Run PowerShell Script with Windows Task Scheduler.
Introduction
Let us discuss on setting up the Windows Task Scheduler to run the PowerShell scripts. We would discuss on setting up a simple script to run Locally on a system and to have script doing remote execution.
Windows Task Scheduler has wide functionalities and options we would explore the options useful for PowerShell.
Case 1: Run the PowerShell script with Windows Task Scheduler Locally.
Sample code for execution Locally.
Save the code in a file with .ps1 extension in C:\ to be called by the task scheduler.
1.#Sample script to test the script execution from Task Scheduler.
2."Ran on System $(hostname) as $([Security.Principal.WindowsIdentity]::GetCurrent().Name)" `
3.| Out-File c:\scriptLog.log -Force -Append
Setting up the Windows Task Scheduler.
Create a Basic Task
Select the option as appropriate for script execution.
Select the Start Schedule as appropriate
Select "Start a Program"
Set the Program as "Powershell.exe" and the Arguments as "-file <filename>.ps1"
Troubleshooting Tips:
Putting the filename in single quotes here would give a error while executing. 0xFFFD0000
The filename should be in double quotes even if the path has spaces in the folder names.
ie It should be "C:\Program Files\My Data\Run Script.ps1" and not 'C:\Program Files\My Data\Run Script.ps1'
Select "Open the Properties....." and Click "Finish"
On the new Properties window.
Troubleshooting Tips :
Check the user name - Here its local Administrator or server RDS1. Though the Author of the Script is Domain account.
Ensure "Run whether user is logged on or not" is checked if your script is specific time dependent and not user logon status.
Check "Run with highest privileges" - To ensure the script runs elevated.
Validate the "Trigger" tab.
Validate the "Actions" Tab
Click "OK" and "Enter the Local Administrator Credentials."
The Task is Scheduled.
Execute the Script
Status of the Task and the output in the Log file.
Troubleshooting Tips:
The task is set to run as Local Administrator.
Find the Execution Policy set on the System.
If the Execution Policy is **Restricted, AllSigned **as shown below the task would fail with 0x1 error.
If you want to bypass the execution Policy on the system, change the "Action" in the Properties of the Task as below.
Append the "-executionPolicy bypass" and save the Task.
Case 2: Run the PowerShell script with Windows Task Scheduler with a Domain Account.
Things change a bit here, when we plan to run the task scheduler with Domain Account.
Two things to consider.
Case 2 : Option 1.The PowerShell script does all it's stuff locally when it's called from the Windows Task Scheduler.
If the Domain Account has the Administrators privileges locally (domain user or the Domain Group if it's part of Local Administrators Group), the scenario wont change much.
Change the "General" Tab setting for the user by going to the Task Properties.
Output of the Log File and the Task Status. Shows the Domain Account in use.
Once the job is configured to "Run as a Different User" it can be called by users who have Administrator rights.
Output of execution as Local Administrator on the same server.
Troubleshooting Tips:
Logging with local users without administrator privileges won't allow you to see the Tasks in the Windows Task Scheduler.
Users without the Administrator rights may not be able to modify the tasks in the Windows Task Scheduler.
****Case 2 : Option 2.The PowerShell script tries to do something remotely, like winrm, copying data, etc when it's called from the Windows Task Scheduler.
A domain account with Administrators permissions on the remote servers and if the WinRM is enabled to communicate over. The scenario is simple. Configure the task to run as the account with the permissions on remote systems.
Sample Code: Save as C:\RunScript1.ps1
1.#Sample script to test the script execution from Task Scheduler
2.# Calling remote servers with account that has administrators rights on the resources
3.get-service -ComputerName domain01,rds1 -Name bits| `
4.select Status, MachineName| Out-File c:\scriptLog.log -Force -Append
Account used : Domain Account with Administrators rights on the servers.
Output: Able to query both the servers and returns the output.
Troubleshooting Tips:
If we configure local account to fetch the details it would fail, in a very rare case if the domain account name and password match the local account it may execute, probably to do with authentication options.
ie. <Domain>\User01 and <Hostname>\User01
If you are running batch scripts instead of PowerShell, in addition to the permissions described, we need to ensure the "Allow logon as batch" in security policies.
Conclusion
Tried to cover some basics with common issues.
Reference URL : /en-us/dynamics365/business-central/dev-itpro/developer/devenv-task-scheduler