问题
I am trying to schedule Task on Task Scheduler, every thing is working fine unless I tick "Run with Highest privileges" or "Run weather user is logged on or not"
As soon as I tick this, scheduler stop triggering my Script.
Script- .Bat file using Power Shell command.
Can any one figure out what went wrong?
Edited- ( Changed file location from drive to network drive)
@Echo Off
:: SDate=DAYMONTHYEAR FORMAT of Systemdate
::set SDate=%date:~7,2%%date:~4,2%%date:~10,4%
::Variable for folder path
for /D %%d in ("\\Server\Schd File\AA\*") do (
for %%a in ("%%d\*.*") do (SET "FPath=%%~dpa"
Set "FName=%%~na" )
)
For /F "Tokens=4-9 Delims=-" %%A In ("%FName%") Do (
Set "Freq=%%B"
Set "ADate=%%F%%E%%D"
)
Set "DFormat=ddMMyyyy"
IF %Freq% == Daily (
For /F UseBackQ %%A In (
`Powershell "([datetime]::ParseExact('%ADate%','%DFormat%',[System.Globalization.CultureInfo]::CurrentCulture)).AddDays(-1).ToString('ddMMyyyy')"`
) Do Set "DateF=%%A"
)
IF %Freq% == Weekly (
For /F UseBackQ %%A In (
`Powershell "([datetime]::ParseExact('%ADate%','%DFormat%', [System.Globalization.CultureInfo]::CurrentCulture)).AddDays(-7).ToString('ddMMyyyy')"`
) Do Set "DateF=%%A"
)
IF %Freq% == Monthly (
For /F UseBackQ %%A In (
`Powershell "([datetime]::ParseExact('%ADate%','%DFormat%', [System.Globalization.CultureInfo]::CurrentCulture)).AddMonths(-1).ToString('MMMyyyy')"`
) Do Set "DateF=%%A"
)
mkdir "%FPath%%Freq%\%DateF%"
move "%FPath%\%FName%.*" "%FPath%%Freq%\%DateF%\"
GoTo :EOF
回答1:
There was a major overhaul of Scheduled Tasks security in Vista and later to prevent hackers from installing a scheduled task that could access network resources.
When you set the task to run whether or not a user is logged on you must set the user credentials to a user with the permissions needed to run the task. That user must also have the local policy set to allow the user to run batch files.
Additionally, when a user is not logged on, task scheduler uses “Service-for-User” (S4U) authentication which denies the user access to any network functionality. Assuming your "D:\AA*" path is a local drive this may not be a problem but if it is a mapped network drive it will be a problem.
"Run with Highest privileges" does not grant higher privileges to the specified user but runs under a completely separate security token for the system Administrator account that is created when Windows is installed.
https://technet.microsoft.com/en-us/library/cc722152(v=ws.11).aspx
https://technet.microsoft.com/en-us/library/cc732613(v=ws.10).aspx
https://technet.microsoft.com/en-us/library/ee844140(v=ws.10).aspx
https://superuser.com/questions/640962/why-cant-a-task-scheduler-job-access-a-mapped-network-drive/782836#782836
The only solution I found to run a task overnight that needs network access was to leave the machine running and the user logged on.
来源:https://stackoverflow.com/questions/44426636/task-scheduler-is-not-supporting-option-run-with-highest-privilege-and-run-we