Hi all,
I have a customer who requires me to find a solution to deleting a file type from a specific location for each user on login. Each user is a standard user. I am trying to find a way to do this via Intune/ Endpoint Mgr.
I have written a script in PowerShell to create a scheduled task, per the below:
Remove RDP files from Downloads
$action = New-ScheduledTaskAction -Execute "powershell.exe -ExecutionPolicy bypass -Argument Remove-Item C:\Users*\Downloads*.rdp"
Set the trigger to be at any user logon
$trigger = New-ScheduledTaskTrigger -AtLogOn
Specifies that Task Scheduler uses the Local Service account to run tasks, and that the Local Service account uses the Service Account logon. The command assigns the ScheduledTaskPrincipal object to the $STPrin variable.
$STPrin = New-ScheduledTaskPrincipal -UserId "SYSTEM" -LogonType ServiceAccount
Create the Scheduled Task
Register-ScheduledTask -Action $action -Trigger $trigger -TaskName "Delete RDP from Downloads" -Description "Delete RDP from Downloads" -Principal $STPrin
When run as an admin during testing, this works. However, when run as a standard user, I get an access is denied error' for the 'Register-ScheduledTask' cmdlet.
If I package this script, can I get around this as it will install using an Azure AD admin? or are there any other solutions to this?
Thanks in advance :)