troubleshooting Question

Best Group or Permissions for Domain User to run Scheduled Task

Avatar of Tessando
TessandoFlag for United States of America asked on
SecurityPowershell
44 Comments3 Solutions15377 ViewsLast Modified:
I need to run a Scheduled Task as a domain user. For the sake of explanation, let's just say: DOMAIN/Scheduled_Tasks is the user.

I've created the Scheduled Task in question (just a simple, local Powershell script) and when this user (DOMAIN/Scheduled_Tasks) is in the local Administrator group, the Task runs as expected.

When I remove the user out of the local Administrator Group, the task bombs with:

Task Scheduler failed to start "***" task for user "DOMAIN\scheduled_tasks". Additional Data: Error Value: 2147942667.

Using local security policy, I've added this user to:

Security Settings -> Local Settings -> User Rights Assignment -> Allow Log On Locally
Security Settings -> Local Settings -> User Rights Assignment -> Log On As A Batch Job
Security Settings -> Local Settings -> User Rights Assignment -> Log On As A Service

What are some options here to get DOMAIN/Scheduled_Tasks to run a Task without adding that user to the Administrator Group?


...
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 3 Answers and 44 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 3 Answers and 44 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros