To install the script on a server, you run install.ps1
.
There are a few things to be vary about before running it:
- Run the script from the directory its in, together with
cleanup.ps1
,createCredentials.ps1
andnewServer.ps1
- Run the script as the user you want/that has permission to delete folders.
When the script is ran as is, it will ask for a few parameters before it installs the script.
Required
sharePath- A path for where the cleanup script will look for folders to delete.
Required
aUser- This is the API user used to authenticate when requesting from the API
Required
aPass- This is the secret for the API.
Required
apiURL- The URL for the API, this is used together with the final script.
- Optinonal localPath
- If you want the script to be installed in another location rather than
C:\Cleanup
you can set this to the path you want.
- If you want the script to be installed in another location rather than
The script will create a scehduled task on the server its installed on, the settings for this can be changed beforehand, but you can only do this from the script.
$trigger = New-ScheduledTaskTrigger -Daily -At '01:00'
$settings = New-ScheduledTaskSettingsSet -ExecutionTimeLimit (New-TimeSpan -Hours 1)
Register-ScheduledTask `
-TaskName "cleanup" `
-InputObject $task `
-User "NT AUTHORITY\SYSTEM" `
-RunLevel 'Highest' `
-Force `
-ErrorAction Stop `
-ErrorVariable taskerror
Change any of these to fit your needs.
When ran, the script will create a folder in the $localPath
location, this is C:\Cleanup
by default. If the folder exists it will skip to it and check if the cleanup script exists. Then copy the script from the current working directory to the new direcotry. The script will also create a config file based on the parameters you give it. This file includes the URL and the share path.
Then it will create the credential file needed for doing API requests, this is installed together with the cleanup.ps1
script. The file is named in this way: Credentials_USERNAME_COMPUTERNAME.xml
. This is because of the way powershell creates and stores securestrings, this way you know what user created the creadential on which server.
After this the first API call will be made to add the server to the serverlist. Be sure that the port used for the api is open between the server and the API.
Then it will create the scheduled task for the cleanup script. The task is setup with these defaults:
- ExecutionPolicy Bypass (when running script).
- Trigger Daily at 01:00.
- Execution time will not exceed 1 hour.
- Ran by user NT AUTHORITY\SYSTEM with highest priviledges
cleanup.ps1
- This is the script that will be ran by the task, this script does an API call to fetch all flagged users, then deletes the folders based on the username. After all folders for that user is deleted, it sends a DELETE request to the API.
createCredentials.ps1
- This is pretty much what its named, it will take the credentials provided when installing and create a credential file based on that. It will name the file with the username and the computername of which it was ran.
- Example:
Credentials_user1_server01.xml
- Example:
- This is pretty much what its named, it will take the credentials provided when installing and create a credential file based on that. It will name the file with the username and the computername of which it was ran.
install.ps1
- This file is described above.
newServer.ps1
- This script adds a server to the API by POST-ing the environment computername. It uses the credentials made during the install.
The last part is setting up a new eventlog, this eventlog is called "Cleanup" and only got one source (Cleanup script)