14 DAY TRIAL // In most of the cases, home users have configured one, maybe two, user accounts for their computers, and this makes perfect sense given they are the only ones who use these devices.
In the enterprise, however, this is something rather unusual, especially in the case of shared computers where several users work on the same system with different rights.
IT pros typically configure these computers depending on the tasks a certain employee has to do, so creating user accounts for each of them guarantees data privacy and, at the same time, system stability by not allowing access to critical parts of the OS.
Managing a Windows 10 system with several user accounts can be quite a challenge, especially when new ones are added regularly. And needless to say, the more accounts are being created, the bigger the impact can be on system stability, and this is why it’s important to always remove accounts that aren’t being used.
Obviously doing this on tens of computers within a network isn’t something that IT pros are usually super-excited about, but fortunately, Windows 10 comes with special tools that can help with this.
I’m talking about a dedicated policy that exists on Windows 10 Pro and Windows 10 Enterprise and which makes it possible to automatically delete user accounts that haven’t been accessed in a longer period of time.
What’s more, this policy allows you to configure how old these accounts have to be before being removed, and without a doubt, this is the feature that most IT pros are interested in.
In order to reach this policy, you need to launch the Group Policy Editor with an administrator account. In the Start menu, type gpedit.msc and then navigate to the following location:
Computer Configuration > Administrative Templates > System > User Profiles
The policy that we’re going to use is located on the right side of the screen and it is called:
Delete user profiles older than a specified number of days on system restart
While its name is pretty self-explanatory, the description of the policy provides a few more details on its purpose and how it works:
“This policy setting allows an administrator to automatically delete user profiles on system restart that have not been used within a specified number of days. Note: One day is interpreted as 24 hours after a specific user profile was accessed.”
By default, this policy is obviously Not Configured, so you need to double-click it to change its status. Click the Enabled option and then in the Options box, select the number of days that you want Windows to perform the check and delete the older accounts.
You can choose any number of days between 1 and 99,999, though you’re recommended to stick with 30, 60, or 90 days. Therefore, accounts older than one, two, or three months would be automatically removed from the system.
Needless to say, if you just want to return to the previous configuration and allow all accounts to be retained on the system, you can just disable the policy or switch it back to not configured.
The older user profiles are deleted when the system is rebooted, so if you’re trying to set this policy on a computer that stays on all the time, remember that no changes would be made without a restart. However, given that you’re supposed to reboot the system at least once every month when you install security updates, that shouldn’t be a problem.
This trick works on all Windows 10 versions, including the recently-released October 2018 Update, and the policy will also be retained in 19H1.