As many of you might be aware, the Citrix StoreFront authentication service provides an option for users to change their passwords when they expire. By default, this option is disabled when the authentication service is created, which prevents users from changing their passwords even if the passwords have expired.

If you decide to enable this option in Citrix Receiver for Web, keep in mind that StoreFront creates a local user profile to check whether a user’s password is about to expire. Hence, sufficient disk space is required on the local disk of the StoreFront servers.

Check our documentation for more information regarding configuration of the StoreFront authentication service.

To free the space used by local profiles on the local disk of the StoreFront servers, I have created a script that can be used to check local profile folders and delete them. The script will query the user profile parent folder and try to delete user profiles that are not in use. Further, you can specify special user profile folders that should not be deleted.

Note: The Win32 class that I use to query the profile folders won’t touch “All Users” and “Default,” so you do not need to specify these within the account list of profiles not to delete. Other profiles like the Administrator profiles need to be specified.

Run the script as a scheduled task to delete those local profiles periodically.

Note: I am a big fan of centralized configuration. Hence, I recommend utilizing Group Policies to configure the clean-up. To deploy the script to the StoreFront servers, I prefer Group Policy Preferences (GPP). This ensures that each server downloads the current version of the script from a central share. The task scheduler is configured through GPP as well, to allow easy modification. Therefore, the script can run as local system to support Group Policy Preferences for scheduled task management without specifying a password. Microsoft removed this functionality for security reasons.

You can find an example how to configure the GPP in my blog covering staggered reboots for FMA Server OS VDAs.

The script can be downloaded here.

Until next time!

Robert Woelfer
Principal Consultant | Citrix Consulting Central and Eastern Europe

PS: to satisfy the legal guys …
Disclaimer Notice
This software / sample code is provided to you “AS IS” with no representations, warranties or conditions of any kind. You may use, modify and distribute it at your own risk. CITRIX DISCLAIMS ALL WARRANTIES WHATSOEVER, EXPRESS, IMPLIED, WRITTEN, ORAL OR STATUTORY, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NONINFRINGEMENT.
Without limiting the generality of the foregoing, you acknowledge and agree that (a) the software / sample code may exhibit errors, design flaws or other problems, possibly resulting in loss of data or damage to property; (b) it may not be possible to make the software / sample code fully functional; and (c) Citrix may, without notice or liability to you, cease to make available the current version and/or any future versions of the software / sample code. In no event should the software / code be used to support of ultra-hazardous activities, including but not limited to life support or blasting activities.
NEITHER CITRIX NOR ITS AFFILIATES OR AGENTS WILL BE LIABLE, UNDER BREACH OF CONTRACT OR ANY OTHER THEORY OF LIABILITY, FOR ANY DAMAGES WHATSOEVER ARISING FROM USE OF THE SOFTWARE / SAMPLE CODE, INCLUDING WITHOUT LIMITATION DIRECT, SPECIAL, INCIDENTAL, PUNITIVE, CONSEQUENTIAL OR OTHER DAMAGES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Although the copyright in the software / code belongs to Citrix, any distribution of the code should include only your own standard copyright attribution, and not that of Citrix. You agree to indemnify and defend Citrix against any and all claims arising from your use, modification ora distribution of the code.

Chromebook Banner 1