With this short post I want to share information what you have to do to run Microsoft Powershell scripts from Windows task scheduler.
I like to automate tasks I want to run on a daily basis. Earlier I did that with batch scripts but I ran into the challenge to use workarounds to handle pretty basic things. For example if I want to call specific commands only once a week. Did you ever try get the day of the week within a batch script? Or did you try to get the current date formats in a way you can use it to name a folder. Sometimes the easier way is to call a VB Script within a batch script or you have to cut the date string into pieces an reorder the parts in the way you need it.
Powershell is way more powerful (perhaps that is where the name comes from?) and we have a bigger range of opportunities. Since Powershell is deeper integrated in Microsoft Windows than batch ever had been the interaction with files, properties and Windows services is much easier. Powershell gives us much better output than batch does so that we can reuse informations a command outputs.
Back to what we want to achieve. Running batch scripts works out of the box and Microsoft thought about ways to protect a PC against the execution of malicious scripts. It is good that they had the target to make the computer more safe but to be honest there are ways to easily bypass those security options. But that should not be part of this post.
Microsoft implemented an option called ‘ExecutionPolicy’ that defines what script is allowed to be executed on a computer.
There are four possibly types of that execution policy:
- Restricted – Execution of Powershell scripts is not allowed. Powershell can only be used interactively from a command line interface (CLI). This is the default setting for each Windows computer.
- AllSigned – Only those scripts can be executed that are signed by a trustworthy certificate authority.
- RemoteSigned – Downloaded scripts have to be signed by a trustworthy certificate authority while locally available scripts can be executed even if they are not signed.
- Unrestricted – Each and every script can be executed.
Compare to this Microsoft TechNet article: https://technet.microsoft.com/en-us/library/ee176961.aspx
The used execution policy – if it should differ to the default value of ‘Restricted’ – has to be set for the computer either manually as local administrator or through a group policy definition.
You can get the actual value of the execution policy by running the Get-ExecutionPolicy commandlet:
PS C:\WINDOWS\system32> Get-ExecutionPolicy Restricted
Nevertheless a user can always run a script by starting Powershell with the execution policy as parameter:
powershell.exe -ExecutionPolicy Unrestricted -file C:\path\to\myscript.ps1
To be able to run your own scripts from task scheduler it is recommended to set the execution policy to ‘RemoteSigned’ in an elevated Powershell CLl:
PS C:\WINDOWS\system32> Set-ExecutionPolicy RemoteSigned
You have to confirm this change.
If you have successfully set the execution policy you are now ready to create a scheduled task. I will not cover the exact steps how to schedule a task but will tell you what you have to make different to any default executable program or to a batch script. While you can set a batch script as the program to execute within a scheduled task you have to call powershell.exe as program and define the script itself within the parameter ‘-file’.
That’s it! You now know how to call a Powershell script by defining the file path to the script as parameter. You can for sure add further parameters if needed. For example you can use on single scripts and call it with further parameters based on the day of week or a folder path. I like it more to have a universal script that defines those parameters itself within that script so that I can call the same script every day and let it store files to different paths based in the day of week. No need to send the parameter to the script at the time of execution.
Not that much to say about the learned things of that post. We now know about the different possible execution policies that can be set either with the execution of the script or as a system wide setting. We also learned that we will not be able to execute a Powershell script itself but we have to send the script file path as a parameter to the powershell.exe. We have to consider the same when we create a scheduled task. Therefore we have to only run the powershell.exe as program and define the file parameter pointing to the script location.
Done… Please feel free to add any comments to that very basic article.
Happy scripting and scheduling!