JSI Tip 7816. How do I cause the User Profile Hive Cleanup Service (UPHClean) to log when it finds resources that won't otherwise close?

Jerold Schulman

March 8, 2004

2 Min Read
ITPro Today logo in a gray background | ITPro Today


In tip 7815 - Some user profiles will not unload, I described the UPHClean Service.

I have scripted UPHClean_App_Log.bat to cause the UPHClean Service, on every computer in your domain, to log when it had to free resources. After running UPHClean_App_Log.bat, the Application event log will contain Event ID 1201 with Source UPHClean, when resources were locked. The event would be similar to:

Event Type:Information
Event Source:UPHClean
Event Category:None
Event ID:1201
Date:MM/DD/YYYY
Time:HH:MM:SS
User:
Computer:
Description:
The following handles in user profile hive () have been closed because they were preventing the profile from unloading successfully:

winlogon.exe (844)
HKCU (0x744)
call stack data collection not enabled for this process
svchost.exe (1108)
HKCU (0x334)
call stack data collection not enabled for this process
InoRT.exe (1828) HKCUSoftwareClasses (0x274)
call stack data collection not enabled for this processFor more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

NOTE: See How do I cause the User Profile Hive Cleanup Service (UPHClean) to NOT force resources to close?

The syntax for using UPHClean_App_Log.bat is:

UPHClean_App_Log

NOTE: The output is displayed on the CMD console, but you can pipe it to a file using the following syntax:

UPHClean_App_Log>FileName

NOTE: UPHClean_App_Log.bat uses REG.EXE and NETDOM.EXE built into Windows XP and Windows Server 2003, or from the Windows 2000 Support Tools.

UPHClean_App_Log.bat contains:

@echo offsetlocalset netdm=netdom query /domain:%userdnsdomain%for /f "Skip=1 Tokens=*" %%c in ('%netdm% dc^|find /v /i "The command completed successfully."') do ( set cmp=%%c call :doit)for /f "Skip=1 Tokens=*" %%c in ('%netdm% server^|find /v /i "The command completed successfully."') do ( set cmp=%%c call :doit)for /f "Skip=1 Tokens=*" %%c in ('%netdm% workstation^|find /v /i "The command completed successfully."') do ( set cmp=%%c call :doit)endlocal@echo **********************exit /b 0:doitset work=%cmp:     ( Workstation or Server )=%if "%work%" NEQ "%cmp%" set cmp=%work%#set cmp=%cmp: #=%set cmp=%cmp:#=%@echo **********************@echo.@echo Process %cmp%REG ADD \%cmp%HKLMSYSTEMCurrentControlSetServicesUPHCleanParameters /v CALLSTACK_LOG /t REG_DWORD /d 00000001 /f@echo.



Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like