A workaround for the fact that a scheduled task in

2019-04-22 18:12发布

问题:

I am running a small executable created by a third party that needs to run at regular intervals on a Windows 2008 server. This executable effectively ETLs information from one system to another and needs to run every hour or so around the clock. As part of its processing the executable launches a small Windows Forms type UI.

I have set up a scheduled task to call the file and this works ONLY if the user under which the task is configured to run is logged onto the machine (either locally or via Remote Desktop). If I set the task to run as another user, or set the task to run when the user is not logged, on the scheduled task executes and errors. I have tried running as different users including Administrator user and System user. Is there any possible workarounds (without changing the third party code which I have no access to) which would allow this code to be run without a specific user logged in.

回答1:

The GUI app needs a desktop and you only get one of those for a logged in user.



回答2:

This article shows how to create a task that does not require any login: https://www.scriptjunkie.us/2013/01/running-code-from-a-non-elevated-account-at-any-time/

The described procedure is as follows:

First, create a scheduled task to run your command with default options as the current user (this will by default create a scheduled task that only runs when you are logged in):

schtasks /create /tn mytask /SC HOURLY /TR "calc"

Then export the task as XML:

schtasks /query /XML /tn mytask > temp.xml

and delete the task:

schtasks /delete /tn mytask /f

Then open the xml file, and replace the line <LogonType>InteractiveToken</LogonType> with <LogonType>S4U</LogonType>

This can be done with the following commands assuming powershell is on the system: powershell -Command "Get-Content '.\temp.xml' | foreach {$_ -replace 'InteractiveToken', 'S4U' }" > new.xml move /y new.xml temp.xml

Now recreate the task from the modified XML file:

schtasks /create /xml temp.xml /tn mytasks

and remove your temp file:

del /f /q temp.xml



回答3:

I might be late in replying, but can't we use at command, without /interactive...

https://support.microsoft.com/en-us/kb/313565

As per microsoft: /interactive: Use this parameter to allow the task to interact with the desktop of the user who is logged on at the time the task runs.



回答4:

I think I have found a solution for this situation. You need to have two user accounts on the server (User1 and User2). RMD into the server under User1. Within this RMD, create your scheduled task, and set it to run under User2 account. Then, from within this RMD, you need to RMD into the server itself using User2 credentials (kind of like Inception's dream within a dream). It's important not to minimize this new RMD window; you can make it small, but it must be open. You are then free to close the original RMD session and the task will run under the User2 account, because User2 has an open desktop from your 2nd RMD session.

Protip - don't unpin the RMD window handles at the top of the RMD window - it can be a pain to close the correct RMD then. If you do, you'll need to use the Start > Log Out option all the way out of your RMDs.



回答5:

There is a simple solution. Change group to local group "users" and you will not be prompted for a password. (Scheduled Task - General - Security Options - Change User or Group).



回答6:

It would seem that from the research I have done (and David Heffernan's answer), without affecting the source code, this is not possible.

There are some useful thoughts on How can I run a Windows GUI application on as a service? which relate to this but none give a viable workaround to this problem.



回答7:

This looks to be an old thread, but I recently ran in to this in my organization due to UAC requirements they were not using. I am still testing this, but I believe you can still enable interactive mode on a scheduled task by using the /Change command on the task and adding the /IT flag to make it interactive. Referenced here: https://docs.microsoft.com/en-us/windows/desktop/taskschd/schtasks

schtasks /Change /tn "Task A" /IT /RP "password of user if used"

My initial tests show this to be working, however I cannot noticeably see a difference to the task in task scheduler when I do this. So, I am not sure of how to verify if it is set to do this.