We are still working on a migration for a LOT of users from a local infrastructure to solely working in the cloud. As part of that we have to move their roaming profiles in the cloud as well (why oh why did the previous MSP recommend roaming profiles… ;o( …). Anyways, so we moved the data via VPN and robocopy on the data server in AWS, however we still have to re-point the roaming profile path in AD. Sure enough there is no (or none that I found of anyways) way to easily re-point the TSProfilePath.

So I wrote a little script. I first got the SAMAccountName from all the users with a roaming profile and put them in a list.

Then went trough the list and updated the ADSI value for the TerminalServicesProfilePath value for each user in the list.


Here’s a quick break down:

dsquery computer –inactive 8 –limit 1000
This line searches the AD for computers that have not logged in for 8 weeks or more. By default the dsquery will only look for 100 objects so we need to raise the limit.

$comp -replace ‘”‘, ”

Here we are cutting the “ character that dsquery hands the objects names over with. These are located at the start and end.

Disable-ADObject and Move-ADObject are self explanatory.
Note they do have –whatif switches that will help if you want to see whats going to happen.
Append -whatif to the end of the command.