用户如何取消注册用户的定时任务?
How to Unregister a Scheduled Task to a User by the User?
我正在制作一个 PowerShell 脚本的原型,完成后将 运行 在计算机上作为 SYSTEM,但目前我正在以管理员身份进行测试。脚本将做的一件事是可能为其他用户创建计划任务,例如当其中一个用户登录时。具体来说,我想要一个“首次登录”计划任务。到目前为止,我可以创建计划任务,当我以 运行s 用户身份登录时,但是当它转到最后一行取消注册时,我收到权限错误并且失败。以下是我创建计划任务的方式:
Clear-Host;
$currentIdentity = [System.Security.Principal.WindowsIdentity]::GetCurrent();
$currentPrincipal = New-Object System.Security.Principal.WindowsPrincipal($currentIdentity);
$userName = 'JDOE';
Set-Content `
-Path "C:$userName-FirstLogOn.ps1" `
-Value "
New-Item -Path 'C:\Users$userName\Downloads\FirstLoggedOn.txt' -Force -Confirm:`$false > `$null;
'TEST' | Out-File -FilePath 'C:\Users$userName\Downloads\FirstLoggedOn.txt';
Unregister-ScheduledTask -TaskName '$userName - First Log On' -Confirm:`$false > `$null;
Read-Host;
".Trim();
$action = New-ScheduledTaskAction `
-Execute 'PowerShell.exe' `
-Argument "-File C:$userName-FirstLogOn.ps1";
$principal = New-ScheduledTaskPrincipal `
-UserId $currentPrincipal.Identity.Name `
-RunLevel Highest;
$settings = New-ScheduledTaskSettingsSet;
$trigger = New-ScheduledTaskTrigger `
-AtLogOn `
-User $userName;
$task = New-ScheduledTask `
-Action $action `
-Principal $principal `
-Trigger $trigger `
-Settings $settings;
$task.Author = $userName;
Register-ScheduledTask `
-TaskName "$userName - First Log On" `
-InputObject $task `
-User $userName > $null;
我得到的异常是:
Unregister-ScheduledTask : Access is denied.
At C:\JDOE-FirstLogOn.ps1:5 char:1
+ Unregister-ScheduledTask -TaskName 'JDOE - First Log On' -Confirm: ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (MSFT_ScheduledT...TaskPath = "\"):Root/Microsoft/...T_ScheduledTask)
[Unregister-ScheduledTask], CimException
+ FullyQualifiedErrorId : HRESULT 0x80070005,Unregister-ScheduledTask
我已确保任务的用户是正确的,我什至搞乱了任务文件的权限并授予用户完全访问权限 and/or 所有权,但我仍然遇到访问被拒绝的错误。我应该怎么做才能让它正常工作?
我删除了 $currentIdentity 和 $currentPrincipal,因为我在使用 $env:USERNAME 时没有发现任何问题,但如果由于某种原因失败,请重新添加。
$downloadsFolder = (New-Object -ComObject Shell.Application).NameSpace('shell:Downloads').Self.Path
$scriptDestination = Join-Path $downloadsFolder -ChildPath "$env:USERNAME - FirstLogOn.ps1"
$taskName = "$env:USERNAME - First Log On"
# Adding a Try {...} Catch {...} so if the Task runs but fails to delete itself,
# the error will be stored in a file.
@"
Try
{
'TEST' | Out-File $downloadsFolder\FirstLoggedOn.txt -Force
Unregister-ScheduledTask -TaskName '$taskName' -Confirm:`$false
}
Catch
{
`$_ | Select-Object * | Out-File $downloadsFolder\TaskFailLog.txt
}
"@ | Out-File $scriptDestination
$action = New-ScheduledTaskAction -Execute 'PowerShell.exe' -Argument "-File `"$scriptDestination`""
# NOTE: The Access Denied Error was coming from here, -RunLevel Highest requires that the
# current PS session is running with the Highest privileges.
$principal = New-ScheduledTaskPrincipal -UserId $env:USERNAME
$settings = New-ScheduledTaskSettingsSet
$trigger = New-ScheduledTaskTrigger -AtLogOn -User $env:USERNAME
$params = @{
Action = $action
Trigger = $trigger
Settings = $settings
Principal = $principal
}
$task = New-ScheduledTask @params
$params = @{
TaskName = $taskName
InputObject = $task
User = $env:USERNAME
}
Register-ScheduledTask @params
我正在制作一个 PowerShell 脚本的原型,完成后将 运行 在计算机上作为 SYSTEM,但目前我正在以管理员身份进行测试。脚本将做的一件事是可能为其他用户创建计划任务,例如当其中一个用户登录时。具体来说,我想要一个“首次登录”计划任务。到目前为止,我可以创建计划任务,当我以 运行s 用户身份登录时,但是当它转到最后一行取消注册时,我收到权限错误并且失败。以下是我创建计划任务的方式:
Clear-Host;
$currentIdentity = [System.Security.Principal.WindowsIdentity]::GetCurrent();
$currentPrincipal = New-Object System.Security.Principal.WindowsPrincipal($currentIdentity);
$userName = 'JDOE';
Set-Content `
-Path "C:$userName-FirstLogOn.ps1" `
-Value "
New-Item -Path 'C:\Users$userName\Downloads\FirstLoggedOn.txt' -Force -Confirm:`$false > `$null;
'TEST' | Out-File -FilePath 'C:\Users$userName\Downloads\FirstLoggedOn.txt';
Unregister-ScheduledTask -TaskName '$userName - First Log On' -Confirm:`$false > `$null;
Read-Host;
".Trim();
$action = New-ScheduledTaskAction `
-Execute 'PowerShell.exe' `
-Argument "-File C:$userName-FirstLogOn.ps1";
$principal = New-ScheduledTaskPrincipal `
-UserId $currentPrincipal.Identity.Name `
-RunLevel Highest;
$settings = New-ScheduledTaskSettingsSet;
$trigger = New-ScheduledTaskTrigger `
-AtLogOn `
-User $userName;
$task = New-ScheduledTask `
-Action $action `
-Principal $principal `
-Trigger $trigger `
-Settings $settings;
$task.Author = $userName;
Register-ScheduledTask `
-TaskName "$userName - First Log On" `
-InputObject $task `
-User $userName > $null;
我得到的异常是:
Unregister-ScheduledTask : Access is denied.
At C:\JDOE-FirstLogOn.ps1:5 char:1
+ Unregister-ScheduledTask -TaskName 'JDOE - First Log On' -Confirm: ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (MSFT_ScheduledT...TaskPath = "\"):Root/Microsoft/...T_ScheduledTask)
[Unregister-ScheduledTask], CimException
+ FullyQualifiedErrorId : HRESULT 0x80070005,Unregister-ScheduledTask
我已确保任务的用户是正确的,我什至搞乱了任务文件的权限并授予用户完全访问权限 and/or 所有权,但我仍然遇到访问被拒绝的错误。我应该怎么做才能让它正常工作?
我删除了 $currentIdentity 和 $currentPrincipal,因为我在使用 $env:USERNAME 时没有发现任何问题,但如果由于某种原因失败,请重新添加。
$downloadsFolder = (New-Object -ComObject Shell.Application).NameSpace('shell:Downloads').Self.Path
$scriptDestination = Join-Path $downloadsFolder -ChildPath "$env:USERNAME - FirstLogOn.ps1"
$taskName = "$env:USERNAME - First Log On"
# Adding a Try {...} Catch {...} so if the Task runs but fails to delete itself,
# the error will be stored in a file.
@"
Try
{
'TEST' | Out-File $downloadsFolder\FirstLoggedOn.txt -Force
Unregister-ScheduledTask -TaskName '$taskName' -Confirm:`$false
}
Catch
{
`$_ | Select-Object * | Out-File $downloadsFolder\TaskFailLog.txt
}
"@ | Out-File $scriptDestination
$action = New-ScheduledTaskAction -Execute 'PowerShell.exe' -Argument "-File `"$scriptDestination`""
# NOTE: The Access Denied Error was coming from here, -RunLevel Highest requires that the
# current PS session is running with the Highest privileges.
$principal = New-ScheduledTaskPrincipal -UserId $env:USERNAME
$settings = New-ScheduledTaskSettingsSet
$trigger = New-ScheduledTaskTrigger -AtLogOn -User $env:USERNAME
$params = @{
Action = $action
Trigger = $trigger
Settings = $settings
Principal = $principal
}
$task = New-ScheduledTask @params
$params = @{
TaskName = $taskName
InputObject = $task
User = $env:USERNAME
}
Register-ScheduledTask @params