Delete temp files on logout with GPO

Question

I know the title can pretty much be summed up with Disk Cleanup. I have looked at deploying DiskCleanup with GPO through script and powershell(what little I know), as well as Task Scheduler but on logout/restart/shutdown DiskCleanup never runs or does anything. Temp files and Windows Update files continue to stay where they are at.

I have attempted to attach a script to logout that I believe runs, but never deletes anything as well. All it does is extend the logout period by 5 minutes. Quite mind blowing.

@echo off
del /s /f /q "%userprofile%\AppData\Local\Temp\*"

I haven't fleshed everything out that needs to be removed, but any thoughts or ideas would be greatly appreciated. Disk Cleanup doesn't need to be run all the time either, just once a week since we keep our machines as up to date as possible in regards to security measures. I attempted the script, because I also thought it would be more quick than an application running. I also need to deploy a solution to about 150 machines.

Thanks,

Answer 1

I suggest to use a batch file with following lines:

@echo off
rem Delete all files and subfolders in directory for temporary files
rem of current user account, but keep the directory itself. Temporary
rem files and subdirectories currently in use are silently ignored.
del /F /Q "%TEMP%\*" 2>nul
for /D %%D in ("%TEMP%\*") do rd /Q /S "%%~D" 2>nul

rem Do the same as above for system temporary files directory.
rem This cleanup requires administrator privileges.
del /F /Q "%windir%\Temp\*" 2>nul
for /D %%D in ("%windir%\Temp\*") do rd /Q /S "%%~D" 2>nul

But this batch file should not be executed on log off or shutdown.

Many installers of applications decompress itself into a subdirectory of the temporary files directory to install or update an application. If the application is already installed and one or more files can't be updated because currently in use, for example a shell extension DLL, the installer keeps the file in temporary files directory and adds a pending rename to Windows registry for replacing the file in use by the file in temporary files directory using a move operation. This pending rename (move) operation is performed by Windows on next reboot.

Therefore deleting all files and subdirectories during a log off or shutdown is not advisable as it can result in only partly updated applications.

Windows disk cleanup deletes by default only files and folders older than 7 days (if that has not changed since Windows XP) in "hope" that the user has rebooted Windows within the last 7 days at least once. (I doubt that this is done by users with Windows 8, 8.1 and 10 as the default on those Windows is hibernate and not shutdown on pressing power button.)

So it is a little bit better to run this batch file after log in, best before most applications start. However, temporary files and folders currently used by already started processes are skipped by DEL and RD . Best would be to check in batch file if a pending rename operation is set in Windows registry and make the cleanup only if no pending rename operation is defined at the moment.

Note:

Using just rd /Q /S "%TEMP%" is no good idea in my experience as this command deletes also the temporary files directory itself. That should be never done, not even temporarily. Recreating the directory after a successful complete deletion is no good workaround as then the NTFS permissions could be different as before.

Answer 2

I ran into this once and created a bat file and dropped it into the users startup folder so it clears it out every startup. This doesn't answer your GPO question though. The script looks for all temp directories. Remove the @pause at the end to not see the results.

@echo off

echo.
rem  ****************************************************************
rem  *** This file will clean a users temp directories            ***
rem  ****************************************************************
echo.
echo ********************************************
echo     Starting Search For temp Directories
echo ********************************************
echo.


cd %temp%
rd /S /Q %temp%
echo Cleaned out %temp% Directory
echo.
echo.


IF EXIST c:\Temp GOTO rootTemp
echo c:\Temp Not Found
echo.
echo.


:nextTemp
IF EXIST c:\windows\Temp GOTO winTemp
echo c:\windows\Temp Not Found
GOTO endTemp


:rootTemp
cd c:\Temp
rd /S /Q c:\temp

echo Cleaned out c:\Temp Directory
echo.
echo.
GOTO nextTemp



:winTemp
cd c:\windows\Temp
rd /S /Q c:\windows\temp
echo Cleaned out c:\windows\Temp

GOTO endTemp




:endTemp

echo.
echo ********************************************
echo       End Clean up of Temp Directories     
echo ********************************************
echo.
@pause