Storage Sense not deleting downloads – Workaround

Hi all, in a previous post I went through what Storage Sense is and how to configure it via Microsoft Intune, this post can be found here. However, have you noticed that Storage Sense doesn’t actually delete the users’ files within the downloads folder? If so, stick around as I will give you a workaround on how to still remove files in the downloads after a period of time of your choosing.

The Issue

So you’re using Storage Sense, all is well, apart from that your downloads folder is not being cleaned up as per the Storage Sense policy, this is due to the fact that common AV \ XDR products such as Microsoft Defender \ Microsoft Defender for Endpoint scan the downloads folder and stamps the date last accessed attribute, here is an example, as you can see poor old Bruce Wayne’s Storage Sense settings are set to run weekly and delete downloads older than 30 days, but Brucey still have contents older than this:

The workaround

So you can obviously also use a proactive remediation script to clean the downloads folder for all users on devices after XXX days, which I am going to do, but due to this client having Business Premium licences, I am going to have to do something without proactive remediations, in comes Niels Kok‘s great script to create task schedulers via Intune PowerShell script, see Niels blog post for more information on this.

The cleanup script

This script will be ran via the task scheduler that will be created, which will scan all users’ download directories, except the administrator, public and default profiles, anything older than seven days to be deleted and capture everything in the logs within the “C:\Program Files\ScheduledTasks\DownloadsFolderCleanup_log.txt” location. Change the exclusions on line 40 if needed.

<#  Script to delete files older than 7 days in all user download directories
	Does not apply to public or administrator accounts

  Author: Alex Durrant
	Version: V1.0
    Unless required by applicable law or agreed to in writing, software
    distributed under the License is distributed on an "AS IS" BASIS,
    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    See the License for the specific language governing permissions and
    limitations under the License.
# Define the time threshold for old files (7 days ago)
$thresholdDate = (Get-Date).AddDays(-7)

# Define the log file path
$logFilePath = "C:\Program Files\ScheduledTasks\DownloadsFolderCleanup_log.txt"

# Ensure the ScheduledTasks directory exists
if (-not (Test-Path -Path "C:\Program Files\ScheduledTasks")) {
    New-Item -Path "C:\Program Files\ScheduledTasks" -ItemType Directory -Force

# Function to log messages to the log file
function Log-Message {
    param (
    $timestamp = Get-Date -Format "yyyy-MM-dd HH:mm:ss"
    $logEntry = "$timestamp - $message"
    Add-Content -Path $logFilePath -Value $logEntry

Log-Message "Starting cleanup process."

# Get all user profile directories excluding Default, Public, and Administrator
$userProfiles = Get-WmiObject -Class Win32_UserProfile | Where-Object {
    $_.Special -eq $false -and
    $_.LocalPath -notmatch 'Default|Public|Administrator'
} | Select-Object -ExpandProperty LocalPath

foreach ($profile in $userProfiles) {
    # Define the Downloads directory path for the current user profile
    $downloadsPath = Join-Path -Path $profile -ChildPath 'Downloads'
    if (Test-Path -Path $downloadsPath) {
        # Get all files in the Downloads directory older than the threshold date
        $oldFiles = Get-ChildItem -Path $downloadsPath -File -Recurse | Where-Object {
            $_.LastWriteTime -lt $thresholdDate

        foreach ($file in $oldFiles) {
            try {
                # Forcefully delete the old file
                Remove-Item -Path $file.FullName -Force -ErrorAction Stop
                Log-Message "Deleted file: $($file.FullName)"
            } catch {
                Log-Message "Failed to delete file: $($file.FullName). Error: $_"
    } else {
        Log-Message "Downloads directory not found for profile: $profile"

Log-Message "Cleanup process completed."

Win32 App

Using the above and Niel’s task scheduler script, we’re able to deploy this via Intune as an Win32 app, like so:


On the endpoints, a new scheduled task will be created, that will run our custom script to delete files (not folders) in all users downloads if older than 7 days, it’ll also add all entries to the log file.

At log on:

Log file doing it’s job:

Just give me all of the scripts already

Sure ting, here you go. Make sure you wrap it up via the IntuneWin32 utility.

Make sure you test before deployment, happy Intuning.

Leave a Reply...