Categories: Windows 11 & Windows 10Windows Server

SOLVED: How To Automatically Delete Files Over X Days Old

We had a client who needed to delete their aged IIS log files without human intervention. To do this requires two steps:

1 – Script To Delete Files Older Than X Days

In the example below we are deleting from C:\inetpub\logs\LogFiles\W3SVC1 that have not been modified for more than 90 days:

ForFiles /p C:\inetpub\logs\LogFiles\W3SVC1 /s /d -90 /c "cmd /c del @file"

Note that you may need to put single or double quotes around your path but as you can see we did not.

/P = the path
/S = include subfolders
/D = MODIFIED Date (i.e. not necessarily creation date)
-90 = take 90 days off the Modified Date to include it in this filter

You can obviously adjust this to fit your requirements.

2 – How To Schedule A Task To Run When Any User Logs On

We wanted to avoid having to create a new local or domain user to run this script under because it is just one more account to reset the password on and just one more increase in the attack surface area. So we decided to have it run any time ANYONE logs on to that server and there are a couple of small quirks to make this work:

CLICK TO EXPAND GRAPHICS
  1. Launch the TASK SCHEDULER
  2. Right click on TASK SCHEDULER LIBRARY and select CREATE TASK
  3. On the GENERAL tab:
    • Type a NAME
    • Click CHANGE USER OR GROUPS button
      • Type USERS and click OK
  4. On the TRIGGERS tab click the NEW button
    • Change the BEGIN THE TASK drop down to AT LOG ON
    • Ensure SETTINGS are at ANY USER
    • Click OK
  5. On the ACTIONS tab click the NEW button
    • Set the ACTIONS drop down to START A PROGRAM
    • type FORFILES in the PROGRAM/SCRIPT field
    • type the rest of your ForFiles delete command in the ADD ARGUMENTS field
      • In our case that is:
        /p C:\inetpub\logs\LogFiles\W3SVC1 /s /d -90 /c "cmd /c del @file"
  6. Click OK and have a nice day
    • Actually, you should log off then log back in to confirm the script is working
    • If it works TASK SCHEDULER will show the LAST RUN RESULT as THIS OPERATION COMPLETED SUCCESSFULLY (0x0)
      • Any other description means you have a problem to fix
Leave a Comment
Published by
Ian Matthews
12 months ago

This website uses cookies.