Deleting a Cookie via group policy

I was tasked with an issue with our Intranet which caused users to see old links on the site. After investigations it appeared that the links were being stored locally in a cookie and once deleted allows the new links to cache into a new cookie.

This is all very easy to accomplish on a user by user basis, but we have 600+ computers which needed that same fix. An easy option for this could have been to delete all cookies and temporary internet files but for some users they rely on websites retaining usernames.

The Solution!

As I wanted to target a specific cookie to delete the only solution I could think of was to use a script, and as I can follow visual basic this was my choice of language.

My idea was to design the script to:

  1. Scan the users profile for the cookie
  2. Delete the cookie
  3. Log the Fact the script had run and therefore not run again for that user.

This process is quite simple, but in reality I actually found it difficult to find and delete the correct cookie!

If you look in your Temporary Internet files you will see your cookies as follows:

Image

If you look locally under your appdata directory you will see the cookies as follows:

Image

 

Both those cookies files, even though in different directories are actually the same cookie. You can prove this by opening a cookie from the Temp Internet files and click “save as” which will take you back to the Roaming\Microsoft\Windows\Cookies folder.

Within those txt files is a seemingly random code which also generally contains the URL of the website in plain text.

Image

So now I have a way of determining which cookie file is used on which website. Therefore my plain now becomes:

  1. Find the location of the cookies
  2. Open and find all cookies with a specified URL string
  3. Delete the cookie
  4. Repeat for all cookies for all users
  5. Log the fact the script had run and therefore not run again for that user.

The script

The final script I created does a few things:

  1. Works out if its an XP or Windows 7 machine and therefore scans all appropriate user directories.
  2. Opens each cookie in those folders
  3. If the cookie has the URL then the file is deleted
  4. A log file is created on the C: drive showing the total number of cookies deleted.
  5. If script is run again the log file is detected and the script is skipped.

Due to the way the script is designed this is run as a computer startup script.

‘Script which will delete the intranet cookie from a users profile when run.
‘A log file is created under the C:\ which will show how many cookies were removed

Option Explicit

Const CookieName = “PUT YOUR URL HERE
Const ForAppending = 8
Const HKLM = &H80000002
Const EnableLogging = true
Const LogFile = “C:\DeleteIeCookiesv2.log”

‘This can be used to once run the script once per computer.
if runonce (LogFile) then Wscript.Quit

‘ Basic objects
Dim oReg, oShell, oFSO, iCountFiles
Set oReg = GetObject(“winmgmts:\\.\root\default:StdRegProv”)
Set oShell = CreateObject(“WScript.Shell”)
Set oFSO = CreateObject (“Scripting.FileSystemObject”)
iCountFiles = 0

‘ Get user folder location for Vista/7 vs. XP
Dim sOS
If oFSO.FolderExists (“C:\Users”) Then
sOS = “win7”
Else
sOS = “xp”
End If

‘==========================================================================
‘ Begin log file entries
‘==========================================================================
If EnableLogging = True Then
Dim oVersionLog
If Not oFSO.FileExists(LogFile) Then
oFSO.CreateTextFile LogFile
End If
Set oVersionLog = oFSO.OpenTextFile (LogFile, ForAppending, True)

oVersionLog.WriteLine “Delete intranet cookies”
oVersionLog.WriteLine ” => Began at ” & Date & ” ” & Time
End If
‘==========================================================================

‘ Get list of folders in C:\Users
Dim oUserFolders, oFolder, colFiles, oUserCookieFolder, oFile
If sOS = “win7” Then
Set oUserFolders = oFSO.GetFolder(“C:\Users”)
Else
Set oUserFolders = oFSO.GetFolder(“C:\Documents and Settings”)
End If

For Each oFolder In oUserFolders.subfolders
If sOS = “win7” Then
DeleteFile (“C:\Users\” & oFolder.name & “\AppData\Roaming\Microsoft\Windows\Cookies”)
DeleteFile (“C:\Users\” & oFolder.name & “\AppData\Roaming\Microsoft\Windows\Cookies\Low”)
Else
DeleteFile (“C:\Documents and Settings\” & oFolder.name & “\Cookies”)
DeleteFile (“C:\Documents and Settings\” & oFolder.name & “\Local Settings\Temporary Internet Files”)
End If
Next

‘ End logging
If EnableLogging = True Then
oVersionLog.WriteLine ” => Total number of deleted cookies: ” & iCountFiles
oVersionLog.WriteLine ” => Completed at ” & Date & ” ” & Time
oVersionLog.Close
End If

WScript.Quit

Sub DeleteFile (sFolderPath)
If oFSO.FolderExists (sFolderPath) Then
Set oUserCookieFolder = oFSO.GetFolder(sFolderPath)
Set colFiles = oUserCookieFolder.Files
For Each oFile In colFiles
If InStr (ReadFileText(ofile), CookieName) Then
‘WScript.Echo “file: ” & oFile.Name
If EnableLogging = True Then
oVersionLog.WriteLine ” => Deleted ” & sFolderPath & “\” & oFile.Name
Else
‘WScript.Echo sFolderPath & “\” & oFile.Name
End If
on error resume next
oFSO.DeleteFile sFolderPath & “\” & oFile.Name
iCountFiles = iCountFiles + 1
End If
Next
End If
End Sub

Function ReadFileText (sFile)
on error resume next
Dim objFSO ‘As FileSystemObject
dim oTS
dim sText

Set objFSO = CreateObject(“Scripting.FileSystemObject”)

Set oTS = objFSO.OpenTextFile(sFile)
sText = oTS.ReadAll

oTS.close
set oTS = nothing
Set objFSO = nothing
ReadFileText = sText

end Function

Function runonce(path)
dim fso
Set fso = CreateObject(“Scripting.FileSystemObject”)
If (fso.FileExists(path)) Then
runonce = true
Else
runonce = false
End If
end function

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s