powershellbackground-processpowershell-3.0start-job

PSSessionStateBroken with start-job -credential in scheduled task


The lines below work fine from a Powershell prompt, but fail from a scheduled task.

$pass = gc C:\secrets\shhh.txt | convertTo-secureString
$Cred = new-object -typeName System.management.automation.psCredential -argumentlist "domain\domainUser",$pass

$path = "\\server\share\folder"
$j = start-job {gci -path $args[0]} -cred $Cred -argumentList $path | wait-job | receive-job

$body = $j | out-string
$error | out-file C:\temp\err.txt
send-mailMessage -to me@domain.tld -from server@domain.tld -subject halp -smtpserver mailserver.domain.tld -body $body

In c:\temp\err.txt the Windows 2008R2 Scheduled Task leaves a breadcrumb:

[localhost] The background process exited abnormally.
    + CategoryInfo          : OpenError: (localhost:String) [], PSRemotingTransportException
    + FullyQualifiedErrorId : 2101,PSSessionStateBroken

...which brings us to this Microsoft bug report. The report mentions a workaround with localhost loopback remoting, which sounds kinda dirty. Should I go there?

Is there a better solution? Maybe with one of the *session cmdlets or invoke-command? The scheduled task's Start in value is set, but maybe the background process uses some variable in some bad way, like so?

No luck yet calling powershell.exe with –version 2 or with -command "& {bigKlugeyScriptblock}" syntax.

edit: I'm trying to avoid creating a new domain account to run the task. The task can't run as domainUser from $cred, because that account should not have permissions on localhost.


Solution

  • As some possible work arounds how about:

    1. Put alternate credentials on the scheduled task itself
    2. Using the runas command to start powershell.exe as a different user
    3. Using net use /user parameter to authenticate access to the network path

      [/USER:[dotted domain name\]username]
      [/USER:[username@dotted domain name]