I am trying to setup a powershell script to run as a scheduled task that disables an AD account every evening.
Disable-ADAccount -Identity <UserName>
The above script works when run manually, but not as a scheduled task. So far I have tried running this under the System account on both the DC (server 2008 R2) and another member server (server 2012 R2) but although they say "Task Completed" in the history, the account remains enabled. To clarify, the settings are here
I have also tried running it as myself, but get the error that I need "Log on as batch right" permissions
So my question is what do I need to do to get this working? And is it better to run it from the DC or the other server?
Thanks for your help