        try {\r\n            Write-Host \"Attempting to set Custom Field '$CustomField'.\"\r\n            Set-NinjaProperty -Name $CustomField -Value $HTMLreport\r\n            Write-Host \"Successfully set Custom Field '$CustomField'!\"\r\n        }\r\n        catch {\r\n            Write-Host \"[Error] $($_.Exception.Message)\"\r\n            $ExitCode = 1\r\n        }\r\n\r\n        Write-Host \"\"\r\n    }\r\n    \r\n    # Display a message about orphaned profiles\r\n    if ($OrphanedProfiles) {\r\n        Write-Host -Object \"[Alert] Orphaned profiles found!\"\r\n        $OrphanedProfiles | Sort-Object Size -Descending | Format-Table Username, @{Label = \"Size\"; Expression = { $_.FriendlySize } }, Path, SID | Out-String | Write-Host\r\n    }\r\n    else {\r\n        Write-Host -Object \"No orphaned profiles found!\"\r\n    }\r\n\r\n    exit $ExitCode\r\n}\r\nend {\r\n    \r\n    \r\n    \r\n}<\/pre>\n
 <\/p>\n\n
Gagnez du temps avec plus de 300+ scripts du Dojo NinjaOne.<\/p>\n
\u2192 Obtenir l’acc\u00e8s<\/a><\/p>\n<\/div>\n
Description d\u00e9taill\u00e9e<\/h2>\n
Composants cl\u00e9s et flux de travail<\/h3>\n
1. Initialisation et param\u00e8tres<\/h4>\n
a. Le script commence par d\u00e9finir des param\u00e8tres tels que $DirectoriesToIgnore pour exclure des dossiers par d\u00e9faut sp\u00e9cifiques (par exemple, \u00ab\u00a0Public\u00a0\u00bb ou \u00ab\u00a0Default\u00a0\u00bb) et $CustomField, qui s’int\u00e8gre \u00e0 NinjaOne \u00e0 des fins de reporting.<\/p>\n
b. Une s\u00e9rie de fonctions d’aide telles que Test-IsDomainJoined et Get-FriendlySize pr\u00e9parent l’environnement en garantissant les privil\u00e8ges appropri\u00e9s et en formatant les r\u00e9sultats.<\/p>\n
2. D\u00e9couverte du profil<\/h3>\n
a. La fonctionnalit\u00e9 principale r\u00e9side dans Get-UserHives, qui interroge le registre Windows pour obtenir des informations sur le profil de l’utilisateur. Il r\u00e9cup\u00e8re des d\u00e9tails tels que le nom d’utilisateur, l’identifiant de s\u00e9curit\u00e9 (SID), le chemin d’acc\u00e8s au profil et la taille de chaque profil d’utilisateur.<\/p>\n
b. Les profils sont compar\u00e9s aux utilisateurs du domaine actif \u00e0 l’aide de leur SID. Tout profil qui ne correspond pas \u00e0 un utilisateur actif est marqu\u00e9 comme \u00ab\u00a0INCONNU\u00a0\u00bb<\/p>\n
3. G\u00e9n\u00e9ration de rapports<\/h3>\n
a. Le script compile tous les profils orphelins dans un rapport. Si un champ personnalis\u00e9 est sp\u00e9cifi\u00e9, il convertit les donn\u00e9es en un rapport HTML pour l’int\u00e9gration avec des outils externes comme NinjaOne.<\/p>\n
4. R\u00e9sultats et alertes<\/h3>\n
a. Si des profils orphelins sont trouv\u00e9s, un tableau format\u00e9 s’affiche, indiquant les noms d’utilisateur, les tailles de profil, les chemins d’acc\u00e8s et les SID.<\/p>\n
b. S’il n’existe aucun profil orphelin, le script l’indique.<\/p>\n
Cas d’utilisation potentiels<\/h2>\n
\u00c9tude de cas\u00a0: Nettoyer un r\u00e9seau d’entreprise<\/h3>\n
Imaginez un MSP charg\u00e9 de g\u00e9rer une entreprise de 500 employ\u00e9s. Au fil des ans, plusieurs comptes sont d\u00e9sactiv\u00e9s lorsque les employ\u00e9s quittent l’entreprise, mais leurs profils sont conserv\u00e9s. Gr\u00e2ce \u00e0 ce script, l’\u00e9quipe informatique peut\u00a0:<\/p>\n