question

PrestonCole-3464 avatar image
0 Votes"
PrestonCole-3464 asked OddSolberg edited

Intune or Endpoint script using Register-ScheduledTask to create scheduled task

Is this even possible?

I want to use MS Endpoint/Intune to run a powershell script that creates a scheduled task on a Windows 10 machine.

The script I run is:

$taskName = "Task-Name"
$action = New-ScheduledTaskAction -Execute "Rundll32.exe" -Argument "user32.dll,LockWorkStation"
$trigger = New-ScheduledTaskTrigger -Daily -AT "23:00"
$settings = New-ScheduledTaskSettingsSet
$inputObject = New-ScheduledTask -Action $action -Trigger $trigger -Settings $settings
Register-ScheduledTask -TaskName $taskName -InputObject $inputObject

The task will lock the machine at a specific time.
When I paste the script contents into a local powershell, the scheduled task is created.

When I use Endpoint to push the script to a remote machine, it fails.

The Sensor log file on the remote machine reports:
<![LOG[[LogonTaskHelper] Cannot remove task from task scheduler... It does not exists.]LOG]!
The spelling of exists is correct!

Remote Windows 10 is Version 20H2

Am I trying to achieve the impossible?


Cheers

azure-ad-msal
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MarileeTurscak-MSFT avatar image
0 Votes"
MarileeTurscak-MSFT answered

Based on a search through other threads it looks like this has been done. I don't believe there is official guidance around this but there are some examples online. https://www.reddit.com/r/Intune/comments/dv1nzn/script_that_will_create_scheduled_task_on_all/

Here is a blog that has an example of using scheduled tasks to create tasks that run on Log On.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

PrestonCole-3464 avatar image
0 Votes"
PrestonCole-3464 answered

Thanks MarileeTurscak

Sadly this does not talk about using MS Endpoint and scripts.

My powershell script works if I run it locally, that's all good. The issue I have is that when I use MS Endpoint to push the script to a machine, it fails. I am able to push other powershell scripts to machines that change registry entries etc, but this scheduled task creation fails.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

OddSolberg avatar image
0 Votes"
OddSolberg answered OddSolberg edited

Could it be that you have not spesified user? Maby if you add:

$TaskPrincipal = New-ScheduledTaskPrincipal "$env:USERNAME"
or
$TaskPrincipal = New-ScheduledTaskPrincipal "System"

And add the -Principal to the register-scheduledtask command at the end?
Register-ScheduledTask -TaskName $taskName -InputObject -Principal $inputObject $TaskPrincipal

Take a look at this article...
https://www.patrickvanbemmelen.nl/set-a-powershell-script-or-other-file-as-scheduled-task-with-endpoint-manager/

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.