We help IT Professionals succeed at work.

Scheduled Task Could Not Start

2,038 Views
Last Modified: 2008-08-06
I have a number of Scheduled task on different servers. I recently changed the account that they are running under from domain\administrator to domain\acountxx. since changing the account none of my scheduled tasks are running they all fail to start with the status message "Could not start" and the following in the schedule tasks log

The attempt to log on to the account associated with the task failed, therefore, the task did not run.
The specific error is:
0x80070569: Logon failure: the user has not been granted the requested logon type at this computer.
Verify that the task's Run-as name and password are valid and try again.

The account name and password are valid, if I manually run the task imediatly after setting the account and password the task works fine

I added the new account to my gpo and gave it run as batch and run as service permissions. the account has domain admins and administrators permissions.


What am I missing to enable this account run my scheduled task

also note. that these task work just fine if i run them under domain\administrator so I know its not the task itself but permission problems
Comment
Watch Question

Nitin GuptaSolutions & Presales
CERTIFIED EXPERT

Commented:
The account has Domain Admin permission right, I assume it also is a part of Administrator group on the servers.
See if there is any GPO that is changing the "Log on as a batch job" Policy setting  also you can add the user 'logon as batch job' rights (server side). Control Panel -> Admin Tools -> Local Security Policy\Local Policies\User Rights Assignments "Log on as a batch job"
 

Author

Commented:
the account has both domain admin rights and is part of the administrators group.

it is set as log on as batch in the gpo policy's and if I check the local policy on the server this setting is being applied as the account shows in the logon as batch setting
Nitin GuptaSolutions & Presales
CERTIFIED EXPERT

Commented:
Delete and recreate the Scheduled Job ! This works in most cases.
Henrik JohanssonSystems engineer
Top Expert 2008

Commented:
In security subject, do you really want to blow up a hole and use users with that group membership for scheduled tasks or services?
'Domain Admins'-group is by default member of all Administrators-group in the domain.
The privilege neaded for scheduled tasks is only log on as batch job, not nead to have log on as service.

Use rsop.msc to find if any policy is configuring 'Deny log on as batch job'. If deny is applied to any group the user is member of, it will override the allow-permission.

Author

Commented:
henjoh09 when using rsop.msc there is nothing being set under "deny log on as batch job"

however it also does not show the account I am attempting to use in the "log on as batch job" group it appears that the policy is being overridden somewhere
Henrik JohanssonSystems engineer
Top Expert 2008

Commented:
rsop.msc will display what GPO is applying the policy setting. It also detects errors (use properties->error information).
As 'user rights assignment' is part of 'computer configuration', is the GPO linked to OU-structure containing the computer object?
Is there any GPO-blocking in the OU-path preventing the GPO from applying?
Any error in %WINDIR%\security\logs\netlogon.log ?

Author

Commented:
I don't see any errors, but there is settings being applied from the domain root gpo that appear to be overriding the settings I am attempting to set, is there a way to have it combine the 2 different "log on as batch" settings from the different gpo's or is it a case of I can have one or the other?
Henrik JohanssonSystems engineer
Top Expert 2008

Commented:
Policies are applied in the following order with the last applied winning:
1) Local
2) Site
3) Domain
4) OU-structure

Site overrides local, domain overrides site, OU overrides domain.

Author

Commented:
that being said them my policy should have been working, as it is on an OU, but it was being overridden by a Domain root policy,
Systems engineer
Top Expert 2008
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.