For a past few hours I fought with task scheduler on Windows 2008 R2 and Vmware PowerCLI script to make it run as a service. I decided to write down quick guide to help out others and to document for myself.
Step 1 – Schedule task in Windows 2008 R2 scheduler.
- create new task in Windows task scheduler
- In General tab, Security option, specify user name under script will be executed and make sure that Run whether user is logged on or not is marked
- In Triggers tab define conditions under scripts will get execute
- in the action tab specify:
- Action – start program
- Program script – path to windows powershell – default path is:
C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe
- Add arguments path to PowerCLI excution script vim.psc1 – default path is
c:\Program Files (x86)\VMware\Infrastructure\vSphere PowerCLI\vim.psc1 and path to the script.
- Line should look like below:
-PSconsolefile "c:\Program Files (x86)\VMware\Infrastructure\vSphere PowerCLI\vim.psc1" "& 'D:\tools\scripts\vcs-backup1.ps1'"
- When you apply changes and provide credentials information window pops up with below message
Step 2 – Add batch user to local security policy
- In local security console –> User Right Assignment –> Log on as a batch job –> add a user which was specified in Step 1
Step 3 – Store user credentials to execute PowerCLI script in Windows scheduler.
Fortunately vSphere PowerCLI gives possibility to export user credentials and store it in encrypted xml file. You can open the xml file, but the password is hashed.
New-VICredentialStoreItem -Host ESX-or-vCenter-Hostname -User username -Password 'password' -File C:\path-where-to-store-file.xml #To use the data stored in the XML file, we will call the Get-VICredentialStoreItem $Credential = Get-VICredentialStoreItem -Host vcenterserver -File C:\path-where-to-store-file.xml #Use the $Credentials variable for the username and password switches in the Connect-VIServer Connect-VIServer vCenterserver-or-ESX-host -User $Credential.User -Password $Credential.Password
[box type=”warning”] Make sure that one runs above script under user rights which script will be scheduled under. The reason is that by default, only the user who has created the credential store file has rights to read it.[/box]
Is the line “New-VICredentialStoreItem ….” to be execute manually and the rest of the line are to be included in the script that you want to schedule ? Thanks.