如何以 Windows 本地服务帐户身份运行执行 PowerShell 脚本的 Windows 任务

Question

我更喜欢使用注册-ScheduledJob因为它允许我使用 PowerShell 脚本块而不是脚本文件。但您可以自由地只使用注册ScheduledTask那就更加容易了。

在下面的脚本中我使用注册-ScheduledJob创建一个 PowerShell 作业。
然后我使用设置计划任务将启动帐户更改为 LocalSystem 或任何其他内置帐户。

您可以多次运行该脚本。但请在管理员帐户下运行。

见$accountId = "NT AUTHORITY\LOCAL SERVICE";下文。
还要注意-RunElevated。我已为您注释掉它，这样就可以了。

$ErrorActionPreference = 'Stop'


Clear-Host

$taskName = "it3xl_dummy_PowerShell_job"
# Unregister-ScheduledJob it3xl_dummy_PowerShell_job -Confirm:$false

$task = Get-ScheduledJob -Name $taskName  -ErrorAction SilentlyContinue
if ($task -ne $null)
{
    Unregister-ScheduledJob $task  -Confirm:$false
    Write-Host "Old $taskName job has been unregistered"; Write-Host;
}


$trigger = New-JobTrigger -AtStartup;

$options = New-ScheduledJobOption -StartIfOnBattery  #-RunElevated;

Write-Host "Registering new $taskName job";
Register-ScheduledJob -Name $taskName  -Trigger $trigger  -ScheduledJobOption $options `
    -ScriptBlock {
    Write-Host In our PowerShell job we say - oppa!;
}


#$accountId = "NT AUTHORITY\SYSTEM";
$accountId = "NT AUTHORITY\LOCAL SERVICE";
$principal = New-ScheduledTaskPrincipal -UserID $accountId `
    -LogonType ServiceAccount  -RunLevel Highest;

$psSobsSchedulerPath = "\Microsoft\Windows\PowerShell\ScheduledJobs";
$someResult = Set-ScheduledTask -TaskPath $psSobsSchedulerPath `
    -TaskName $taskName  -Principal $principal


Write-Host;
Write-Host "Let's show proofs that our PowerShell job will be running under the LocalSytem account"
$task = Get-ScheduledTask -TaskName $taskName
$task.Principal

Write-Host "Let's start $taskName"
Start-Job -DefinitionName $taskName | Format-Table

Write-Host "Let's proof that our PowerShell job was ran"
Start-Sleep -Seconds 3
Receive-Job -Name $taskName

Answer 1

我更喜欢使用注册-ScheduledJob因为它允许我使用 PowerShell 脚本块而不是脚本文件。但您可以自由地只使用注册ScheduledTask那就更加容易了。

在下面的脚本中我使用注册-ScheduledJob创建一个 PowerShell 作业。
然后我使用设置计划任务将启动帐户更改为 LocalSystem 或任何其他内置帐户。

您可以多次运行该脚本。但请在管理员帐户下运行。

见$accountId = "NT AUTHORITY\LOCAL SERVICE";下文。
还要注意-RunElevated。我已为您注释掉它，这样就可以了。

$ErrorActionPreference = 'Stop'


Clear-Host

$taskName = "it3xl_dummy_PowerShell_job"
# Unregister-ScheduledJob it3xl_dummy_PowerShell_job -Confirm:$false

$task = Get-ScheduledJob -Name $taskName  -ErrorAction SilentlyContinue
if ($task -ne $null)
{
    Unregister-ScheduledJob $task  -Confirm:$false
    Write-Host "Old $taskName job has been unregistered"; Write-Host;
}


$trigger = New-JobTrigger -AtStartup;

$options = New-ScheduledJobOption -StartIfOnBattery  #-RunElevated;

Write-Host "Registering new $taskName job";
Register-ScheduledJob -Name $taskName  -Trigger $trigger  -ScheduledJobOption $options `
    -ScriptBlock {
    Write-Host In our PowerShell job we say - oppa!;
}


#$accountId = "NT AUTHORITY\SYSTEM";
$accountId = "NT AUTHORITY\LOCAL SERVICE";
$principal = New-ScheduledTaskPrincipal -UserID $accountId `
    -LogonType ServiceAccount  -RunLevel Highest;

$psSobsSchedulerPath = "\Microsoft\Windows\PowerShell\ScheduledJobs";
$someResult = Set-ScheduledTask -TaskPath $psSobsSchedulerPath `
    -TaskName $taskName  -Principal $principal


Write-Host;
Write-Host "Let's show proofs that our PowerShell job will be running under the LocalSytem account"
$task = Get-ScheduledTask -TaskName $taskName
$task.Principal

Write-Host "Let's start $taskName"
Start-Job -DefinitionName $taskName | Format-Table

Write-Host "Let's proof that our PowerShell job was ran"
Start-Sleep -Seconds 3
Receive-Job -Name $taskName

如何以 Windows 本地服务帐户身份运行执行 PowerShell 脚本的 Windows 任务

答案1

相关内容