Replace the Credentials with gMSA for scheduled tasks

  • 165 Views
  • Last Post 14 February 2017
bshwjt posted this 12 February 2017

Hi,

We have multiple scheduled tasks & those are running by normal service acct.

Now we need to change with newly created gMSA. Just need to Replace the Credentials with gMSA . All other parameters need to be same to same.

Can you please help!

 Thanks

Order By: Standard | Newest | Votes
bshwjt posted this 14 February 2017

Thanks Eric. I also scheduled and that is working but any tweak for export and import scheduled task with gMSA.
#Scheduled Task$DurationTimeSpan = New-TimeSpan -Hours 12 $DurationTimeSpanIndefinite = ([TimeSpan]::MaxValue)$DurationTempTest = New-TimeSpan -Days 1000$Argt = "-File C:\Scripts\test-services.ps1"$action = New-ScheduledTaskAction -Execute '%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe' -Argument $Argt$Trigger = New-ScheduledTaskTrigger -Once -At "07:00" -RepetitionInterval $DurationTimeSpan -RepetitionDuration $DurationTempTest$principle = New-ScheduledTaskPrincipal -UserId contoso\npa1234$ -LogonType PasswordRegister-ScheduledTask myserviceadmintask -TaskPath \AD-Service -Action $action -Trigger $trigger -Principal $principle -Description "Disk Report-Author:Biswajit-Managed by Powershell Only GUI Wont work"
On 14-Feb-2017 3:12 AM, "Eric Kool-Brown" <kool@xxxxxxxxxxxxxxxx> wrote:
















You have to use PowerShell. Something like this would work after installing the gMSA on the computer and granting it logon-as-a-batch rights.

 

$taskName = "my task" # substitute the task name

$taskPrincipal = "domain\gMSA$" # substitute your domain and gMSA name

 

$principal = New-ScheduledTaskPrincipal -UserID $taskPrincipal -LogonType Password -RunLevel Highest

 

$task = Get-ScheduledTask -TaskName $taskName

 

Set-ScheduledTask -TaskName $task.TaskName -Action $task.Actions -Trigger $task.Triggers -Principal $principal

 

Caveat: there are other issues that can crop up. I have two machines running the same tasks. On one they run using a gMSA but on the other computer the scheduled

tasks fail to start. I’m still debugging this.

 

    Eric

 

show

kool posted this 13 February 2017

You have to use PowerShell. Something like this would work after installing the gMSA on the computer and granting it logon-as-a-batch rights.

 

$taskName = "my task" # substitute the task name

$taskPrincipal = "domain\gMSA$" # substitute your domain and gMSA name

 

$principal = New-ScheduledTaskPrincipal -UserID $taskPrincipal -LogonType Password -RunLevel Highest

 

$task = Get-ScheduledTask -TaskName $taskName

 

Set-ScheduledTask -TaskName $task.TaskName -Action $task.Actions -Trigger $task.Triggers -Principal $principal

 

Caveat: there are other issues that can crop up. I have two machines running the same tasks. On one they run using a gMSA but on the other computer the scheduled

tasks fail to start. I’m still debugging this.

 

    Eric

 

show

Close