My problem is as follows:
- I have two users on a windows server (Windows Server 2016). One is my regular user (with admin privileges) and the other a technical user.
- I would like to probe for a given scheduled task on a remote machine (which is a Windows Server 2016 as well). To do so i use "Invoke-Command" and pass the session as follows:
Invoke-Command -Session $session -ScriptBlock { Get-ScheduledTask -TaskName <task_name>}
- For my regular user this works (i am using localhost for testing, but also verified this against a different server)
- For the technical user it does not. However, the command
Get-ScheduledTask -TaskName <task_name>
executed in the technical users' powershell WORKS.
- Further (executed as the technical user), the following works as well
Invoke-Command -Session $session -ScriptBlock { Get-ChildItem C:\ }
So what i take from this is that for the technical user in general remoting works as well access to the scheduled tasks. However, somehow the combination does NOT.
The exception is get is
Access denied
+ CategoryInfo : PermissionDenied: (MSFT_ScheduledTask:Root/Microsoft/...T_ScheduledTask) [Get-ScheduledTask], CimException
+ FullyQualifiedErrorId : HRESULT 0x80041003,Get-ScheduledTask
+ PSComputerName : <hostname>
So obviously this is a permission issue. But i do not get what i need to change to fix it. I tried to compare the different permission between my regular user and the technical user, however I did not spot anything immediately obvious.
Does anyone know what needs to be changed?
