Cleanmgr for SCCM client not for Update Cleanup

Michels12345 1 Reputation point
2020-11-17T17:06:27.847+00:00

Have you tried using the cleanmgr in a SCCM package for clients?

Why is there a difference when this is run by the user from Software Center and when this is run as administrator by me in the same computer ?

Here is my script :

#Requires -RunAsAdministrator  
  
$SageSet = "StateFlags0010"  
$Base = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\"  
  
$Locations= @(  
    "Active Setup Temp Folders"  
    "BranchCache"  
    "D3D Shader Cache"  
    "Delivery Optimization Files"  
    "Diagnostic Data Viewer database files"  
    "Downloaded Program Files"  
    "Feedback Hub Archive log files"  
    "GameNewsFiles"  
    "GameStatisticsFiles"  
    "GameUpdateFiles"  
    "Internet Cache Files"  
    "Language Pack"  
    "Memory Dump Files"  
    "Offline Pages Files"  
    "Old ChkDsk Files"  
    "Previous Installations"  
    "Recycle Bin"  
    "RetailDemo Offline Content"  
    "Service Pack Cleanup"  
    "Setup Log Files"  
    "System error memory dump files"  
    "System error minidump files"  
    "Temporary Files"  
    "Temporary Setup Files"  
    "Temporary Sync Files"  
    "Thumbnail Cache"  
    "Update Cleanup"  
    "Upgrade Discarded Files"  
    "User file versions"  
    "Windows Defender"  
    "Windows Error Reporting Archive Files"  
    "Windows Error Reporting Files"  
    "Windows Error Reporting Queue Files"  
    "Windows Error Reporting System Archive Files"  
    "Windows Error Reporting System Queue Files"  
    "Windows ESD installation files"  
    "Windows Upgrade Log Files"  
  
)  
# Create the Stateflags  
  
ForEach($Location in $Locations) {  
      
    $MyTestPath = Test-Path ($base+$Location)  
    if($MyTestPath) {  
     
        Set-ItemProperty -Path $($Base+$Location) -Name $SageSet -Type DWORD -Value 2  
        # Write-host $Location -ForegroundColor Green   
    }else {  
        # Write-host $Location -ForegroundColor Magenta  
    }  
}  
  
# Do the cleanup . have to convert the SageSet number  
$Args = "/sagerun:$([string]([int]$SageSet.Substring($SageSet.Length-4)))"  
Start-Process -Wait "$env:SystemRoot\System32\cleanmgr.exe" -ArgumentList $Args -WindowStyle Normal  
  
# Remove the Stateflags  
$n_true = 0  
$n_false = 0  
ForEach($Location in $Locations)  
{  
    $MyTestPath = Test-Path ($base+$Location)  
    if($MyTestPath) {  
     
        Remove-ItemProperty -Path $($Base+$Location) -Name $SageSet -Force #   
        Write-host $Location -ForegroundColor Green  
        $n_true = $n_true + 1  
    }else {  
        Write-host $Location -ForegroundColor Magenta  
        $n_false = $n_false + 1   
    }  
}  
  
Write-host "number of cleanup action done : $n_true"  -ForegroundColor Green   
Write-host "number of cleanup action skiped : $n_false"  -ForegroundColor Magenta  
  
  
Start-Sleep -Seconds 10  

As you can see 1st print screen Update Cleanup was skipped

and manual run as admin not

40339-screen.png

Where is the problem ?

Microsoft Configuration Manager
0 comments No comments
{count} votes

4 answers

Sort by: Most helpful
  1. Garth Jones 2,076 Reputation points
    2020-11-17T17:34:55.927+00:00

    Because they use two different accounts. ConfigMgr use the local system account. you can test your script this way. https://www.enhansoft.com/how-to-access-the-local-system-account/


  2. Garth Jones 2,076 Reputation points
    2020-11-18T13:30:57.653+00:00

    I'm not seeing a difference on my computer as me or local system account. If I had to guess it would be a profile issue. aka local system account generally don't have office installed.

    0 comments No comments

  3. Michels12345 1 Reputation point
    2020-11-23T15:28:23.12+00:00

    Most probably nt authority\system have no rights to do this task !
    Only used administrator can do this action

    0 comments No comments

  4. Fiona Yan-MSFT 2,311 Reputation points
    2020-11-25T08:29:34.253+00:00

    @Michels12345

    I have reviewed the case again and i also have run the PsExec in my lab and i got the "true" result.Also,the account we could see in my lab is nt authority\system.Could we run the script in another machine again if we are convenient?

    42666-filter-the-available-value.png
    Have a nice day!


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.