What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

Monitoring Scheduled Tasks (Least Privileges)

Votes:

0

I use a powershell script (EXE/XML sensor) to monitor scheduled tasks on windows servers. As long as I use local admins (on the remote systems) everything works fine. But I don't want to use local admins for obvious reasons, so I tried configuring a non-admin user to access scheduled tasks on a remote maschine. The user X is allowed is a member of the remote local groups "Distributed COM Users", "Performance Monitor Users", "Performance Log Users", "Remote Desktop Users", and "Remote Management Users". Additionally X is has "Execute Methods", "Remote Access", and "Enable Account" in WMI for the Namespaces "\Root\CIMV2" and "\Root\Mirosoft\Windows\TaskScheduler". Also X has the permission to log on as a batch job.

When I log on with X on the remote server and run Get-ScheduledTaskInfo I get: Category : PermissionDenied Activity : Get-ScheduledTaskInfo Reason : CimException TargetName : PS_ScheduledTask TargetType : Root/Microsoft/Windows/TaskScheduler/PS_ScheduledTask

Which tells me that X does not have the appropriate WMI permissions...

I'm out of ideas. Does anyone know how to configure a user with least privileges to access remotly running scheduled tasks?

access-rights privileg scheduled-task windows

Created on Oct 20, 2020 8:14:59 AM



2 Replies

Votes:

0

Bump.

Has anyone found a way to monitor tasks with an account that is NOT a member of Builtin\Administrators? I've followed similar steps as OP to no avail.

Created on Jul 29, 2022 4:02:00 AM



Votes:

0

Meanwhile I implemented another way to monitor scheduled tasks. I installed solarWinds Eventlog Forwarder on all servers that had scheduled tasks that we wanted to monitor. I configured these to send all events from the Task Scheduler Eventlog as syslog messages to a PRTG Probe server. On all PRTG Probes I installed FastVue Syslog Server to write the received syslog messages to disk. I then wrote a Powershell script as a custom EXE/XML sensor that reads those files and analyses them to handle things like last runtime and return codes of the scheduled tasks. We are currently monitoring a lot of tasks this way and in most cases it works fine. It would be better to do it more directly tho..

Created on Aug 1, 2022 12:42:33 PM

Last change on Aug 1, 2022 3:49:46 PM by Felix Wiesneth [Paessler Support]




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.