Jerry Seinfield
asked on
powershell help to stop an automated task
Hello Experts,
I have an scheduled task that runs daily on every single domain controller under a service account that by mistake their password expired.
We have enabled the condition that password never expires for this service account, and since we had to reset the password, we must now perform following tasks:
1. Stop the automated task called MonitoringX on each DC
2. Update the scheduled task with the new password.per DC
3. Start the automated task
Can someone please provide me with a PS to perform all of these tasks for all domain controllers on my forest?
Thank you in advance
I have an scheduled task that runs daily on every single domain controller under a service account that by mistake their password expired.
We have enabled the condition that password never expires for this service account, and since we had to reset the password, we must now perform following tasks:
1. Stop the automated task called MonitoringX on each DC
2. Update the scheduled task with the new password.per DC
3. Start the automated task
Can someone please provide me with a PS to perform all of these tasks for all domain controllers on my forest?
Thank you in advance
Reset the pw to the old value. Admins may do that.
What @McKnife said. You didn't have to reset the password. All you had to do was change the account settings to "Password never expires."
ASKER
Thanks Kevin and McKnife,
Can you please send me the code to loop that for all dcs in the forest?
Can you please send me the code to loop that for all dcs in the forest?
Code? Just reset the password to what it was in AD manually - one change.
ASKER
because password complexity requirements, i can't reset password to use same old password
The reason I submitted this question is to get help with the Powershell code for all DCs, those cmdlets are easy to find in Google
The reason I submitted this question is to get help with the Powershell code for all DCs, those cmdlets are easy to find in Google
Set-ScheduledTask -taskname yourtask -user yourdom\serviceaccountsname -password "newpassword"
Now how to execute that? I would save this codeline as \\server\share\yourscript.Executing account: system
Action: powershell \\server\share\yourscript.
Get-AdDomainController | Select Name
If you think the suggestion does not fit, you are mistaken. Using a task is better than using remote Powershell since the latter requires to open ports ("a push"), while the task I suggest does not ("a pull").
I provided you a PowerShell snippet for getting all DC names. And @McKnife's answer is perfectly reasonable.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Still, this would need open ports at the DCs in order to work, so for security reasons, the task based solution should be preferred.
I would agree with you @McKnife in my opinion the Task based solution is the better of the solutions here. Regardless, All your I are dotted and T's are crossed with the solutions provided.
*** Note please do not award points for this response.
*** Note please do not award points for this response.
Jerry and others, possibly you will be interested in my article in which I shed light on the security risks of Powershell Remoting (and go into detail about the task alternative):
https://www.experts-exchange.com/articles/35931/About-the-risks-of-executing-commands-remotely.html
https://www.experts-exchange.com/articles/35931/About-the-risks-of-executing-commands-remotely.html
The alternative would be to use schtasks