Feature Request - Grani_ScheduleTask - Add "At log on" and "At startup"

[Zuldan]

Thank you for a fantastic scheduled task resource. I've used it many times, however I've come across a situation where I need to use the Scheduled Tasks Triggers "At log on" and "At startup". Would it be possible to add these trigger types?

[guitarrapc]

Thank you for using Grani_ScheduleTask:) I'm very pleased to hear it helps you. Let me check your request for a while, as it may requires to break current schema.

[Zuldan]

Thank you so much for looking into it. If you are able to add these features it's going to help me in a really big way.

I'm using Powershell 5 RTM (10586.51) because I need the DSC partial configuration feature in a production environment. I have a multiple partial configurations across 241 servers. I'd like to do some special scheduling stuff but just missing the at logon and at start up feature.

Btw: your Powershell code in your modules is very neat and tidy :-) I'm impressed.

[guitarrapc]

Hi @Zuldan ,

I have updated Grani_ScheduleTask and released ver.3.7.0.

Can you try it and check with your usage? You may find AtLogOn and AtStartup as new parameters.

I believe it works nice for you, but please be sure I had broken Backward compatibility for ScheduledTimeSpanDay|Hour|Minute and ScheduledDurationDay|Hour|Minute for further usability. Please use RepetitionIntervalTimeSpanString and RepetitionDurationTimeSpanString instead. I have updated README for your reference.

[Zuldan]

Thank you so much guitarrapc. I'm going to try it out this week in the lab. I'll let you know how I go.

[Zuldan]

Hi guitarrapc, I've found a small bug in our lab environment. When you reference credentials to a scheduled task (so that 'Run whether user is logged on or not' is used), I get a "No mapping between account names and security IDs was done" error because resource is adding the "Domain name" again after the username.

UserId:LABDOMAIN\s-enforcer\LABDOMAIN

VERBOSE: [LABSERVER01]: LCM: [ Start Resource ] [[cScheduleTask]ScheduleTask] VERBOSE: [LABSERVER01]: LCM: [ Start Test ] [[cScheduleTask]ScheduleTask] VERBOSE: [LABSERVER01]: [[cScheduleTask]ScheduleTask] hoge VERBOSE: [LABSERVER01]: [[cScheduleTask]ScheduleTask] False VERBOSE: [LABSERVER01]: LCM: [ End Test ] [[cScheduleTask]ScheduleTask] in 0.7030 seconds. VERBOSE: [LABSERVER01]: LCM: [ Start Set ] [[cScheduleTask]ScheduleTask] VERBOSE: [LABSERVER01]: [[cScheduleTask]ScheduleTask] Ensure detected as Present. Setting ScheduledTask for TaskPath '\', TaskName 'Logon Email Alert'. Invoke-CimMethod : No mapping between account names and security IDs was done. (7,36):UserId:LABDOMAIN\s-enforcer\LABDOMAIN At C:\Invoke-Test.ps1:20 char:5

• Invoke-CimMethod -CimSession $ComputerName -Name PerformRequiredC ...

• 
  - CategoryInfo          : NotSpecified: (PS_ScheduledTask:) [Invoke-CimMethod], CimException
  - FullyQualifiedErrorId : HRESULT 0x80070534,Register-ScheduledTask,Microsoft.Management.Infrastructure.CimCmdlets.InvokeCimMethodCommand
  - PSComputerName        : LABSERVER01

I'm using...

        cScheduleTask ScheduleTask
        {
            Ensure = "Present"
            Execute = "powershell.exe"
            Argument = 'C:\Scripts\LogonEmailAlert\LogonEmailAlert.ps1'
            TaskName = "Logon Email Alert"
            TaskPath = "\"
            AtLogon = $true
            Compatibility = "Win8"
            Credential = $Credential
            Disable = $false
        }

[guitarrapc]

Thanks for your test! I will check and fix it. Would be better removing domain....;)

[Zuldan]

Hi guitarrapc, unfortunately I have to specify the domain as the credentials I use tie in with other resources which require the domain to be specified. The special interface we use to compile the MOF file only accepts 1 set of credentials. When this bug is fixed I'll be able to deploy the new version to the production servers.

[guitarrapc]

Hi @Zuldan, I have fixed issue and confirmed can set Domain Credential as both DOMAIN\USER and USER@DOMIN style.

   cScheduleTask ScheduleTask
        {
            Ensure = "Present"
            Execute = "powershell.exe"
            Argument = 'C:\Scripts\LogonEmailAlert\LogonEmailAlert.ps1'
            TaskName = "Logon Email Alert"
            TaskPath = "\"
            AtLogon = $true
            Compatibility = "Win8"
            Credential = $Credential
            Disable = $false
        }

It worked with my lab. Please try ver.3.7.1.

[Zuldan]

guitarrapc that worked perfectly! Thank you. However, I've now found 1 more issue.

Under the "At log on" trigger you have 2 options, "Any user" or "Specific user". I need the option set to "Any user". Could you make this the default "Any user" OR add the ability to specify if it should be "Any user" or "Specific user"?

Sorry for being so painful. I really appreciate all the work you have done.

[guitarrapc]

Oh is it required? I know it but I didn't think it is needed:) Alright I can do it for you. You have 2 options.

1. Add Separate MOF key for [string]AtLogOnUserId (default = "", means Any user)
2. Add additional key for [bool]UseAnyUserIdAtLogOn (default = $true, means Any user)

I think second choice is much better because of I recognize as "Specific User" can't be differ from Credential User. So 1st choice would force you dupe UserId.

What do you think?

[Zuldan]

I have to have the task run when any user logs into the server. In my case, the task that is running is not user bound. Thank you for accepting to add the feature :-)

I agree, option 2 is the better way to implement it.

[guitarrapc]

Wow, I was wrong. I can set Specific User who is not same as Credential User.

I think second choice is much better because of I recognize as "Specific User" can't be differ from Credential User. So 1st choice would force you dupe UserId.

$trigger = New-ScheduledTaskTrigger -AtLogOn -User test
$action = New-ScheduledTaskAction -Execute powershell.exe
Register-ScheduledTask -Force -TaskName test -Action $action -Trigger $trigger -User Hoge -Password Hoge

I will choose Option1.

[guitarrapc]

Zuldan,

Alright, I have released ver.3.7.2 with AtLogOnUserId support. Please try it.

[Zuldan]

guitarrapc, we are almost there....here is the latest issue.

If I run the resource to create a new scheduled task from scratch then the "Any user' is specified correctly, however, if I then change "Any user" to "Specific user" then invoke a consistency check, the resource does not revert the setting back to "Any user". I suspect the test resource section in the module is not testing for this setting?

[guitarrapc]

Thanks Zuldan, Oh yes, what a mistake.... Can you try latest master?

[Zuldan]

guitarrapc the latest master has worked! Everything is working perfectly. I'm going to start rolling it out to production. I want to thank you for making a beautiful implementation of DSC Resource for Scheduled Tasks. Well done!

fyi, the following issue is not impacting me but I thought I should let you know. When I run Set-DscLocalConfigurationManager or a WMI consistency check this error appears when I have an older version of of GraniResource on a server. For example...

C:\Program Files\WindowsPowerShell\Modules\GraniResource\3.5.0 and C:\Program Files\WindowsPowerShell\Modules\GraniResource\3.7.2

Importing module Grani_ScheduleTask failed with error - Cannot add type. The type name 'ScheduledTaskPropertyType' already exists. At C:\LabTest\Invoke-Server.ps1:190 char:13

• Update-DscConfiguration -ComputerName $ServerList -Wait:$ ...

• 
  - CategoryInfo          : InvalidOperation: (root/Microsoft/...gurationManager:String) [], CimException
  - FullyQualifiedErrorId : ImportModuleFailed

If I run Set-DscLocalConfigurationManager or WMI consistency check again it seems to go away.

Name Value

---

PSVersion 5.0.10586.51 PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...} BuildVersion 10.0.10586.51 CLRVersion 4.0.30319.34209 WSManStackVersion 3.0 PSRemotingProtocolVersion 2.3 SerializationVersion 1.1.0.1

[guitarrapc]

Appreciate for your cooperation.

Yes, this behavior is belongs to what .NET do. As PowerShell using Single AppDomain it can't be unloaded after Add-Type XXXX was loaded. There are no way to undo Add-Date, so the issue is because of DSC load new module after old module was loaded when deploying new DSC Resource, in this case GraniResource 3.7.2.

There are way to suppress error by $ErrorActionPreference = "SilentlyContinue", or try{}catch{}. However this error indicates type was changed and is very important for DSCResource behavior notification. So I'm sorry but will not suppress it.

The only way to avoid this is Class Base Syntax in PowerShell 5.0. But I do rather want to support v4, so please accept this at this stage. I will cut off v4 support when My Production is all converted to V5. Or is Import-DscResource -ModuleName GraniResource -ModuleVersion 3.7.2 works?

Cheers,

[renaudl]

Hello guitarrapc, I have added an issue around created task with new taskpath. could you please have a look and let me know what you think? regards

Renaud