locked
registering new scheduled task - does not "run whether user is logged on or not" RRS feed

  • Question

  • Hi all,

    Summary:

    My code can successfully register new events running as SYSTEM. However, when I supply an account and password (which has log on as batch job permissions) I cannot get it to register the task as "run whether user is logged on or not".

    I've read about 17 articles and tried sample code from 5 or 6 of the top search sources, but can't seem to resolve this. Almost everything I found on the topic says that if I supply both username and password of a domain account with the correct privileges, the task will be created with the desired properties. However, some references claim that if I register the task using a Principal and -LogonType Password that it will work as desired, but that's not true. Some claim that -LogonType should be S4U for the desired behaviour. That also is not true. For one thing, I tried it (And I tried all -LogonType options) out of desperation.  Secondly, it doesn't make sense because to get the desired behaviour a password must be supplied, but by using a Principal, there is no mechanism for supplying a password, at least not in New-ScheduledTaskPrincipal, New-ScheduledTask, or Register-ScheduledTask.

    I have also tried -RunLevel Highest and -RunLevel Limited.

    The goals:

    • the task must run whether any user is logged on or not
    • the task must have access to network resources (UNC shares)

    The code:

    Register-ScheduledTask -TaskName "$Taskname" -Description "$Description" `            
        -Action $Action -Trigger $Trigger -Settings $Settings -RunLevel Highest `            
        -User "$DomainUser" -Password "$Password" `            
        -ErrorAction Stop

    As I said, this (final) code is mostly working, but not as desired. If I run this code, the task is created, but is set to "Run only when user is logged on".  I can then go into the GUI, manually edit the task and set it to "Run whether user is logged on or not", enter the same password used in the code above, and then all works as expected.  However, it completely defeats the purpose of creating the scheduled task in code.

    The plea:

    I have spent way too much time on this, but any suggestions would be greatly appreciated!

    Brian Perkins
    Luanda International School of Angola

    Monday, June 4, 2018 7:41 AM

Answers

  • Hello there,

    I believe you need to include also "New-ScheduledTaskPrincipal" in your script.

    https://docs.microsoft.com/en-us/powershell/module/scheduledtasks/new-scheduledtaskprincipal?view=win10-ps

    Parameter "LogonType" has what you are looking for (see example 1).

    Cheers,

    Sok.

    • Marked as answer by jrv Wednesday, June 10, 2020 4:26 PM
    Monday, June 4, 2018 8:28 AM

All replies

  • Hello there,

    I believe you need to include also "New-ScheduledTaskPrincipal" in your script.

    https://docs.microsoft.com/en-us/powershell/module/scheduledtasks/new-scheduledtaskprincipal?view=win10-ps

    Parameter "LogonType" has what you are looking for (see example 1).

    Cheers,

    Sok.

    • Marked as answer by jrv Wednesday, June 10, 2020 4:26 PM
    Monday, June 4, 2018 8:28 AM
  • May be a bit late to the party, but the behavior you've described seems to be with the account you're attempting to use for the task does not have the Logon as a Batch Job permission in the security policy.
    Wednesday, June 10, 2020 11:59 AM