IntuneAutomation

Disk Cleanup Script

Checks Windows temp folders and recycle bin size. Returns exit code 1 if more than 1GB can be cleaned up.

Remediation
2 viewsVersion 1.0By Ugur Koc
View on GitHub

// QUALITY CHECKS

Validation status

Quality checks

All checks pass
  • ParsePass
  • LintPass
  • MetadataPass
  • Runbook-readyPass
  • Module depsPass

Tests run automatically on every change. What does each check mean?

// REQUIRED PERMISSIONS

Microsoft Graph scopes

DeviceManagementManagedDevices.ReadWrite.All

Allows the app to read and write the properties of devices managed by Microsoft Intune, without a signed-in user. Does not allow high impact operations such as remote wipe and password reset on the device's owner

// CHANGELOG

Version history

  1. Entry · 01

    1.0 - Initial version

// CODE

Source

disk-cleanup.ps1
<#
.TITLE
    Disk Cleanup Detection Script

.SYNOPSIS
    Detects if system requires disk cleanup based on temp file accumulation

.DESCRIPTION
    Checks Windows temp folders and recycle bin size.
    Returns exit code 1 if more than 1GB can be cleaned up.

.TAGS
    Remediation,Detection

.REMEDIATIONTYPE
    Detection

.PAIRSCRIPT
    remediate-disk-cleanup.ps1

.PLATFORM
    Windows

.MINROLE
    Intune Service Administrator

.PERMISSIONS
    DeviceManagementManagedDevices.ReadWrite.All

.AUTHOR
    Ugur Koc

.VERSION
    1.0

.CHANGELOG
    1.0 - Initial version

.LASTUPDATE
    2025-06-09

.EXAMPLE
    .\detect-disk-cleanup-needed.ps1

.NOTES
    Runs in SYSTEM context
#>

$ErrorActionPreference = "Stop"
$threshold = 1GB

function Get-FolderSize {
    param([string]$Path)
    
    if (Test-Path $Path) {
        try {
            $size = (Get-ChildItem -Path $Path -Recurse -Force -ErrorAction SilentlyContinue | 
                Measure-Object -Property Length -Sum).Sum
            return if ($null -eq $size) { 0 } else { $size }
        }
        catch { return 0 }
    }
    return 0
}

try {
    $totalSize = 0
    
    # Windows Temp
    $totalSize += Get-FolderSize "$env:WINDIR\Temp"
    
    # User Temp folders
    Get-ChildItem "C:\Users" -Directory -ErrorAction SilentlyContinue | ForEach-Object {
        $totalSize += Get-FolderSize "$($_.FullName)\AppData\Local\Temp"
    }
    
    # Recycle Bin
    try {
        $shell = New-Object -ComObject Shell.Application
        $shell.NameSpace(0xA).Items() | ForEach-Object {
            $totalSize += $_.ExtendedProperty("Size")
        }
    }
    catch { 
        # Silently continue if unable to access recycle bin
    }
    
    Write-Output "Cleanable space: $([math]::Round($totalSize / 1GB, 2)) GB"
    
    if ($totalSize -gt $threshold) {
        exit 1
    }
    exit 0
}
catch {
    Write-Error $_
    exit 2
}

// NOTES

Author notes

Runs in SYSTEM context

// RELATED

Scripts that travel together.

Picked by shared tags, category, and script type — nothing magic, just metadata overlap.

  1. Windows Defender Definition Update

    Checks if Windows Defender definitions are current (within 48 hours). Returns exit code 1 if definitions are outdated.

    Remediation
Browse all scripts