none
Deploy scheduled task with a specific username

    Question

  • Hi,

    I've succefully deployed a scheduled task that has a path of a file local to the PC it's running.  The file is a powershell file that does some reasonably complicated stuff that essentially closed down an application if it senses no user input after a set amount of time by killing the executable with stop-process.

    The scheduled task created via group policy in USer Configuration | Preferences | Control PAnel Settings | Scheduled Tasks is running under the local system account, this is configured in the GPO. The problem I am having is that the script is not actually working.  I wrote and am using this script Terminate Process After period of time

    The scheduled task is created and configured to run at startup.  The powershell script has an endless loop that checks every 5 seconds and looks to see if any user input has accured (This is a .net input class) then calls stop-process if the machine is idle for more than x minutes.  It works when run from just the powershell on the machine but not when its run from the scheduled task deployed via group policy - I suspect it is something to do with permissions although the System account has almost Administrator privileges.

    My question is how do I run the task under a different user other than local system as there is no way to add a password into the GP scheduled task - it appears this functionality has been removed from GP. 

    Any help would be good.

    Thanks


    Alter De Ruine

    Friday, January 22, 2016 9:45 AM

All replies

  • See history of execution as well as include printouts. Start with something obvious. Try running script interactively. Sometimes priviledged mode is needed... so try to minimize number of factors that may fail in case of complex task.

    Regards

    Milos

    Friday, January 22, 2016 10:02 AM
  • > looks to see if any user input has accured (This is a .net input class)
     
    I doubt that this class has access to sessions of other users...
     
    > My question is how do I run the task under a different user other than
    > local system as there is no way to add a password into the GP scheduled
    > task - it appears this functionality has been removed from GP.
     
    Simply run it at logon with "Users" (S-1-5-32-545). So it will run in
    the session of the actually logged on user.
     
     
    Friday, January 22, 2016 11:36 AM
  • Hi,That's a good idea, one I've already tried.  The result caused a massive problem as it stopped other policies running.  I think becuase of the never ending loop, the script never actually finished running so really screwed things up.  Is there anythign in GP that can get over scripts that don't end\timeout so I can go down this path?

    Thanks


    Alter De Ruine

    Friday, January 22, 2016 11:44 AM
  • Hi James,

    I have searched for a long time, and I have not found a way to achieve your goal.

    Here is an article about scheduler task trigger may be helpful to you.

    Triggers

    https://technet.microsoft.com/en-us/library/cc748841.aspx?f=255&MSPPError=-2147217396

    Best Regards,

    Jay


    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, January 29, 2016 10:50 AM
    Moderator