Deploy scheduled task with group policy - Access denied

I am trying to use group policy to deploy a scheduled task however it is not showing up in the endpoint computer's task scheduler. I checked the even log on the endpoint and i see an error that 'the specific item in my GP object did not apply because access is denied.' Anyone know why?
Here are 2 screenshots of the scheduled task in GP.
Note:
users 'rebootadmin' is a domain administrator
C:\WeeklyReboot  is shared out to the network and rebootadmin has full permissions

task schedule - general optionsTask Scheduler - Actions
LVL 2
tabushAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

McKnifeCommented:
Hi.

And that setting was made in the computer config section? Has to be.
0
tabushAuthor Commented:
Yes.
0
McKnifeCommented:
Are you very sure? https://support.microsoft.com/kb/2447414?wa=wsignin1.0 sounds just like what you see.
Please screenshot the GP management console to show the location of the task.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

tabushAuthor Commented:
See screenshot
scheduled task screenshot
0
tabushAuthor Commented:
Few notes to add:
I tried opening the share to everyone as a test but still got the same error
I originally had the action set to "replace" rather than create but neither worked

Here is the error from event log:
Event log warning
0
McKnifeCommented:
I think you run an unpatched server* and that's the problem. The option you set: "run whether the user is logged on or not" should not even be selectable. please use the system account instead and it will work out at once.

*some options in task scheduler got patched away for security reasons some time ago.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
tabushAuthor Commented:
Yes that did it!
However, my server is fully patched (2012 r2). Unless its this one optional update im missing KB2995388
0
McKnifeCommented:
If yours were fully patched, it would look just like mine... ;)
Look at mine:
 Screenie
0
tabushAuthor Commented:
The setting "run only when user is logged on," does that refer to the user specified above (in your case haha) or does that mean any user is logged on?

Reason im asking is because i continued testing and the script did not execute even though its in task scheduler. I looked in the logs and found error with event ID 101. Researched and found this article: http://social.technet.microsoft.com/wiki/contents/articles/1454.event-id-101-task-properties.aspx 

The user i create (rebootadmin) would never be logged on. Only purpose we created it was to run this script.
0
McKnifeCommented:
The user "system" is always logged on. Take system.
If you selected some other user (as you can see in my screenshot) that task would only run if that user was logged on while the task is triggered.
0
tabushAuthor Commented:
*removed my last commend

I fully patched my server. When i open a new task the option is greyed out but then when i select a user account it is no longer greyed out.
0
tabushAuthor Commented:
Now the logs show that the task completed but it didnt actually work. The cmd file it running should prompt the user then reboot in 30 seconds. Neither actually happened.
If i leave "...use the following user account" blank will it execute as the logged in user? Maybe that will work. Only downside is i need to open that share to all users however if that's the only way ill do it and make it a hidden share.
0
McKnifeCommented:
Sorry, use the system user... :) Why would you need some admin? The system account has all you need and is the best you can do.
0
tabushAuthor Commented:
Is this the user you are referring to? This is what i was using.
screenshot
0
McKnifeCommented:
This is what you were using? Then it would work. The system account is capable of doing anything at the remote machines, including reboots. I have never seen this fail and use it frequently.
As task action, simply use
shutdown -f -r -t 0
0
tabushAuthor Commented:
Yea not sure why that doesnt work. Maybe because when you run as system it runs silently and since my action has /c it isnt working. Running a few more tests, however I think it got it working running as "Builtin\Users"
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.