Automation

 View Only
  • 1.  Scheduling a PowerCLI script in W2K8 R2: Credential problem

    Posted Mar 21, 2013 02:54 PM

    Hello,

    I have a dedicated VM to run PowerCLI script. It's a Windows 2008 R2 server.

    I have a local account with low privileges to run script, with VC credential stored in profile.

    All my script are signed and the security policy run only signed script.

    I want to run a script with the Task scheduler using this local account. I dont want to put credential in my scripts.

    Script launched with this account in a runas command line work, but when I run the task, script cant connect to the virtual center.

    I added this lines found in this forum:

    $USER=$env:username

    $env:appdata = "C:\Users\" + $USER + "\Application Data"

    But it dont work.

    Any idea?



  • 2.  RE: Scheduling a PowerCLI script in W2K8 R2: Credential problem

    Posted Mar 21, 2013 05:32 PM

    Any errors in the task scheduler logs ?

    Can you schedule any script with that local account ? Try with a simple one-liner, for example 'Get-Process'.

    Does the script hang on the loading of the pssnapin ? Perhaps add some Out-File cmdlets in the script for debugging.



  • 3.  RE: Scheduling a PowerCLI script in W2K8 R2: Credential problem

    Posted Mar 22, 2013 01:22 PM

    Hello, sorry for my late reply.
    No error in the scheduler task.

    this is my test script:

    # PowerCLI snappin loading
    add-PSSnapin VMware.VimAutomation.core

    # A configuration file with $script:VCIP
    . ".\VCIP.ps1"

    # Env var
    $USER=$env:username
    $en:appdata="c:\Users\"+$USER+"\Application Data"

    try
    {
         get-process > ".\getprocess.txt"
         $vc = connect-VIServer -Server $script:VCIP -ea stop
         $allVM = get-vm
         write-output $allVM > "out_OK.txt"
    }
    catch
    {
        write-output $_ > "catch.txt"
    }
    finally
    {
        disconnect-viserver $vc -confirm:$False
        remove-PSSnapin VMware.VimAutomation.core
    }

    We call the local account SCRIPT_USER, witch have the necessary credential stored for VC connection.

    When I launch the script in a runas powershell command line, file getprocess.txt and out_ok.txt are created with the corresponding content.

    When I launch the script from Windows task scheduler, I have the getprocess.txt file and the catch.txt file. This last file contain an "access is denied" error.

    The task: "Run whether user is logged or not (+ Do not store password)", and "Run with highest privileges" are selected.