According to documentation, get-scheduledjob only returns scheduled jobs where owner is the current user. Other scheduled job commandlets like set-scheduledjob also only work for scheduled jobs where owner is current user. This makes it impossible for non owners to get job status, modify the job (such as setting other credentials), etc.
In a proper IT organization, I'm going to say its crucial for these jobs to allow adminstration from various administrators.
Am I missing some way to administer, review results, etc (other than looking directly at the powershell output files in the owner's appdata)?
To clarify - I'm looking for a method to work with Powershell created and administered ScheduledJobs. If you modify the scheduled task that executes the scheduled job through the UI, schtask or other scheduled task specific tool, you'll get unexpected results. If you change owner/credentials, the scheduled task will fail. You can use UI/schtasks to change schedule without causing any problems. In addition to changing owner, I want to get at the results of get-job in order to monitor the jobs progress.
The only way I have ever been able to get this to work using Powershell was by invoking the schtask.exe utility:
Note: "/U" is for local administration and "/RU" is for remote administration, also "/S" is not needed with working locally.
Create by importing an XML previously exported from Task Scheduler
[string]$string = 'schtasks.exe /create /RU yourdomain\username /RP $password /TN Task-Name /XML "D:\Path\To\ExportedXML.xml" /S ServerName'
Delete:
[string]$string = 'schtasks.exe /delete /RU yourdomain\username /P $password /TN Task-Name /S ServerName /F'
Query:
[string]$string = 'schtasks.exe /query /RU yourdomain\username /P $password'
Run Locally:
Invoke-Expression -Command $string
Run Remotely:
Invoke-Command -ScriptBlock {$string}
I've written a few PowerShell scripts for managing scheduled tasks (they use the TaskService COM object):
Rename Scheduled Tasks in Windows 7, Windows Server 2008, and Windows Vista
How-To: Use PowerShell to Report on Scheduled Tasks
Updating a Scheduled Task's Credentials
Bill
Related
We are trying to execute a powershell script that will import a scheduled task to non domain and domain joined computers in our organization. The task is simply to disable wifi adapter when an ethernet cable is connected. I exported the task as a .xml and then can get the task to run as admin and complete successfully. However when we attempt to run logged in as normal user, the UAC box pops up asking for admin username and password. I created the task as both domain admin and local admin accounts and tried both, with same result when running the .bat as normal user.
This is my script so far (I have no previous experience in writing powershell):
Copy-Item -Path D:\WiFi -Destination C:\PCM\Utils -Recurse;
schtasks /create /tn "Ethernet On-Disable Wifi" /xml "C:\PCM\Utils\WiFi\Ethernet On-Disable Wifi.xml" /ru Domain\admin /rp domainpw;
schtasks /create /tn "Ethernet Off-Enable Wifi" /xml "C:\PCM\Utils\WiFi\Ethernet Off-Enable Wifi.xml" /ru Domain\admin /rp domainpw;
*
I'd like to be able to run this as %computername%\localadmin as that account is on all laptops...
The first line copies a folder with the .xml from a thumb drive to a folder on laptop. Then it creates the tasks. If I am logged into the laptop as admin, the batch runs fine, but as a local user, it fails with the following:
Error Image
Basically, it copies the folder fine, then ERROR: Access is denied.
I'm pretty sure its because the user logged in does not have rights to create the task. Is there a way to have the task run as localadmin and complete?
We run this .bat file to fire off the .ps1 from the folder that gets copied to laptop.
PowerShell -NoProfile -ExecutionPolicy Bypass -Command "& 'D:\WifiTask\WifiTask.ps1'"
pause
Sorry if the description of this issue is vague or confusing, just trying to learn as I go....thanks
No, a normal user will not be able to create a system scheduled task without getting prompted for elevation by UAC.
For domain computers, you could try:
Group policy to create the scheduled task
Group policy to run your script as the local system user
Script that connects to computers as Admin user and pushes your xml and wifitask.ps1 like Invoke-Command
Off-domain PCs are more difficult, you would want to do it the same way you currently install other software. Manually run as-admin? Software deployment agent? Remote management tools?
I am currently logged into my system as administrator, and run power1.ps1 code to call another power2.ps1 script in elevated mode.
$command = "C:\script\Power2.ps1"
Invoke-Expression $command
power2.ps1 includes the block to run the script with admin privileges, but my problem is I that I get a UAC pop-up dialog asking for confirmation where I have to click on Yes.
Code in Power2.ps1
If (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))
{
$arguments = "& '" + $myinvocation.mycommand.definition + "'"
Start-Process powershell -Verb runAs -ArgumentList $arguments
Break
}
Write-Host "Admin Privilege Code Here"
Is there any way I can completely automate the process? I will not be able to change the UAC access to disable.
Trying to simulate a user's response to a UAC (User Account Control) dialog shouldn't be done - because it defeats the entire purpose of UAC - and most likely cannot be done (if it could be done, that would be a serious bug exploitable by malware and is certainly not something to rely upon; similarly, while it is possible to disable UAC altogether (which itself requires administrative privileges), doing so is strongly discouraged for security reasons).
However, with limitations you can use a scheduled task to bypass UAC for a given command, by calling that scheduled task on demand:
Create an auxiliary scheduled task that invokes your Power2.ps1 script and is configured to run elevated.
In the Task Scheduler (taskschd.msc) UI that means: Run with highest privilege must be checked (tab General) and also Allow task to be run on demand (tab Settings).
The task must be configured to run in the same user account that it will be on-demand invoked from, and that user account must be a member of the Administrators group.
Use Start-ScheduledTask <task-path> (or schtasks.exe /Run /TN <task-path>) to invoke this task on demand, from the same account that the task is configured for, as noted.
Start-ScheduledTask (as well as schtasks.exe /Run) runs asynchronously, so for synchronous invocation more work is needed - see this article.
Note that using -AsJob to return a job whose completion can be waited for with Wait-Job unfortunately appears not to help (as of Windows PowerShell 5.1 / PowerShell 7.2.1): the job is reported as completed before the task's command has terminated.
Also, the task's command invariably runs in a new console window (if the executable invoked is a console application).
I am trying to schedule a script to run when I'm not present at my computer. The script has to run with administrator rights AND run in the foreground so that I can see any message or window that is created when I get back to the computer.
The problem is that scheduled system scripts run in the background, this resulting in no visible window or console to show me any results.
here is the command i use to create my scheduled task (using powershell):
SchTasks /Create /SC ONIDLE /I 1 /TN MyScheduledTask /TR "Powershell scheduler.ps1" /RU "System"
All I need is some way to make some (or all if that's easier) of the commands in the script to become visible in the foreground to the user.
Thanks for any feedback.
When running scheduled tasks under the system account, they will run in the background.
You are running the task under System, /RU "System" use /RU with your username and /RP for your user password.
Please also take a look at this question: Powershell Task Scheduler Stuck Running
I have one selenium webdriver script and another powershell script.
I want to configure both scripts to run on each thursday at 6 pm. How to achieve that.
Create a Windows Scheduled task to run a PowerShell script.
Here is the step by step guide on how to do that.
Use-the-windows-task-scheduler-to-run-a-windows-powershell-script
Then just schedule the script according to your timelines.
If you want to configure the scheduled task also using PS, then here is my blog to help you out on that.
PS Scheduled Task Script
Alternative,
Creation of Task Scheduler Script using cmdlets:
powershell create scheduled-tasks
Hope it helps.
Not sure about Selenium (don't know what that is), but PowerShell scripts can be scheduled using the regular Windows Task Scheduler.
Scheduled tasks can be manually created using the Windows Task Scheduler (taskschd.msc), or via the command-line using schtasks.exe, e.g.:
schtasks.exe /Create /sc weekly /d THU /st 18:00 /tn MyPowerShellJob /tr "%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe -file d:\MyScript.ps1 \"hello world\" foo" /ru JohnDoe /rp
I am having major problems getting a scheduled task to run. The task is created fine using the ITaskScheduler interface provided by Microsoft. The task is set to run only if a user is logged on.
The problem is that the task does NOT run and the log file SchedLgU.txt cites the reason as being:
"The attempt to retrieve account information for the specified task failed; therefore, the task did not run. Either an error occurred, or no account information existed for the task.
The specific error is:
0x8004130f: No account information could be found in the Task Scheduler security database for the task indicated."
I know for a fact that a scheduled task can be created with no account information because the Google Updater scheduled task does this, and it runs fine.
All I can gather from web searches is that Windows has a "scheduled task database" that needs to have credential information for each task for it to be able to run.
Does anyone know how to modify this credential database or any other way to get my task to run?
The GoogleUpdateTaskMachine Task uses the "NT AUTHORITY\SYSTEM" to Run the task. You can do this by using schtasks command and the /ru switch with "System" or "" as the parameter. Like this:
schtasks /create /tn "My App" /tr c:\apps\myapp.exe /sc monthly /d 15 /ru "System"
It does not prompt for a password.
See technet for more info.
you could use batch scripting.
schtasks /create /tn UNO /tr YOURAPP.EXE /sc HOURLY /mo 2
there you go.
read: How to use Schtasks.exe to Schedule Tasks in Windows Server 2003
As far as I know, and the documentation backs this up, an account is required for a scheduled task. If you set the task to run only when a user is logged in that only means a password is not necessary, you still need an account. This account can be set to a group so that the task will be run when it is triggered as long as anyone in the group is logged on. For instance you can set the account to 'Users' so that the task can run when anyone is logged on.