VMware Cloud Community
Olorim
Contributor
Contributor

Scheduling a PowerCLI script in W2K8 R2: Credential problem

Hello,

I have a dedicated VM to run PowerCLI script. It's a Windows 2008 R2 server.

I have a local account with low privileges to run script, with VC credential stored in profile.

All my script are signed and the security policy run only signed script.

I want to run a script with the Task scheduler using this local account. I dont want to put credential in my scripts.

Script launched with this account in a runas command line work, but when I run the task, script cant connect to the virtual center.

I added this lines found in this forum:

$USER=$env:username

$env:appdata = "C:\Users\" + $USER + "\Application Data"

But it dont work.

Any idea?

Reply
0 Kudos
2 Replies
LucD
Leadership
Leadership

Any errors in the task scheduler logs ?

Can you schedule any script with that local account ? Try with a simple one-liner, for example 'Get-Process'.

Does the script hang on the loading of the pssnapin ? Perhaps add some Out-File cmdlets in the script for debugging.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
Olorim
Contributor
Contributor

Hello, sorry for my late reply.
No error in the scheduler task.

this is my test script:

# PowerCLI snappin loading
add-PSSnapin VMware.VimAutomation.core

# A configuration file with $script:VCIP
. ".\VCIP.ps1"

# Env var
$USER=$env:username
$en:appdata="c:\Users\"+$USER+"\Application Data"

try
{
     get-process > ".\getprocess.txt"
     $vc = connect-VIServer -Server $script:VCIP -ea stop
     $allVM = get-vm
     write-output $allVM > "out_OK.txt"
}
catch
{
    write-output $_ > "catch.txt"
}
finally
{
    disconnect-viserver $vc -confirm:$False
    remove-PSSnapin VMware.VimAutomation.core
}

We call the local account SCRIPT_USER, witch have the necessary credential stored for VC connection.

When I launch the script in a runas powershell command line, file getprocess.txt and out_ok.txt are created with the corresponding content.

When I launch the script from Windows task scheduler, I have the getprocess.txt file and the catch.txt file. This last file contain an "access is denied" error.

The task: "Run whether user is logged or not (+ Do not store password)", and "Run with highest privileges" are selected.

Reply
0 Kudos