Weekly schedule task using gMSA

This topic contains 2 replies, has 3 voices, and was last updated by  Andrew Dorre 5 days, 11 hours ago.

  • Author
    Posts
  • #67864

    Biswajit
    Participant

    Team,
    Mine is working fine but how can I schedule that weekly once (specific day & time). I have scheduled that script using Microsoft Group managed service account instead of normal service account due to more security.

    $DurationTimeSpan = New-TimeSpan -Hours 12 
    $DurationTimeSpanIndefinite = ([TimeSpan]::MaxValue)
    $DurationTempTest = New-TimeSpan -Days 1000
    $Argt = "-File C:\Scripts\test-services.ps1"
    $action = New-ScheduledTaskAction -Execute '%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe' -Argument $Argt
    $Trigger = New-ScheduledTaskTrigger -Once -At "07:00" -RepetitionInterval $DurationTimeSpan -RepetitionDuration $DurationTempTest
    $principle = New-ScheduledTaskPrincipal -UserId contoso\gMSA1234$ -LogonType Password
    Register-ScheduledTask myserviceadmintask -TaskPath \AD-Service -Action $action -Trigger $trigger -Principal $principle 
    
  • #67879

    Sam Boutros
    Participant
    # To schedule a PowerShell script:
    
    $ScriptPath = 'C:\scripts\ping-report-v3.ps1'
    $TaskName   = 'PingReport'
    $TaskRun    = "powershell.exe -NoLogo -NonInteractive -WindowStyle Hidden -Command ""$ScriptPath""" 
    
    # Example: Hourly starting at 9 AM
    SCHTASKS.EXE /Create /S $Env:COMPUTERNAME /RU SYSTEM /TN $TaskName /TR $TaskRun /SC HOURLY /ST 09:00 /RL HIGHEST /F 
    break
    
    # Example: Weekly on Sundays at 2 AM
    SCHTASKS.EXE /Create /S $Env:COMPUTERNAME /RU SYSTEM /SC WEEKLY /D SUN /TN $TaskName /TR $TaskRun /ST 02:00 /RL HIGHEST /F 
    break
    
    # Example: Daily at 7 AM
    SCHTASKS.EXE /Create /S $Env:COMPUTERNAME /RU SYSTEM /SC DAILY /TN $TaskName /TR $TaskRun /ST 07:00 /RL HIGHEST /F 
    break
    
    # Run now:
    SCHTASKS /Run /TN "\$TaskName"
    break 
    
  • #80168

    Andrew Dorre
    Participant

    I don't know if you got an answer, but wouldn't you just do something like the following?

    $trigger = New-ScheduledTaskTrigger -Weekly -At "19:00" -DaysOfWeek FRI

    Then simply change the day and time to what you want specifically.

    Sorry to resurrect this if it's irrelevant now, but your post (Biswajit) helped me figure out how to get my own gMSA Scheduled Task to work. I'm including my script below:

    $Argt = '-File "c:\folder\Backup_GPOs.ps1" -Domain contoso.com -BackupFolder "D:\GPO Backups"'
    $action = New-ScheduledTaskAction -Execute '%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe' -Argument $Argt
    $trigger = New-ScheduledTaskTrigger -Weekly -At "19:00" -DaysOfWeek FRI
    $principle = New-ScheduledTaskPrincipal -UserId contoso\gMSAAccout$ -LogonType Password
    Register-ScheduledTask "GPO Metadata Backup" -TaskPath \GPOBackup -Action $action -Trigger $trigger -Principal $principle
    

    This script uses a PowerShell script that will back up the GPO for a domain. I had multiple issues along the way. Some people say to use "-File" instead of "-Command". I also found that not using double quotes around my file paths caused it not to work.

    I found multiple articles and posts about using SCHTASKS.exe out there, but those don't seem to work for gMSAs. Correct me if I'm wrong, but whenever I tried using those instead of the PowerShell task cmdlets, it would never let the task run without the account already being logged in (which is impossible for a gMSA).

    I also had a possible problem with the "-Execute" portion of this script. Originally I was using a different script which simply did a "-Execute Powershell.exe". Whether or not that was my problem is a little hard to tell, because the script was more complicated than the one above. But I read that not have the full path can cause problems in some instances.

    Anyway, thanks for the post!

    EDIT: Also, in your original post, your $trigger variable is spelled with an upper and a lower case in two separate spots.

You must be logged in to reply to this topic.