Is it possible for a Scheduled Task to run as NETWORK SERVICE?
Solution 1:
I asked this same question. Fortunately RyanRies was able to provide a correct answer.
In Windows Server 2003 you cannot run a scheduled task as NT AUTHORITY\NetworkService (aka the Network Service account). That capability only was added with Task Scheduler 2.0, which only exists in Windows Vista/Windows Server 2008.
Bonus Chatter
- LocalService Account is a built-in account with limited privileges on the local computer, and accesses the network as anonymous. You should use this account to run your scheduled tasks
- NetworkService Account is a built-in account with limited privileges on the local computer, and accesses the network as the machine (e.g.
VADER$). You can use this account to run your scheduled tasks if you need authenticated network access - LocalSystem Account is a built-in account with extensive privileges on the local computer. You should never use this account to run scheduled tasks
Solution 2:
You can't. The functionality was introduced in Task Scheduler 2.0, which means Vista/2008+.
From the documentation for Schtasks.exe:
/RU username
A value that specifies the user context under which the task runs. For the system account, valid values are "", "NT AUTHORITY\SYSTEM", or "SYSTEM". For Task Scheduler 2.0 tasks, "NT AUTHORITY\LOCALSERVICE", and "NT AUTHORITY\NETWORKSERVICE" are also valid values.
http://msdn.microsoft.com/en-us/library/windows/desktop/bb736357(v=vs.85).aspx:
Solution 3:
I tried doing this several ways, but now I don't think it's possible. I'd be glad to stand corrected on this, but I tried everything I could think of, including adding NETWORK SERVICE to Administrators, tweaking all sorts of Local Security Policy settings, etc.
When I enable auditing, I get this:
Event Type: Failure Audit
Event Source: Security
Event Category: Account Logon
Event ID: 680
Date: 02/03/2010
Time: 8:49:53 PM
User: NT AUTHORITY\SYSTEM
Computer: RESULTANT
Description:
Logon attempt by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Logon account: NETWORK SERVICE
Source Workstation: RESULTANT
Error Code: 0xC0000064
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 529
Date: 02/03/2010
Time: 8:49:53 PM
User: NT AUTHORITY\SYSTEM
Computer: RESULTANT
Description:
Logon Failure:
Reason: Unknown user name or bad password
User Name: NETWORK SERVICE
Domain: NT AUTHORITY
Logon Type: 4
Logon Process: Advapi
Authentication Package: Negotiate
Workstation Name: RESULTANT
0xC0000064 decodes to NO_SUCH_USER. That's a bit silly, considering that I entered only network service – how did it know that the account that failed was in NT AUTHORITY?
When I enter an invalid username, I don't even see the authentication attempt at all. So clearly something agrees that NETWORK SERVICE is an actual account.
If I botch the password for a known username (ie Administrator), I get 0xC000006A (STATUS_WRONG_PASSWORD).
Try adding the Log on as a batch job right to NETWORK SERVICE. I think it's a silly idea; you should just bite the bullet and create a domain account…