Written by #xxaxxelxx

GPO | Create a scheduled task

Create the task on a computer. Set the executional principal to ‘NT AUTHORITY\SYSTEM’. Type the string directly or search for ‘SYSTEM’ in the computers local branch. Test it locally. Export the Task as xml. Copy the xml to an accessable network share.

Create a powershell script to install the task out of this xml. Example for Windoes Defender Events:

Register-ScheduledTask -Xml (Get-Content 'C:\install\Microsoft-Windows-Windows Defender_Operational_Microsoft-Windows-Windows Defender_1116.xml' | out-string) -TaskName 'DefenderMailTask' -Force

or

schtasks.exe /Create /XML task.xml /tn taskname

Copy the script also to an accessable network share.

Open gpmc. Create a new policy. Edit this policy (computer branch):

  1. Copy the xml from the share to the workstation.
  2. Copy the ps1 script from the share to the workstation.
  3. Set the local ps1 script as a powershell start script.

Test it:

  1. Run the script locally from a powershell (with admin privs)
  2. Restart the machine, gpupdate /force is maybe to weak. :)
  3. Cun cmd as admin and do gpresult /z /scope:computer and check the output for your scripts.

Leave a Reply

Please log in using one of these methods to post your comment:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.