我们公司的一个会议室里有一台装有 Windows 10 和 Office365 套件的公用计算机。在这台计算机上,人们将登录他们的公司帐户,因此办公软件是经过授权的。有些人离开时不会注销。他们只是关闭计算机。如果下一个用户现在启动其中一个办公程序,则最后一个用户将登录。
为了防止这种情况,我尝试编写一个删除缓存凭据的 powershell 脚本。
对于 Microsoft-Teams,如果发现一个非常有效的脚本。
#Stop Teams process
Get-Process -ProcessName Teams -ErrorAction SilentlyContinue | Stop-Process -Force
Start-Sleep -Seconds 3
Write-Host "Teams Process Sucessfully Stopped"
#Clear Team Cache
try{
Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\blob_storage" | Remove-Item -Recurse -ErrorAction SilentlyContinue
Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\databases" | Remove-Item -Recurse -ErrorAction SilentlyContinue
Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\cache" | Remove-Item -Recurse -ErrorAction SilentlyContinue
Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\gpucache" | Remove-Item -Recurse -ErrorAction SilentlyContinue
Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\Indexeddb" | Remove-Item -Recurse -ErrorAction SilentlyContinue
Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\Local Storage" | Remove-Item -Recurse -ErrorAction SilentlyContinue
Get-ChildItem -Path $env:APPDATA\"Microsoft\teams\tmp" | Remove-Item -Recurse -ErrorAction SilentlyContinue
Write-Host "Teams Cache Cleaned"
}catch{
echo $_
}
#Remove Credential from Credential manager
$credential = cmdkey /list | ForEach-Object{if($_ -like "*Target:*" -and $_ -like "*msteams*"){cmdkey /del:($_ -replace " ","" -replace "Target:","")}}
#Remove Reg.Key
$Regkeypath= "HKCU:\Software\Microsoft\Office\Teams"
$value = (Get-ItemProperty $Regkeypath).HomeUserUpn -eq $null
If ($value -eq $False)
{
Remove-ItemProperty -Path "HKCU:\Software\Microsoft\Office\Teams" -Name "HomeUserUpn"
Write-Host "The registry value Sucessfully removed"
}
Else { Write-Host "The registry value does not exist"}
#Get Desktop-config.json
$TeamsFolders = "$env:APPDATA\Microsoft\teams"
try{
$SourceDesktopConfigFile = "$TeamsFolders\desktop-config.json"
$desktopConfig = (Get-Content -Path $SourceDesktopConfigFile | ConvertFrom-Json)
}
catch{ Write-Host "Failed to open Desktop-config.json" }
#Overwrite the desktop-config.json
Write-Host "Modify desktop-Config.Json"
try{
$desktopConfig.isLoggedOut = $true
$desktopConfig.upnWindowUserUpn =""; #The email used to sign in
$desktopConfig.userUpn ="";
$desktopConfig.userOid ="";
$desktopConfig.userTid = "";
$desktopConfig.homeTenantId ="";
$desktopConfig.webAccountId="";
$desktopConfig | ConvertTo-Json -Compress | Set-Content -Path $SourceDesktopConfigFile -Force
}
catch{ Write-Host "Failed to overwrite desktop-config.json" }
Write-Host "Modify desktop-Config.Json - Finished"
#Delete the Cookies file. This is a fix for when the joining as anonymous, and prevents the last used guest name from being reused.
Get-ChildItem "$TeamsFolders\Cookies" | Remove-Item
#Lastly delete the storage.json, this corrects some error that MSTeams otherwise would have when logging in again.
Get-ChildItem "$TeamsFolders\storage.json" | Remove-Item
#Try to remove the Link School/Work account if there was one. It can be created if the first time you sign in, the user all
$LocalPackagesFolder ="$env:LOCALAPPDATA\Packages"
$AADBrokerFolder = Get-ChildItem -Path $LocalPackagesFolder -Recurse -Include "Microsoft.AAD.BrokerPlugin_*";
$AADBrokerFolder = $AADBrokerFolder[0];
Get-ChildItem "$AADBrokerFolder\AC\TokenBroker\Accounts" | Remove-Item -Recurse -Force
我已经知道 Office365 将凭据保存在这些注册表项中
Computer\HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Identity
但如果我再次启动一些办公程序,自动登录只需要几秒钟。所以我想问一下其他地方,office365 可以缓存/保存凭据。
答案1
这个脚本可能会有帮助:
Import-Module MSOnline
$cred = Get-Credential
Connect-MsolService -Credential $cred
Connect-SPOService -Url <add you office365 SPO admin url here> -Credential $cred
# To get all enabled users
$users = Get-MsolUser -EnabledFilter EnabledOnly -All
# To get all the users
#$users = Get-MsolUser;
foreach ($user in $users) {
Revoke-SPOUserSession -user $user.UserPrincipalName -Confirm:$false
}
可以在文章中找到更复杂的脚本 退出 Microsoft Office 桌面应用程序。