0

I am trying to schedule Task on Task Scheduler, every thing is working fine unless I tick "Run with Highest privileges" or "Run weather user is logged on or not"

As soon as I tick this, scheduler stop triggering my Script.

Script- .Bat file using Power Shell command.

Can any one figure out what went wrong?

Edited- ( Changed file location from drive to network drive)

@Echo Off

:: SDate=DAYMONTHYEAR FORMAT of Systemdate
::set SDate=%date:~7,2%%date:~4,2%%date:~10,4%

::Variable for folder path
for /D %%d in ("\\Server\Schd File\AA\*") do (
for %%a in ("%%d\*.*") do (SET "FPath=%%~dpa"
Set "FName=%%~na" )
)

For /F "Tokens=4-9 Delims=-" %%A In ("%FName%") Do (
    Set "Freq=%%B"
    Set "ADate=%%F%%E%%D"
)

Set "DFormat=ddMMyyyy"

IF %Freq% == Daily (
For /F UseBackQ %%A In (
    `Powershell "([datetime]::ParseExact('%ADate%','%DFormat%',[System.Globalization.CultureInfo]::CurrentCulture)).AddDays(-1).ToString('ddMMyyyy')"`
) Do Set "DateF=%%A"
)

IF %Freq% == Weekly ( 
For /F UseBackQ %%A In (
    `Powershell "([datetime]::ParseExact('%ADate%','%DFormat%', [System.Globalization.CultureInfo]::CurrentCulture)).AddDays(-7).ToString('ddMMyyyy')"`
) Do Set "DateF=%%A"
)

IF %Freq% == Monthly (
For /F UseBackQ %%A In (
    `Powershell "([datetime]::ParseExact('%ADate%','%DFormat%', [System.Globalization.CultureInfo]::CurrentCulture)).AddMonths(-1).ToString('MMMyyyy')"`
) Do Set "DateF=%%A"
)


mkdir "%FPath%%Freq%\%DateF%"
move "%FPath%\%FName%.*" "%FPath%%Freq%\%DateF%\"

GoTo :EOF
Bugs
  • 4,491
  • 9
  • 32
  • 41
Ashu
  • 37
  • 3
  • 9
  • Is there something in the task history tab? Maybe it's less a coding issue, than a permission issue. – restless1987 Jun 08 '17 at 06:27
  • @restless1987- I have tried running simple script for "Run with Highest privileges" or "Run weather user is logged on or not" it work properly. but above mentioned script works fine If i select option "Run only if user is logged in". I doubt it is due to Power Shell or something. – Ashu Jun 08 '17 at 07:28
  • Does the script run at all? (what if you write the date to a file (`%time% >> c:\...\test.txt`?), is that done?) or are just the PowerShell commands not running? What if you try to run the PowerShell commands with `-ExecutionPolicy bypass`? – iRon Jun 08 '17 at 08:20
  • @iRon - Yes script runs when I select "Run only if user is logged in". I am not much into scripting, so dont know about 'ExecutionPolicy bypass'?, I tried running simple Xcopy commant with Highest privilage and for all user, it works fine. – Ashu Jun 09 '17 at 04:22
  • today morning I tried to run script only till ADate Variable (From above script) with Highest privilege & Run weather user is logged on or not, still it is not working. – Ashu Jun 09 '17 at 04:27
  • Please do not vandalize your posts. Once you've posted a question, you have licensed the content to the Stack Overflow community at large (under the CC-by-SA license). If you would like to disassociate this post from your account, see [What is the proper route for a disassociation request?](http://meta.stackoverflow.com/questions/323395/what-is-the-proper-route-for-a-dissociation-request). – Bugs Jul 03 '17 at 07:40

1 Answers1

6

There was a major overhaul of Scheduled Tasks security in Vista and later to prevent hackers from installing a scheduled task that could access network resources.

When you set the task to run whether or not a user is logged on you must set the user credentials to a user with the permissions needed to run the task. That user must also have the local policy set to allow the user to run batch files.

Additionally, when a user is not logged on, task scheduler uses “Service-for-User” (S4U) authentication which denies the user access to any network functionality. Assuming your "D:\AA*" path is a local drive this may not be a problem but if it is a mapped network drive it will be a problem.

"Run with Highest privileges" does not grant higher privileges to the specified user but runs under a completely separate security token for the system Administrator account that is created when Windows is installed.

https://technet.microsoft.com/en-us/library/cc722152(v=ws.11).aspx

https://technet.microsoft.com/en-us/library/cc732613(v=ws.10).aspx

https://technet.microsoft.com/en-us/library/ee844140(v=ws.10).aspx

https://superuser.com/questions/640962/why-cant-a-task-scheduler-job-access-a-mapped-network-drive/782836#782836

The only solution I found to run a task overnight that needs network access was to leave the machine running and the user logged on.

thx1138v2
  • 566
  • 3
  • 6