Closed albefly closed 4 years ago
Have you tried the Task.SetSecurityDescriptorSddlForm
method?
There is also a Task.SetAccess
method that resembles the use of File.SetAccess
with an object-based approach to setting the elements of access control.
To answer your 3-point question, you use:
TaskDefinition td = ts.NewTask();
td.Principal.RunLevel = TaskRunLevel.Highest;
// Set other task properties here
Task task = ts.RootFolder.RegisterTaskDefinition("YourTaskName", taskDefinition,
TaskCreation.CreateOrUpdate, "YourDomain\\YourPrivilegedUser", "userPassword",
TaskLogonType.Password);
// Setup task security descriptor, pulling detail from current task.
var taskSec = new TaskSecurity(task);
// Give any authenticated user the ability to read, update or run the task
taskSec.AddAccessRule(new TaskAccessRule(new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null), TaskRights.Read | TaskRights.Write | TaskRights.Execute, AccessControlType.Allow));
// Apply to task
task.SetAccess(taskSec);
I haven't tested this, but it should work, or get you pretty close.
Thank you so much, I will try it today.
Did that work? May I close this issue?
Yes, it is working fine. Thank you!
On August 31, 2020 8:59:04 PM David Hall notifications@github.com wrote:
Did that work? May I close this issue? — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe.
Thank you for the great product!
I have some problems with the scheduled tasks I made. I created a new task (highest privileges, interactive token, the user should be logged in). Then I realized that the task should be runnable under another non-admin account, so I manually provided the admin username/password to the task and changed the logon type to run it whenever user logged in or not. I switched the account and tried to run the task. I got an error "access denied".
I can fix the problem by applying PS script to change SDDL, but what is the right way to register task with the following parameters:
Thank you! Alex.