Windows task using domain account results in user profile error event id 1511

0

This is on Windows 2012 Server Datacenter

Have a windows task setup to run under a specific domain account.
Security options = Run whether the user is logged on or not and "run with highest privileges" checked. This account is also a local admin.

The task executes a powershell script that works fine when I invoke it manually

The task has 3 actions and are listed here:

Start a program powershell Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Force
Start a program powersehll .\myscript.ps1
Start a program powershell Set-ExecutionPolicy -ExecutionPolicy Restricted

This seemed to work fine when I setup this same task on another machine, as well as my own workstation. However, on this particular server, I get errors in the windows event log in pairs. One is an explicit entry that Im writing to the event log from within the powershell script within a try/catch, but the other is an error with EventID 1511 from the User Profile Service. "Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off."

The other error that I am logging is due to the webrequest, and its getting a http 401 error.

This account was setup as a domain service account. What could be causing this issue with the user profile? I suspect that since our domain controller is still on 2008, this might be related?

bitshift

Posted 2017-02-20T13:44:29.080

Reputation: 115

bitshift - I told you in my answer of this post how to get this to work so please take two minutes, do a quick test, and confirm. http://superuser.com/questions/1179277/windows-10-scheduled-task-run-as-admin-user-wont-execute-powershell/1180092#1180092 ... Additionally, per a automated Invoke-WebRequest processes I setup for a company for automation I use format such as Invoke-WebRequest -Uri $url -TimeoutSec 300 and I put that within a TRY CATCH block to do something different on error exception. Increase the TimeoutSec. The domain is 2008 DCs there too btw.

– Pimp Juice IT – 2017-02-21T02:10:54.483

The temporary profile fix is a common issue that's easy to fix usually by simply deleting the applicable registry key in the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList location. – Pimp Juice IT – 2017-02-21T02:20:00.970

Another thing to note regarding Task Scheduler and PowerShell script execution that's worked for me in the past... https://i.imgur.com/3vC93mu.png and note the values of the Program/script and Add arguments (optional) fields. Another thing that's easy enough to try... Point to the full explicit path to the PS1 file and the PowerShell.exe executable.

– Pimp Juice IT – 2017-02-21T06:04:07.753

Answers

1

I think you can do this with only a single action rather than three.

Program/script: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Add argumments (optional): -ExecutionPolicy Unrestricted -NoProfile -File MyScript.ps1

Start in (optional): path where myscript.ps1 sits

Bill_Stewart

Posted 2017-02-20T13:44:29.080

Reputation: 862

Asked: 2017-02-20T13:44:29.080

Viewed: 948 times

Active: 2017-02-21T18:28:49.803