In regards to ITaskDefinition and authentication
http://msdn.microsoft.com/en-us/libr...=vs.85%29.aspx
I have successfully had task definitions running perfectly well under a domain username and password.
This has allowed scheduled tasks to be created and run perfectly as per configuration put in place.
I have been unsuccessful in identifying the components required to enable a "SYSTEM" or "NT AUTHORITY\Local Service" authentication element to work with ._TASK_LOGON_TYPE i.e. TASK_LOGON_NONE,TASK_LOGON_PASSWORD, TASK_LOGON_S4U, TASK_LOGON_INTERACTIVE_TOKEN, TASK_LOGON_GROUP, TASK_LOGON_SERVICE_ACCOUNT, or TASK_LOGON_INTERACTIVE_TOKEN_OR_PASSWORD
There seems to be conflicting documentation around new security rules in place, but I can see on a windows 7 or 10 machine, there are tasks that have been setup using these authentication elements.
I am also confused as to which of these methods needs to be used:
when using ".Principal"
(http://msdn.microsoft.com/en-us/libr...=vs.85%29.aspx )
I create my ".ID", ".DisplayName", ".UserID", ".LogonType", and ".RunLevel"
But then when you register the task, the userid and password and logonType looks like it gets overwritten anyway, so why use the ".principal" settings?
I assume The register function must override those parameters?
The code below for RegisterTaskDefinition works and functions perfectly.
But what I really require is this outcome below, which will reduce the complexity for the end user having to manually change the task to "SYSTEM" or "Local Service"
Getting these elements wrong, ends in a "Logon failure: unknown user name or bad password. (Exception from HRESULT: 0x8007052E), -2147023570"
as expected.
In fact on just verifying this information as I put together the questions, "System" will need to be used rather than Local Service as Local Service by default does not have write access to the registry.
I hope that is not all too confusing?
Cheers
http://msdn.microsoft.com/en-us/libr...=vs.85%29.aspx
I have successfully had task definitions running perfectly well under a domain username and password.
This has allowed scheduled tasks to be created and run perfectly as per configuration put in place.
I have been unsuccessful in identifying the components required to enable a "SYSTEM" or "NT AUTHORITY\Local Service" authentication element to work with ._TASK_LOGON_TYPE i.e. TASK_LOGON_NONE,TASK_LOGON_PASSWORD, TASK_LOGON_S4U, TASK_LOGON_INTERACTIVE_TOKEN, TASK_LOGON_GROUP, TASK_LOGON_SERVICE_ACCOUNT, or TASK_LOGON_INTERACTIVE_TOKEN_OR_PASSWORD
There seems to be conflicting documentation around new security rules in place, but I can see on a windows 7 or 10 machine, there are tasks that have been setup using these authentication elements.
I am also confused as to which of these methods needs to be used:
when using ".Principal"
(http://msdn.microsoft.com/en-us/libr...=vs.85%29.aspx )
I create my ".ID", ".DisplayName", ".UserID", ".LogonType", and ".RunLevel"
But then when you register the task, the userid and password and logonType looks like it gets overwritten anyway, so why use the ".principal" settings?
I assume The register function must override those parameters?
The code below for RegisterTaskDefinition works and functions perfectly.
Code:
Call objTaskFolder.RegisterTaskDefinition("\EnableTask", objTaskDefinition, _TASK_CREATION.TASK_CREATE_OR_UPDATE, "domain\userid", "password123", _TASK_LOGON_TYPE.TASK_LOGON_INTERACTIVE_TOKEN_OR_PASSWORD)Code:
Call objTaskFolder.RegisterTaskDefinition("\EnableTask", objTaskDefinition, _TASK_CREATION.TASK_CREATE_OR_UPDATE, "SYSTEM", vbNull, _TASK_LOGON_TYPE.???)as expected.
In fact on just verifying this information as I put together the questions, "System" will need to be used rather than Local Service as Local Service by default does not have write access to the registry.
I hope that is not all too confusing?
Cheers