Remove accounts used by other applications in Windows 10 by CMD/Powershell script or deleting registers

Claudio Torres 1 Reputation point
2022-01-25T17:28:15.26+00:00

Hi there!

So we're developing an application that works as a background service on Windows in case someone steal your laptop or PC. In order to protect personal information, we need to "remotely" and without the theft intervention, delete those accounts because the theft could be using them (even if he/she doesnt know the password or any of those).

Is there a way to do it by CMD/Powershell script or deleting registers? Please, I have been looking for that everywhere, but for the love of God I could not find anything.

Thank you in advice!

Cheers!

Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,838 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Philippe Levesque 5,711 Reputation points
    2022-01-25T18:43:20.617+00:00

    Hi

    Do you plan to remove the user data ? as a local thief can recover the file easily if the hard drive is not encrypted. I would suggest to make that part too.

    For the account removing itself you can use powershell, Remove-LocalUser -Name "account_to_remove" (https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.localaccounts/remove-localuser?view=powershell-5.1)

    or net user "account to remove" /delete

    1 person found this answer helpful.

  2. Limitless Technology 39,511 Reputation points
    2022-02-01T19:28:22.513+00:00

    Hi there,

    If the user is in the Active directory you can use Remove-ADUser.The Remove-ADUser cmdlet removes an Active Directory user.

    The Identity parameter specifies the Active Directory user to remove. You can identify a user by its distinguished name (DN), GUID, security identifier (SID), or Security Account Manager (SAM) account name. You can also set the Identity parameter to a user object variable, such as $<localUserObject>, or you can pass a user object through the pipeline to the Identity parameter. For example, you can use the Get-ADUser cmdlet to retrieve a user object and then pass the object through the pipeline to the Remove-ADUser cmdlet.

    Hope this resolves your Query!!


    --If the reply is helpful, please Upvote and Accept it as an answer--

    0 comments No comments