PowerShell Commands

New-ScheduledTaskPrincipal

New-ScheduledTaskPrincipal [-UserId*] <String> [[-LogonType] {None | Password | S4U | Interactive | Group |ServiceAccount | InteractiveOrPassword}] [[-RunLevel] {Limited | Highest}] [[-ProcessTokenSidType] {None |Unrestricted | Default}] [[-RequiredPrivilege] <String[]>] [[-Id] <String>] [-CimSession <CimSession[]>][-ThrottleLimit <Int32>] [<CommonParameters>]
New-ScheduledTaskPrincipal [-GroupId*] <String> [[-RunLevel] {Limited | Highest}] [[-ProcessTokenSidType] {None |Unrestricted | Default}] [[-RequiredPrivilege] <String[]>] [[-Id] <String>] [-CimSession <CimSession[]>][-ThrottleLimit <Int32>] [<CommonParameters>]

The New-ScheduledTaskPrincipal cmdlet creates an object that contains a scheduled task principal. Use a scheduled task principal to run a task under the security context of a specified account. When you use a scheduled task principal, Task Scheduler can run the task regardless of whether that account is logged on.

You can use the definition of a scheduled task principal to register a new scheduled task or update an existing task registration.

Parameters

-CimSession [<CimSession[]>]

Runs the cmdlet in a remote session or on a remote computer. Enter a computer name or a session object, such as the output of a New-CimSession or Get-CimSession cmdlet. The default is the current session on the local computer.

-GroupId <String>

  • This value is required

Specifies the ID of a user group that Task Scheduler uses to run the tasks that are associated with the principal.

-Id [<String>]

Specifies the ID of a scheduled task principal.

-LogonType [<LogonTypeEnum>]

Specifies the security logon method that Task Scheduler uses to run the tasks that are associated with the principal. The acceptable values for this parameter are:

-- None-- Password-- S4U-- Interactive-- Group-- ServiceAccount-- InteractiveOrPassword

-ProcessTokenSidType [<ProcessTokenSidTypeEnum>]

Specifies the security ID (SID) type of the process token. The acceptable values for this parameter are:

-- None-- Unrestricted-- Default

-RequiredPrivilege [<String[]>]

Specifies an array of user rights that Task Scheduler uses to run the tasks that are associated with the principal. Specify the constant name that is associated with a user right.

-RunLevel [<RunLevelEnum>]

Specifies the level of user rights that Task Scheduler uses to run the tasks that are associated with the principal. The acceptable values for this parameter are:

-- Highest. Tasks run by using the highest privileges.-- Limited. Tasks run by using the least-privileged user account (LUA).

-ThrottleLimit [<Int32>]

Specifies the maximum number of concurrent operations that can be established to run the cmdlet. If this parameter is omitted or a value of 0 is entered, then Windows PowerShellr calculates an optimum throttle limit for the cmdlet based on the number of CIM cmdlets that are running on the computer. The throttle limit applies only to the current cmdlet, not to the session or to the computer.

-UserId <String>

  • This value is required

Specifies the user ID that Task Scheduler uses to run the tasks that are associated with the principal.

<CommonParameters>

This cmdlet supports the common parameters: Verbose, Debug,ErrorAction, ErrorVariable, WarningAction, WarningVariable,OutBuffer, PipelineVariable, and OutVariable.

Outputs
Microsoft.Management.Infrastructure.CimInstance#MSFT_TaskPrincipal
Examples
  1. Register a scheduled task by using a user ID for a task principal:
    1. The second command creates a scheduled task principal:
      PS C:\> $Sta = New-ScheduledTaskAction -Execute "Cmd"
      
      PS C:\> $STPrin = New-ScheduledTaskPrincipal -UserId "LOCALSERVICE" -LogonType ServiceAccount
      

      The New-ScheduledTaskPrincipal cmdlet specifies that Task Scheduler uses the Local Service account to run tasks, and that the Local Service account uses the Service Account logon. The command assigns the ScheduledTaskPrincipal object to the $STPrin variable.

    2. The third command registers the scheduled task Task01 to run the task action named Cmd:
      PS C:\> Register-ScheduledTask Task01 -Action $a -Principal $p
      

      The Principal parameter specifies that the Task Scheduler uses the Local Service account to run the task.This example registers a scheduled task that will run as the Local Service account.

      The first command creates a scheduled task action named Cmd and assigns the ScheduledTaskAction object to the $Sta variable.

  2. Register a scheduled task by using a user group for a task principal:
    1. The second command creates a scheduled task principal:
      PS C:\> $Sta = New-ScheduledTaskAction cmd
      
      PS C:\> $STPrin = New-ScheduledTaskPrincipal -GroupId "BUILTIN\Administrators" -RunLevel Highest
      

      The New-ScheduledTaskPrincipal cmdlet specifies that Task Scheduler uses the Administrators user group that has the highest privileges to run tasks. The command assigns the ScheduledTaskPrincipal object to the $STPrin variable.

    2. The third command registers the scheduled task Task01 to run the task action named Cmd:
      PS C:\> Register-ScheduledTask Task01 -Action $Sta -Principal $STPrin
      

      The Principal parameter specifies that Task Scheduler uses the Administrators user group to run the task.This example registers a scheduled task that runs under logged-in members of the Administrators user group that has the highest privileges.

      The first command creates a scheduled task action named cmd and assigns the ScheduledTaskAction object to the $Sta variable.

This work is licensed under a Creative Commons Attribution 4.0 International. It is attributed to Microsoft Corporation and can be found here.

PowerShell Commands