locked
Run a PowerShell Script as a GPO-provided Scheduled Task RRS feed

  • Question

  • Hi,

    This should be a piece of cake, but Windows technology being what it is, not the case. I am trying to use a GPO to create a scheduled task on Windows 10, which will run a local PowerShell script. The task executes on idle and presents the user with a dialog box, asking them to log off or stay. The script runs great when launched interactively, aside from the ridiculous "Are you sure you want to run this" message which appears no matter what the execution policy is set to. Script execution is enabled for ALL through the same GPO in both places.

    First, the scheduled task doesn't even make it to Windows. I've tried creating the task in both the user and computer sections. It doesn't matter. Nowhere to be found. The user/computer is getting the GPO.

    Second, a regular user needs to be able to run the script through the scheduled task. This is not the case. The ever-so-present "Are you sure you want to run this" dialog breaks the whole process.The task was created to run as SYSTEM.

    The task runs powershell.exe with the full path to the script as its parameter, and starts in the local directory where the script lives.

    Everywhere I search online brings me something different, none of which works. Frankly, this type of option should be built into Windows (logging off idle users).

    Thanks


    Jason

    • Moved by jrv Monday, March 12, 2018 6:46 PM GP question
    Monday, March 12, 2018 4:18 PM

All replies

  • This is a Group Policy issue and not a PowerShell issue.


    \_(ツ)_/

    Monday, March 12, 2018 6:46 PM
  • Thanks for the move!

    Jason

    Monday, March 12, 2018 9:26 PM
  • Hi,
    >> The ever-so-present "Are you sure you want to run this" dialog breaks the whole process.
    Please have a try to disable UAC and see if it helps: Control Panels > User Accounts > Change User Account Control Settings > Never notify.
    Best regards,
    Wendy

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, March 13, 2018 8:19 AM
  • Hi,
    >> The ever-so-present "Are you sure you want to run this" dialog breaks the whole process.
    Please have a try to disable UAC and see if it helps: Control Panels > User Accounts > Change User Account Control Settings > Never notify.
    Best regards,
    Wendy

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    What?  How could that be.  A GPO can easily create a scheduled task with no challenges.  That is what GPP is for. 


    \_(ツ)_/

    Tuesday, March 13, 2018 3:07 PM
  • Long story short - The script, when run through a scheduled task, was failing because the computer on which it was being run was doing so under an AppLocker policy. The PowerShell script created a Windows Form object (C#) to draw a GUI for the user. When running under AppLocker, the PowerShell cannot call upon external modules from outside of it's permission space (???). Do the same on a PC without AppLocker, and the script ran as expected. Unfortunately, AppLocker is part of the house rules. Back to the drawing board...

    Thanks


    Jason

    Monday, March 19, 2018 10:19 PM