Microsoft Virtualization Discussions

cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Microsoft Virtualization Discussions

Ask a Question

A problem when running A PowerShell script in Microsoft task schedular

ehabshukry
‎2016-03-01 10:10 AM
11,986 Views

Hello,

 

I want to use Powershell toolkit 3.3 to throttle SnapVault relation at a specific time of the day. I can run the script successfully  from the powershell command line. The same script will fail if I run it in the Micsosoft task schedular of Win 2012R2 using system account. I've tried to right click on the script in the task scheduler, and then run it but the script stays in "running" state  forever.  I added a couple of commands to write text to a log file to  know where the script stops at, and I found it stops at  "connect-nacontroller filer_ip -Credential  $cred"! Please note that system account has full right on the machine. Here's the script:

 

I ran the following commands to store the secure pass in a file:

$secureString = Read-Host -AsSecureString "Enter password to convert to secure string"

$secureString | ConvertFrom-SecureString | Out-File -PSPath "C:\ps.txt"

 

-------------------------- script start from here
$secureString = Get-Content -PSPath "C:\ps.txt" | ConvertTo-SecureString
$cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList "username",$secureString

connect-nacontroller filer_ip -Credential  $cred 

 

Set-NaSnapvault -PrimarySystem primary_filer -PrimaryPath /vol/vol_name -SecondaryPath /vol/vol_name -MaxTransferRate 4mb

exit

 

Do you have any idea what's going on or how to fix it?

 

Appreciate your quick help!

Thanks,

 

 

 

0 Kudos
View By:
1 ACCEPTED SOLUTION
ehabshukry has accepted the solution

asulliva
NetApp
‎2016-03-03 06:34 AM
In response to ehabshukry
11,898 Views

I believe that all of the methods which store the password securely are tied specifically to the user which creates the secured password/credentail object. This page has several methods of saving credentails (including showing how to read in a plaintext password and convert it into a PSCredential object).

 

You might try using a service account for executing the scheduled task.  Open a PowerShell prompt as the service account, create the credential object and store it securely, then when it's executed by Scheduler it won't have an issue accessing the credential.

 

Andrew

If this post resolved your issue, please help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

View solution in original post

7 REPLIES 7

asulliva
NetApp
‎2016-03-01 10:17 AM
11,976 Views

Hello!

 

Secure strings are encrypted on a per-user basis.  If you encrypt it, then no other user can decrypt it.  Try running the scheduled task as your user and see if it succeeds.

 

Andrew

If this post resolved your issue, please help others by selecting ACCEPT AS SOLUTION or adding a KUDO.
0 Kudos

ehabshukry
‎2016-03-01 10:22 AM
In response to asulliva
11,974 Views

Thanks a lot for the v. quick response, I'll give it a try.

0 Kudos

ehabshukry
‎2016-03-01 10:32 AM
In response to asulliva
11,970 Views

Hello Andrew,

 

Is there any other way I can encrypt the password and then run the script under anohter account? The problem I'm using a card to authenticate my account to the system, so my account couldn't be used to run the script in the task schedular. Your thoughts will be highly appreciated.

 

Thanks,

Ehab

 

0 Kudos

JohnChampion
NetApp
‎2016-03-02 11:54 AM
In response to ehabshukry
11,925 Views

Could you try using Get-Credential instead?

 

$cred = Get-Credential

 

It'll prompt for the login and password - use the service account and password - see if that works.

 

You can check out this link concenring saving it to a file and reusing the credentials

 

http://www.adminarsenal.com/admin-arsenal-blog/secure-password-with-powershell-encrypting-credentials-part-1/

 

 

 

0 Kudos

ehabshukry
‎2016-03-03 10:43 AM
In response to JohnChampion
11,890 Views

Thanks John for the article.

0 Kudos
ehabshukry has accepted the solution

asulliva
NetApp
‎2016-03-03 06:34 AM
In response to ehabshukry
11,899 Views

I believe that all of the methods which store the password securely are tied specifically to the user which creates the secured password/credentail object. This page has several methods of saving credentails (including showing how to read in a plaintext password and convert it into a PSCredential object).

 

You might try using a service account for executing the scheduled task.  Open a PowerShell prompt as the service account, create the credential object and store it securely, then when it's executed by Scheduler it won't have an issue accessing the credential.

 

Andrew

If this post resolved your issue, please help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

ehabshukry
‎2016-03-03 10:41 AM
In response to asulliva
11,891 Views

Thanks Andrew. I used Psexec -s -i powershell.exe.  Ran get-securestring and save it to a txt file.  Then I used the task schedular to run the script unders system account, and it went successfully.

Thanks!

 

0 Kudos
Announcements
All Community Forums
Public