0

I have a msi file which I am able to push to users connected to the network. I am able to run it from Task Scheduler in widows as an admin.

But is it possible to schedule a task from admin and run that msi file as a user in windows .

In short:

1, I am installing and msi application to users connected in the domain. (The application is getting installed)

  1. Run the application as a user when the users in the domain are logged on or working. (I am able to run the installed script as an admin user)

What I want is to run the installed file as the user who will or is logged in to that windows computer.

$taskName = "My Task2"

 

$taskDescription = "This task runs every 10 second"

 

# Define the task trigger
$trigger = New-ScheduledTaskTrigger -User Sanket.Wagh -AtLogOn
# Define the task action
$taskAction = New-ScheduledTaskAction -Execute "<any application path>"

 
#-Argument "-Command 'Write-Host Hello World'"

 

# Register the task
Register-ScheduledTask -TaskName $taskName -Trigger $trigger -Action $taskAction -Description $taskDescription

here user sanket.wagh is static. I want this to be dynamic so it will be for all user where I push the script as an IT-admin

I am completely new to powershell but any help or documentations related to this would be highly appreciated.

Sanket Wagh
  • 156
  • 1
  • 14
  • See following : https://stackoverflow.com/questions/28989750/running-powershell-as-another-user-and-launching-a-script?force_isolation=true – jdweng Mar 30 '23 at 15:12
  • as an IT-admin I would like the msi file to run on other user in the domain as if they have started it without providing the username or password in the powershell – Sanket Wagh Mar 30 '23 at 17:04
  • once I push the the TaskScheduler to all other users in the domain how would I be able to get the user name dynamically – Sanket Wagh Mar 30 '23 at 17:09
  • See following : https://www.xda-developers.com/how-tun-run-apps-administrator-windows-11/?force_isolation=true – jdweng Mar 30 '23 at 17:12
  • Do you need the username? You just want users to be able to run the app. The user will be running the code, you just allowed the script to run with Admin privileges. – jdweng Mar 30 '23 at 17:17
  • Here I have build an python application which I have converted to msi file. which I was able to push on target host able to install it. but when the application is started via admin it does not work but if I start it as a user it works as expected. I am not sure what am I missing here – Sanket Wagh Mar 30 '23 at 17:20
  • I want the script to run without users manual intervention as it is mostly made for sole purpose to detect if any user is sitting idle without any activity – Sanket Wagh Mar 30 '23 at 17:22
  • Do you want a user to be able to kill the job? – jdweng Mar 30 '23 at 17:34
  • ideally no but if he is able to kill that can work too. – Sanket Wagh Mar 30 '23 at 19:20

1 Answers1

1

Create a scheduled task principal.

Use a scheduled task principal to run a task under the security context of a specified account.

By using the interactive users groupid "S-1-5-4" it should get what you want.

Users who log on for interactive operation. This is a group identifier added to the token of a process when it was logged on interactively.

Your modified code. The task will run when any user is logged in.

# Define the task trigger
$trigger = New-ScheduledTaskTrigger -AtLogOn
# Define the task action
$taskAction = New-ScheduledTaskAction -Execute "<any application path>"

# create a scheduled task princiapl. Specify the interactive users group id. 
$principal = New-ScheduledTaskPrincipal -GroupId "S-1-5-4"
 
#-Argument "-Command 'Write-Host Hello World'"

 

# Register the task. add the "principal" parameter
Register-ScheduledTask -TaskName $taskName -Trigger $trigger -Action $taskAction -Description $taskDescription -Principal $principal

The created task

scheduled task

enter image description here

kconsiglio
  • 401
  • 1
  • 8