0

I have been attempting to set up a PowerShell script to run as part of a scheduled task on a Windows Server 2012 R2 server. The script will run if I execute it manually from the GUI but all but one of my attempts to run it from a task have failed.

After some troubleshooting I found that if I set the task to "Run only when the user is logged on" and I execute the task, it runs just fine. It pops a powershell window, runs the script, and closes itself. It seems like I am on the right track and I may have narrowed it down as to what is the problem but I am at a loss as to where to go from here. Obviously, I would like the script to execute regardless of whether or not I am logged in.

Just in case, here is the script I am running:

    Get-ChildItem C:\somefolder -Recurse| 
    Where-Object{$_.PsIsContainer}| Sort-Object CreationTime -desc| 
    Select-Object -Skip 3| Remove-Item -Force

Where can I look from here? I have been able to run powershell scripts in this manner from server 2008 without problems but I just cannot seem to crack this one.

EDIT: For the action of the task set to start a program and under Program/script I have "powershell" then ".\myscript.ps1" for an arguement then "c:\" for start in.

Tyson Navarre
  • 482
  • 3
  • 10
  • 23
  • Is it really `".\myscript"`? Have you tried providing the fully qualified path the the script? You might also want to pass the `ExecutionPolicy` policy option. – Zoredache Apr 23 '15 at 19:23
  • whoops nope, I mistyped that its ".\myscript.ps1" my bad. Will edit the original question to correct – Tyson Navarre Apr 23 '15 at 19:29
  • 1
    `ExecutionPolicy` is definitely your culprit – Hyppy Apr 23 '15 at 19:30
  • Even if I have already set the executionpolicy to Unrestriced? – Tyson Navarre Apr 23 '15 at 19:30
  • 1
    also, Zoredache, I have tried a ton of different ways to express the path including fully qualified but nothing seems to work. Googled the living heck out of this and that seems to fix it for a lot of people – Tyson Navarre Apr 23 '15 at 19:32
  • Hyppy, if I have already set the execution policy previously, how can I alter the task or the script itself to get around it? – Tyson Navarre Apr 23 '15 at 19:34
  • if you just try to run the script as the user that your scheduled task runs as, does it work? For my Scheduled Tasks, I run as SYSTEM (since it's just doing local filesystem stuff) `Start a program: powershell` then `Arguments: -ExecutionPolicy Bypass -NonInteractive -WindowStyle Hidden C:\Path\To\Script.ps1` – mortenya Apr 23 '15 at 21:17
  • so, the script just sits in the root of the C:\ drive? – mortenya Apr 23 '15 at 21:22
  • Silly question really but just making sure... Did you set up credentials for running the task without the 'logged on user' option? – Lior Abel Apr 24 '15 at 07:52
  • not a bad question at all. I have tried using a local admin account on the server, and even running the task under the SYSTEM account and its the same result every time. When using the local admin account I am prompted to enter the account password every time i save the task. – Tyson Navarre Apr 24 '15 at 15:36
  • mortenya, I had it at the root of C but have since tried running it under a sub folder on the C drive and even on another partition and nothing has worked – Tyson Navarre Apr 24 '15 at 15:37

3 Answers3

1

Can you try running with following:

powershell -noprofile -noexit -executionpolicy bypass -file C:\path\script.ps1

Also check that: get-executionpolicy is set to RemoteSigned

Also check "Run whether user is logged on or not.

Ankh2054
  • 1,414
  • 13
  • 23
  • Thanks! if I have set the executionpolicy to Unrestricted, will it still work? – Tyson Navarre Apr 23 '15 at 19:34
  • Try RemoteSigned first – Ankh2054 Apr 23 '15 at 19:37
  • Update, tried running the script in the way you suggested and the task just runs forever, but nothing happens still. Before I would run the task, nothing would happen but the task would show as completed even though it did not actually appear to run. Weird stuff. – Tyson Navarre Apr 23 '15 at 19:38
  • Try removing the noexit – Ankh2054 Apr 23 '15 at 19:38
  • Took the no exit out and set the execution policy to remotesigned and got the same result. Man this makes me wanna bang my head on the wall. – Tyson Navarre Apr 23 '15 at 19:41
  • 1
    Can you try running powershell as admin and then setting the execution policy again Or run get-execution policy just to check it is set to RemoteSigned – Ankh2054 Apr 23 '15 at 19:45
  • Then run the task as you had it – Ankh2054 Apr 23 '15 at 19:46
  • Could the script just be taking a while? Or does it usually finish quite quickly? – Ankh2054 Apr 23 '15 at 19:47
  • just re-did the executionpolicy command then re-ran with the same result. Normally when I run the script manually it runs really fast. – Tyson Navarre Apr 23 '15 at 19:50
  • Certain folders at the root of the C: Drive, system32, for example, need elevated privileges to access. You would need to set the script to run with highest privileges in Task Scheduler. – Davidw Apr 23 '15 at 19:51
  • Sorry just to check are you running set-executionpolicy remotesigned! – Ankh2054 Apr 23 '15 at 19:51
  • Oops set-executionpolicy remotesigned – Ankh2054 Apr 23 '15 at 19:52
  • Ankh, you are right, that is the command I ran to set the policy. – Tyson Navarre Apr 23 '15 at 19:54
  • Davidw: I just created another folder at C called Scripts and put the script in there to see if that helped. The task has been set to run with highest privileges from the start. After attempting to run again I had the same result – Tyson Navarre Apr 23 '15 at 19:56
  • Can you try David's suggestion. Go to the General Tab and select the checkbox of ” Run with highest privileges" – Ankh2054 Apr 23 '15 at 19:56
  • Anything in event logs that is useful as error? – Ankh2054 Apr 23 '15 at 19:57
  • Yeah this is driving me crazy! Looked in the logs and nothing specifically mentioning powershell in there. The check-box for highest privileges has always been checked on this task but has had no affect. The only way I have gotten it to run is switching from running if logged off to run only if logged on – Tyson Navarre Apr 23 '15 at 20:02
  • You know, I've never had any luck running anything with "Run whether user is logged on or not" checked. – Davidw Apr 23 '15 at 20:25
  • This article seems to suggest that using that option means it runs completely in the background. You might try having it create a log file, and then check for that log file? https://social.technet.microsoft.com/Forums/windows/en-US/c03d6691-b058-4f8d-961c-e8eba25bbaed/task-scheduler-problem-run-whether-user-is-logged-on-or-not?forum=w7itprogeneral – Davidw Apr 23 '15 at 20:30
  • Hi Tyson, I have created your script on my server 2012 and it does run. The only observations I have are: The script says running, until I refresh, but when you look in history you can see it completed successfully. – Ankh2054 Apr 24 '15 at 14:48
  • What does it say in your history? – Ankh2054 Apr 24 '15 at 14:48
  • You hit on a good point, I have this script running on another Server 2012 R2 server and it runs, so I am really scratching my head as to what is different about this box. When I enable history all it says is that the task completed successfully which makes me wanna shoot the thing. – Tyson Navarre Apr 24 '15 at 15:34
  • For the user credentials you are entering, has that user logged into that server before? If that user account has not logged on, there won't be a profile and that might be causing it to hang. Just a wild guess here--I've seen some things trip up on that before, but haven't tested this scenario with it. – Tony Hinkle Apr 24 '15 at 16:11
  • 1
    Try and make a very simple powershell script that actually outputs to file and see if that works. – Ankh2054 Apr 24 '15 at 16:22
1

Finally figured this one out:

The problem turned out to be the fact that I was attempting to manipulate something on a network drive. What I learned is that, even if you already have the drive mapped in Windows, you MUST un-map and re-map the drive as part of your script in order to manipulate files non-interactively through a PowerShell Script.

Here is what I added to my PowerShell script to get it to work:

$secpasswd = ConvertTo-SecureString "YourPassword" -AsPlainText -Force
$mycreds = New-Object System.Management.Automation.PSCredential ("username", $secpasswd)

Remove-PSDrive –Name “Z”

New-PSDrive –Name “Z” –PSProvider FileSystem –Root “\\192.168.X.X\backup” –Persist -Credential $mycreds

There is something with credentials being cached that happens when you are logged on but is not used when you are running the same script via task manager.

Thanks a ton for all the answers I got to this question, it really helped me to finally figure this one out hopefully this will help someone else out there too.

Final note, this same method worked for batch files as well on the same server.

Tyson Navarre
  • 482
  • 3
  • 10
  • 23
0

Have you tried changing UAC-settings for Admins on DCs? (best to do this through GPO) There are 3 different options that have to be changed to get Powershel script working within Sheduled Task. Those 3 UAC policy-settings can be found under Computer Configuration >> Policies >> Windows Settings >> Security Settings >> Local Policies >> Security Options: - User Account Control: Admin Approval Mode for the Built-i Administrator account (Not Defined) - User Account Control: Run all administrators in Admin Approval Mode (Disabled) - User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode (Elevate without prompting) Configure them so that UAC doesn't kick in when you scheduled task is executed with Administrator-privileged account

Of couse you hade to choose the option "Run whenever user is loged on or not" on the General options in your Scheduled Task config.

Nat
  • 1