red*_*888 5 windows powershell jobs scheduled-tasks
我相信Register-ScheduledTask您可以指定-User "System"或执行以下操作:
$principal = New-ScheduledTaskPrincipal -UserId SYSTEM -LogonType ServiceAccount -RunLevel Highest
我该怎么做Register-ScheduledJob?
此命令将运行本地管理员的上下文,因此它有权执行此操作。我只是在 cmdlet 中没有看到这个选项。
编辑:windows 是否通过设计使这成为不可能?如果我打开一个交互式 PS 会话作为系统(使用 psexec)并尝试创建一个计划作业,我会收到一个错误:
PS C:\Windows\system32> Register-ScheduledJob -Name systemsssss -ScriptBlock {'s
dfsdfsdfsd'}
Register-ScheduledJob : An error occurred while registering scheduled job
definition systemsssss to the Windows Task Scheduler. The Task Scheduler
error is: (32,4):UserId:.
At line:1 char:1
+ Register-ScheduledJob -Name systemsssss -ScriptBlock {'sdfsdfsdfsd'}
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (Microsoft.Power...edJobDefini
tion:ScheduledJobDefinition) [Register-ScheduledJob], ScheduledJobExceptio
n
+ FullyQualifiedErrorId : CantRegisterScheduledJobDefinition,Microsoft.Pow
erShell.ScheduledJob.RegisterScheduledJobCommand
当以本地管理员帐户运行时,同样的命令工作正常
首先使用Register-ScheduledJob创建 PowerShell 作业。
然后使用Set-ScheduledTask将启动帐户更改为本地系统或任何其他内置帐户,即SYSTEM、LOCAL SERVICE、NETWORK SERVICE等。
使用以下 PS 脚本。或者从我的GitHub下载Gist
代码是不言自明的(我相信)。
如果您想检查它是如何工作的,您可以在管理帐户下运行它多次。
顺便说一句,我更喜欢使用作业 ( Register-ScheduledJob) 而不是任务,因为作业允许我嵌入 PowerShell 脚本块(字符串)而不是使用外部脚本文件。看看-ScriptBlock下面。
还要注意-RunElevated。这是必须的。
$ErrorActionPreference = 'Stop'
Clear-Host
#### Start of Main Logic ###########################
$taskName = "my_PowerShell_job"
$accountId = "NT AUTHORITY\SYSTEM";
#$accountId = "NT AUTHORITY\LOCAL SERVICE";
$task = Get-ScheduledJob -Name $taskName -ErrorAction SilentlyContinue
if ($task -ne $null)
{
Unregister-ScheduledJob $task -Confirm:$false
Write-Host " @ The old ""$taskName"" PowerShell job has been unregistered"; Write-Host;
}
# Uncomment the following exit command to only delete your job.
# exit;
# Shchedule your job. Using of -AtStartup as an example.
$trigger = New-JobTrigger -AtStartup;
$options = New-ScheduledJobOption -StartIfOnBattery -RunElevated;
Write-Host " @ Registering of ""$taskName"" job";
Register-ScheduledJob -Name $taskName -Trigger $trigger -ScheduledJobOption $options `
-ScriptBlock {
# Put your code here.
Write-Host Your job has been launched!;
}
$principal = New-ScheduledTaskPrincipal -UserID $accountId `
-LogonType ServiceAccount -RunLevel Highest;
$psJobsPathInScheduler = "\Microsoft\Windows\PowerShell\ScheduledJobs";
$someResult = Set-ScheduledTask -TaskPath $psJobsPathInScheduler `
-TaskName $taskName -Principal $principal
#### End of Main Logic ###########################
Write-Host;
Write-Host " @ Let's look at running account of ""$taskName"" PowerShell job"
$task = Get-ScheduledTask -TaskName $taskName
$task.Principal
Write-Host " @ Let's start ""$taskName"" manually"
Start-Job -DefinitionName $taskName | Format-Table
Write-Host " @ Let's proof that ""$taskName"" PowerShell job has been launched"; Write-Host;
Start-Sleep -Seconds 3
Receive-Job -Name $taskName
Write-Host;
抱歉,声誉低于 50 时无法发表评论。
您可以使用组策略将其作为启动脚本运行吗?这将作为本地系统帐户运行。此 cmdlet 看起来没有 runas 的 -verb 参数。
查看: https: //technet.microsoft.com/en-us/library/hh849755.aspx,在 -ScheduledJobOption 下有一个设置 RunElevated=$False,这是默认设置。如果您将其设置为 true ,它会以管理员身份运行吗?
我没试过,可能有用。
希望这可以帮助。
谢谢,蒂姆。
| 归档时间: |
|
| 查看次数: |
3940 次 |
| 最近记录: |