I've got a PowerShell script that checks when a user's password was last set. If it's been more than 166 days, the script sends them an email reminder to change their password. This script runs fine in PowerShell ISE as long as I launch it as an admin, which allows it to access the Active Directory property 'pwdLastSet'.
However, I've been trying to set this up in Task Scheduler so it runs automatically, and it just won't work anymore. It used to function well, but after a series of Windows updates, it stopped. I'm using a domain admin account for the task, and I've checked all the settings, including 'Run whether user is logged on or not' and 'Run with highest privileges'. The task is scheduled for daily execution at 2:00 AM.
In the Actions section of Task Scheduler, I'm using the path to PowerShell.exe and the script file. Unfortunately, every time I trigger the task manually, it ends with the error code (0x1). I even tried placing the script on a shared folder with open access, but still no luck. Does anyone have suggestions on what I might be doing wrong?
5 Answers
Try adding logging! Using `Start-Transcript` and `Stop-Transcript` in your script can really help you see what's happening when it runs in Task Scheduler. You can specify a log file like `C:Templog.txt` so you can check it afterward.
First off, definitely check your context and permissions. If something's failing, that's a good place to start. Also, you might want to confirm that the account running the task has the 'Log on as a batch job' right in Group Policy.
Check if your script works without issues directly in PowerShell, not just ISE. If it does, then explore what could cause it to need elevated permissions—usually, scripts that only retrieve info shouldn't need admin rights.
Consider not running this as a domain admin. It’s generally a good practice to use a service account specifically for tasks like this, as using high privilege accounts can lead to unnecessary security risks.
Make sure your account has the right permissions to read those Active Directory attributes. Also, check if you need to use an execution policy flag in your task arguments like `-ExecutionPolicy Bypass`.
Related Questions
Set Wordpress Featured Image Using Javascript
How To Fix PHP Random Being The Same
Why no WebP Support with Wordpress
Replace Wordpress Cron With Linux Cron
Customize Yoast Canonical URL Programmatically
[Centos] Delete All Files And Folders That Contain a String