1

My BAT file (below) runs perfectly when I run it from an elevated command prompt or Right-Click -> Run as Administrator. However, when I put it in my Windows 10 Task Scheduler, it will not run.

What I've tried: -- Security Options of the task: I've tried both SYSTEM and a domain admin account. -- I select "Run with Highest Privileges." -- I have Selected "Windows 10" in the "Configure For:" dropdown. -- In the EDIT ACTION window, I have specified the location (c:\script) of the BAT file in "Start in (optional)" section -- In "Program/Script” I have tried "C:\scripts\script.bat" (without the quotes). I have tried listing just “script.bat" (without the quotes). And, I have also tried ".\script.bat" (without the quotes). -- I have created the extra lines in the BAT file to copy the file from the System32 directory to another (less secure) location before trying to copy it to the network drive. (I feel like this is unnecessary, and it didn't seem to help with the overall problem.)

*******************BEGIN BAT FILE******************

@Echo off

REM (maps network drive)
NET use Z: \\SERVER\PATH

REM (copies any archived security event viewer logs to the network) 
IF EXIST "%SystemRoot%\System32\Winevt\Logs\Archive-Securit*.evtx" (     
      xcopy "%SystemRoot%\System32\Winevt\Logs\Archive-Securit*.evtx" c:\test\ /Y      
      xcopy "c:\test\Archive-Securit*.evtx" \\SERVER\PATH\%computername% /Y

REM (deletes files on the local machine after the files are verified to be on the network share)      
     FORFILES /p "Z:\PATH\%computername%" /c "cmd /c del %SystemRoot%\System32\Winevt\Logs\@file"      
     FORFILES /p "Z:\PATH\%computername%" /c "cmd /c del c:\test\@file"

) ELSE ( 
REM Do nothing 
)

******************END BAT FILE***************

Zephyr
  • 9,885
  • 4
  • 28
  • 63
JasonRobi
  • 31
  • 2
  • This is not a programming question, it appears to involve administration and possibly file permissions. Voting to close as this belongs on a different SE site. – EternalHour Oct 08 '19 at 16:49
  • As `Z:` has been mapped to `\\SERVER\PATH`, why are you not using `Z:\%ComputerName%` instead of `\\SERVER\PATH\%computername%` and `Z:\PATH\%computername%` in your respective `XCopy` and `ForFiles` commands? – Compo Oct 08 '19 at 19:36
  • Compo, I agree, either SHOULD work. However in all of my troubleshooting steps, I found that running the bat as admin would not recognize the XCOPY command with the mapped z:\, and the FORFILES would not run as \\server\path. So, for whatever reason, this particular combonation works. I have not tried to change it since figuring out that the group policy entry was my culprit. – JasonRobi Oct 09 '19 at 18:32

1 Answers1

2

I figured out my problem. Group Policy had Domain Admins in the Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> User Rights Assignment -> "Deny logon as a batch job."

After removing Domain Admins from this listing and running gpupdate on the machine, I was able to successfully run the BAT in the Task Scheduler (Assuming I had the domain admin user listed in the Security Options of the task).

JasonRobi
  • 31
  • 2