I have created a Windows Task that runs on Admin account with highest privileges that runs a batch file every minute.
This batch file will execute a PHP script to retrieve a webpage , after which it checks if no page or wrong content is returned.
If the result is negative then the batch routine kills the httpd process and its children using taskkill (I am currently dealing with a PHP hang causing the Apache Http process to hang as well).
This entire process works perfectly when executed while logged onto the machine as admin. However when executing as a task (and despite admin privileges) the process does NOT get killed. There is no event or debug entry.
So my question is why is task kill unable to kill the process, how can I get more info and what alternatives exist?
Related
I need to run a python script every day at a certain time. Said script takes screenshots and sends them to me in the mail. I have a .bat that executes the script, and I have created a scheduled task to execute the script, the problem is that if the user is not logged in, the screenshots fail.
Is there any way to do an automatic login with username and password through a Windows scheduled task at a specific time?
I have been reading and it is not clear to me, it seems that not, but I was sure that something like this could be done.
This is the scheduled task that I currently have. I need that before it is executed, it is logged in with the user.
I'm provisioning a Windows VM that needs to run some PowerShell code when it boots. It also needs to run some different code when it shuts down.
To do the former, I can use New-JobTrigger and Register-ScheduledJob in my initial provisioning script like so:
$StartupTrigger = New-JobTrigger -AtStartup
Register-ScheduledJob -Name "Startup Job" -Trigger $StartupTrigger -Credential $DesiredCredentials -ScriptBlock {
Do-InterestingThings $using:ExternalResource
}
Doesn't even have to be a separate script file, it can just be a script block. Any variables from an outer scope will be serialized and used when the job runs. Pretty neat.
The real problem I'm solving involves creating an external resource whose lifetime is tied to the VM's uptime. When the VM is created, this resource will be created. When the VM is shut down, this resource needs to be cleaned up. How can I use PowerShell to run some code just before the VM is scheduled to shut down (regardless of how it got the order)? It doesn't need to be a script block, it can be a separate script file.
There are two reasonable ways to do this:
Local Group Policy:
This can be done in the local group policy editor: gpedit.msc. Navigate to Computer Configuration/Windows Settings/Scripts (Startup/Shutdown)/Shutdown. You can add 'Scripts' and/or 'PowerShell Scripts' here which get executed before other shutdown processes.
Event-Based Scheduled Task:
From this answer:
scheduled task as follows:
Type : On Event (Basic)
Log : System
Source : User32
EventID : 1074
When a user or command initiates a shutdown or restart as a logged on
user or on a user's behalf, event ID 1074 will fire. By creating a
task to use this to trigger a script, it will start the script and
allow it to finish
Note that this does not delay the shutdown (so has to be quick) and can sometimes fail to trigger before the task scheduler service stops.
Final Note:
Always make sure that your code can handle a dirty shutdown. After all, the fastest way to call a reboot is the power button...
We have a legacy VB6 application that automatically emails reports. It runs from a scheduled task on a server. Occasionally a user will run the exe - it's in a folder that we can't lock them out of, and it has to remain in that folder for reasons too complicated to go into here. Is there a way to prevent users from running the exe while still letting it run from the scheduled task? I can modify the source code for the exe, so that's an option if someone can help me figure out how.
I'm going to call your existing app AppChild and a new VB6 (or other program language) program AppParent.
Modify AppChild to test for a command line parameter at either Sub Main() or at the first form loaded in the Form_Load() event. If the command line parameter isn't there, AppChild terminates.
AppParent would be in a location not accessible to the other users. The Scheduled task runs AppParent which runs AppChild and passes the required command line parameter. This could be secured somewhat by passing a calculated hash and decoding it in AppChild if needed.
Or, if the users don't have access to the Scheduled Tasks, you could just run AppChild , passing the required parameter from the Scheduled Task. If the users do have access to the Scheduled Task this won't work because they could then see the passed parameter and create a shortcut which passes the required parameter.
You didn't state which OS the server is running but you may have problems using network resources if you try to run the Scheduled Task without a logged in user. Task Manager got a major update to handle security issues to prevent hackers from running tasks without a logged in user. Essentailly, network resources, .e.g. eMail, are not available unless a user is logged in.
https://technet.microsoft.com/en-us/library/cc722152(v=ws.11).aspx
The only way I found around that problem is to run a machine with a user with the correct permissions logged in all the time.
Are you sure you cannot lock the user out?
You could restrict access to the folder so that the user cannot access it and set up the scheduled task to use an account with access to the folder.
Although the users can't be locked out of the folder (perhaps the reports end up in there?), in Windows you can set the permissions on a per file basis. Make a new user that has the full rights (the same as your users). Schedule the VB6 app to run with that user. Remove the rights for the regular users to see the app. You do this by changing the permissions on just the VB6 app.
If I make a scheduled task that checks if a particular window is open, and it runs under a user (e.g. user "foo") with multiple sessions (e.g. 3 people are logged on the server as user "foo" at the same time), would that task check for the window in all the sessions?
I wrote a bat file that runs cmd.exe and ran it from task scheduler. There were two users logged on under the same username at the time, and running the scheduled task under that username ran only one cmd.exe process according to task manager. It looks like a scheduled task runs under one session but not all sessions.
I'm using Ubuntu. I have two bash script files. Both will run in parallel. Now I want to continuously monitor on another file that it is running or not.
So any way to find that the file is currently executing or not ?
Numerous possibilities, it is a question of creativity...
Some suggestions:
periodically poll the process list and filter it by name or process id
start the script with control sockets, as long as the sockets are open the script runs
use the usual locking strategy in file system.
have the script do a lifebeat on a regular base, then watch that lifebeat.
start the script in a series of commands, the moment the script exists the next command will be executed by the calling shell. That one could be a notification script or something.
have the script do some wiggling on your desktop and watch it yourself.
start it using nohup and watch the log file.
implement a deamon inside the script and connect periodically.
open a file from within the script and watch the file system using the fuser system call.
periodically write a token into a file by the monitoring script and have the monitored script remove that token, like a baton.
call the script using a blocking call. The script executes as long as that blocking call does not return.
create a singleton strategy on process level and simply try starting it periodically.
make the monitoring script act as a monitor deamon the executing script connects to. If the connection is terminated the scipt obviously has stopped executing.
...
Sorry, this starts getting boring...