DoubleAADJoin_Cleanup.ps1

#set date time for transcript file name
$starttime = get-date -f MMddyy-hhmmtt

Start-Transcript "c:\temp\$starttime.txt"

#stop token broker service
net stop tokenbroker

#set token broker status
$BrokerStatus =  (get-service tokenbroker).status

#get currently logged in user, This does not work on a VM currently (working on this)
$LoggedinUser = ((Get-CimInstance -ClassName Win32_ComputerSystem).Username).Split('\')[1]

if ($BrokerStatus -ne "Running")
	{
		get-childItem -Path "c:\users\$loggedinuser\appdata\local\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\AC\TokenBroker\Accounts" -include *.* -File -Recurse | foreach {$_.Delete()}
	}

else
	{
		net stop tokenbroker
		get-childItem -Path "c:\users\$loggedinuser\appdata\local\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\AC\TokenBroker\Accounts" -include *.* -File -Recurse | foreach {$_.Delete()}
	}
	
#Set path for Settings.dat file in token broker plugin folder
$Settings = "c:\users\$loggedinuser\appdata\local\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Settings\settings.dat"
If (Test-Path $Settings)
	{
		$datetime = get-date -f MMddyy-hhmmtt
		Rename-Item -Path "c:\users\$loggedinuser\appdata\local\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Settings\settings.dat" -NewName ("Settings_" + $datetime + ".dat.old")
	}

#Set path to default account registry key, to enable checking if exists
$Registry = "HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\TokenBroker\DefaultAccount"
If (Test-Path $Registry)
	{
		reg export hkcu\software\microsoft\identitycrl\tokenbroker\DefaultAccount c:\temp\DefaultAccount.reg /y
		remove-item -Path "hkcu:\software\microsoft\identitycrl\tokenbroker\DefaultAccount" -recurse
	}
#start Token broker service
net start tokenbroker
#completion
write-host "complete: Please see c:\temp\$starttime.txt"
#stop transcript
stop-transcript