We are experiencing an interesting issue with our 2012 servers and using secondary logons and scheduled tasks.
We run our scheduled tasks under a service account - which works fine on earlier OS versions, but with Windows 2012 we are finding that it is not enumerating it's permissions when the scheduled task starts.
1. RDP onto Standard windows 2012 server (SERVER1)
2. Create scheduled task to run a batch script copying out of local folder to remote server
3. Set user account to Scheduled Task service account and run even though user is not logged in (option where a password is entered when the task options window is closed).
4. Run scheduled task
Path being mirrored from \\SERVER1\Group$\RANDD
Path being mirrored to: \\SERVER2\Group$\RANDD
1. The service account (SchedSVC) is a member of "Domain Admins"
2. The "Domain Admins" security group is a member of "SERVER1\Administrators"
3. Share Permissions allows "DOMAIN\Domain Admins" Full Control
3. NTFS Permissions on the folder allows "SERVER\Administrators" Full Control
4. NTFS Permissions on the folder have no denials set
Things I have tried
1. On SERVER 1 - Run scheduled task = FAIL
2. On SERVER 1 - Runas command prompt and CD to D:\Group folder on SERVER1 = Success
3. On SERVER 1 - Runas command prompt and CD to D:\Group\RANDD folder on SERVER1 = Access Denied
4. On SERVER 1 - Runas command prompt and PUSHD to \\SERVER1\Group$ = Access Denied
4. From my machine (W7) - Runas command prompt and PUSHD to \\SERVER1\Group$ = Successful
6. From my machine (W7) - Runas command prompt and PUSHD to \\SERVER1\Group$ = Successful
On my W7 machine
D:\Edinburgh North\Group>cd RANDD
Access is denied.
Access is denied.
In summary - permissions do not appear to be enumerating.
Anyone else have this issue - or have any ideas?