How to create a scheduled task with Windows Admin Center (WAC)

Windows Admin Center provides a central management platform to remotely administer servers. With WAC, we can remotely configure scheduled tasks on remote servers
– On how to create a scheduled task with the in-built Windows task scheduler, see https://techdirectarchive.com/2020/03/24/how-to-create-a-scheduled-task-on-windows-server-2019/
– On how to create Windows Task Scheduler via the command prompt, see https://techdirectarchive.com/2020/03/31/how-to-create-edit-and-delete-a-scheduled-task-via-the-command-prompt-cmd/

To create a scheduled task on Windows Admin Center,
– Click on the server as shown below

This will open up the Windows Admin Center Server Tools as shown below

Under the server tools, search for the scheduled task as shown below
– Search for Scheduled tasks and click on it

This will open up the Scheduled tasks library as shown above
– Click on create
– Enter the rule name
– Enter a description
– Enter the command “This is the path to your PowerShell script”
– Enter and Arguments and “this is the path to your PowerShell executable”

Use the scroll bar to scroll below and populate the window.
– For the frequency, I will choose monthly
– For Trigger, the following date was selected
– Recur on Month(s); Since this is maintenance is going to be on a monthly basis, I will select all the months as shown below.
– Recur on: Month was selected
– Desired update day(s), I selected 18th after the 2nd Tuesday which is Microsoft Patch Tuesday.

Lastly, enter the following information below
– When running the task, use the following account, I selected the”Built-in”
– Choose a built-in account, here there are three options such as the
– LOCAL SERVICE
– NETWORK SERVICE
– SYSTEM
– Select the “System” account as shown below
– And click on submit.

Note: Yu can also use the MonthlyDOW, which will enable you to specify the date(s) that the task runs by month, week, and day of the week, for more information, see https://docs.microsoft.com/en-us/windows/win32/api/mstask/ns-mstask-monthlydow

This will prompt you with a windows as shown below to specify the administrator account that the your server will use in connected to the server. I entered domain user account and password as shown below.

This will validate your credentials and prompt a notification, as shown below that the Scheduled task is currently being created.

To create an exception for Windows Admin Center, see the following link https://techdirectarchive.com/2020/03/26/error-failed-to-create-a-scheduled-task-cannot-perform-the-operation-because-the-runspace-pool-is-not-in-the-open-state/

See how to create a scheduled task via Windows native tool below https://techdirectarchive.com/2020/03/24/how-to-create-a-scheduled-task-on-windows-server-2019/

Now the job as been created as shown below
– Click on the job
– Under the more button as shown below,
– Click on start.

As you can see below, the status of your scheduled task will change.

That is all that needs to be configured. If you have any questions, kindly commend below for help.

Error: Failed to create a scheduled task, cannot perform the operation because the runspace pool is not in the open state

This problem occurs because there is no firewall rule that will allow Windows Admin Center access on the remote server.

To fix this issue, temporarily turn off the firewall on your device.
Note: This act is very UNSAFE

Then try to create your scheduled task. When the scheduled task is created successfully, then you have two methods to setup the firewall.

Method 1: Create Inbound Firewall rule via PowerShell.

New-NetFirewallRule -DisplayName „SmeInbounOpenException“ -Description „Windows Admin Center inbound port exception“ -Localport 6516 -Protocol TCP

Ensure the to run PowerShell with Admin privilege, else it will FAIL 🙂

Method 2: You can also create this rule via the Windows Firewall (Windows Defender Firewall and Advanced Security.

The firewall windows can be accessed via the following path
– Control Panel
– System and Security
– Windows Defender Firewall

This will open the Windows Firewall “Advanced Settings and Advanced Security” as shown below.

In this method, you have got two options

  • You can choose to exclude WAC from the firewall or
  • Create a firewall rule with for the TCP/IP

I will opt to go with the option to exclude the program option and select the the

%ProgramFiles%\Windows Admin Center\sme.exe

Click to allow connections to the program as shown below

Select the profile it should apply to. Since, this is a test enviornment, I will select all the profiles as shown below.

Enter the firewall name and description of the rule and click on Finish

Either of the option you chose, you will and the same end result.

Windows Admin Center Error: Failed to create a scheduled task, there is no disconnected command associated with the runspace

This error below was a result of not having the right path to the PowerShell executable. To fix this issue, enter the full path to the PowerShell executable

In the Argument field in Windows Admin Center, enter the full path as shown below

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

When this complete path is entered as stated,
– Click on submit to create a scheduled task. The following result will be displayed below.

How to update install, update and uninstall extensions in Windows Admin Center

Windows Admin Center is built as an extensible platform where each connection type and tool is an extension that you can install, uninstall and update individually. You can search for new extensions published by Microsoft and other developers, and install and update them individually without having to update the entire Windows Admin Center installation.

Update Extensions: To update an extension, follow the steps below
– Navigate and select “Extension” under the Gateway
– Click on the extension and
– Finally click on Update as shown below.

Uninstall Extension: You can uninstall any extensions you have previously installed, or even uninstall any tools that were pre-installed as part of the Windows Admin Center installation.

To Uninstall an extension in Windows Admin Center, follow the steps below
– Click on the Installed extension and
– Select the name of the extension and
– Click on uninstall as shown below.

Install Extensions:
Installing from NuGet feed: Windows Admin Center will show extensions available from the specified NuGet feed. By default, Windows Admin Center points to the Microsoft official NuGet feed which hosts extensions published by Microsoft and other developers.

Here are the steps to install extensions on WAC
– Click on Extensions as shown below
– Click on Available extensions
– Click on the extension you wish to install and
– Click on Install.

Other Feeds: Installing extensions from a different feed, Windows Admin Center supports multiple feeds and you can view and manage packages from more than one feed at a time. Any NuGet feed that supports the NuGet V2 APIs or a file share can be added to Windows Admin Center for installing extensions.

  • Click the Settings button in the top-right
  • In the left pane, click Extensions.
  • On the right pane, click the Feeds tab.
  • Click the Add button to add another feed. 
  • Enter the path or URl and
  • Click on Add.

Task scheduler errors and success code |What does code 0x41301 mean?

If you ever wonder what this code as shown below means, I am here to help you 🙂

This simply means the task is currently running. I know there is no log output and you might be wondering what is happening in the background.

When you launch the Task Manager or Process Explorer from SysInternals, you will see the program running. (process). See the link for more on SysInternals Process Explorer and image below.
https://techdirectarchive.com/2020/03/08/process-explorer-replace-built-in-task-manager/

For other task schedule success and error messages, see below

SCHED_S_TASK_READY: The task is ready to run at its next scheduled time.
– 0x00041300

SCHED_S_TASK_RUNNING: The task is currently running.
– 0x00041301

SCHED_S_TASK_DISABLED: The task will not run at the scheduled times because it has been disabled.
– 0x00041302

SCHED_S_TASK_HAS_NOT_RUN: The task has not yet run.
– 0x00041303

SCHED_S_TASK_NO_MORE_RUNS: There are no more runs scheduled for this task.
– 0x00041304

SCHED_S_TASK_NOT_SCHEDULED: One or more of the properties that are needed to run this task on a schedule have not been set.
– 0x00041305

SCHED_S_TASK_TERMINATED: The last run of the task was terminated by the user.
– 0x00041306

SCHED_S_TASK_NO_VALID_TRIGGERS: Either the task has no triggers or the existing triggers are disabled or not set.
– 0x00041307

SCHED_S_EVENT_TRIGGER: Event triggers do not have set run times.
– 0x00041308

SCHED_E_TRIGGER_NOT_FOUND: A task’s trigger is not found.
– 0x80041309

SCHED_E_TASK_NOT_READY: One or more of the properties required to run this task have not been set.
– 0x8004130A

SCHED_E_TASK_NOT_RUNNING: There is no running instance of the task.
– 0x8004130B

SCHED_E_SERVICE_NOT_INSTALLED: The Task Scheduler service is not installed on this computer.
– 0x8004130C

SCHED_E_CANNOT_OPEN_TASK: The task object could not be opened.
– 0x8004130D

SCHED_E_INVALID_TASK: The object is either an invalid task object or is not a task object.
– 0x8004130E

SCHED_E_ACCOUNT_INFORMATION_NOT_SET: No account information could be found in the Task Scheduler security database for the task indicated.
– 0x8004130F

SCHED_E_ACCOUNT_NAME_NOT_FOUND: Unable to establish existence of the account specified.
– 0x80041310

SCHED_E_ACCOUNT_DBASE_CORRUPT: Corruption was detected in the Task Scheduler security database; the database has been reset.
– 0x80041311

SCHED_E_NO_SECURITY_SERVICES: Task Scheduler security services are available only on Windows NT.
– 0x80041312

SCHED_E_UNKNOWN_OBJECT_VERSION: The task object version is either unsupported or invalid.
– 0x80041313

SCHED_E_UNSUPPORTED_ACCOUNT_OPTION:The task has been configured with an unsupported combination of account settings and run time options.
– 0x80041314

SCHED_E_SERVICE_NOT_RUNNING: The Task Scheduler Service is not running.
– 0x80041315

SCHED_E_UNEXPECTEDNODE: The task XML contains an unexpected node.
– 0x80041316

SCHED_E_NAMESPACE: The task XML contains an element or attribute from an unexpected namespace.
– 0x80041317

SCHED_E_INVALIDVALUE: The task XML contains a value which is incorrectly formatted or out of range.
– 0x80041318

SCHED_E_MISSINGNODE: The task XML is missing a required element or attribute.
– 0x80041319

SCHED_E_MALFORMEDXML: The task XML is malformed
– 0x8004131A

SCHED_S_SOME_TRIGGERS_FAILED: The task is registered, but not all specified triggers will start the task.
– 0x0004131B

SCHED_S_BATCH_LOGON_PROBLEM: The task is registered, but may fail to start. Batch logon privilege needs to be enabled for the task principal.
– 0x0004131C

SCHED_E_TOO_MANY_NODES: The task XML contains too many nodes of the same type.
– 0x8004131D

SCHED_E_PAST_END_BOUNDARY: The task cannot be started after the trigger end boundary.
– 0x8004131E

SCHED_E_ALREADY_RUNNING: An instance of this task is already running.
– 0x8004131F

SCHED_E_USER_NOT_LOGGED_ON: The task will not run because the user is not logged on.
– 0x80041320

SCHED_E_INVALID_TASK_HASH: The task image is corrupt or has been tampered with.
– 0x80041321

SCHED_E_SERVICE_NOT_AVAILABLE: The Task Scheduler service is not available.
– 0x80041322

SCHED_E_SERVICE_TOO_BUSY: The Task Scheduler service is too busy to handle your request. Please try again later.
– 0x80041323

SCHED_E_TASK_ATTEMPTED: The Task Scheduler service attempted to run the task, but the task did not run due to one of the constraints in the task definition.
– 0x80041324

SCHED_S_TASK_QUEUED: The Scheduler service has asked the task to run.
– 0x00041325

SCHED_E_TASK_DISABLED: The task is disabled.
– 0x80041326

SCHED_E_TASK_NOT_V1_COMPAT: The task has properties that are not compatible with earlier versions of Windows.
– 0x80041327

SCHED_E_START_ON_DEMAND: The task settings do not allow the task to start on demand
– 0x80041328

How to create advanced scheduled task on Windows Server with Windows Task Scheduler

Task Scheduler enables you to automatically perform routine tasks on a chosen computer. Task Scheduler does this by monitoring whatever criteria you choose (referred to as triggers) and then executing the tasks when those criteria are met. You can use the Task Scheduler to execute tasks such as starting an application, sending an email message, etc. Tasks can be scheduled to execute in response to these events, or triggers.
– On how to create a Scheduled task with Windows Admin Center, see https://techdirectarchive.com/2020/03/26/how-to-create-a-scheduled-task-with-windows-admin-center/
– On how to create Windows Task Scheduler via the command prompt, see https://techdirectarchive.com/2020/03/31/how-to-create-edit-and-delete-a-scheduled-task-via-the-command-prompt-cmd/

Ensure you have your script ready and saved with .ps1 extension.
– Search and launch the Task Scheduler Tool as shown below or
– From the Start menu,
– Select Administrative Tools 
– Task Scheduler.

This will open up the task scheduler Tool
– Right-click on Task Scheduler or “under Actions”
– Select “Create Task”

This will open up the create task dialog window as shown below.
– On the General Tab, Enter the Task Name
– Enter a description for others to understand what you are doing
– Select “Run whether user is logged on or not”
If this is not selected and the first option is used, the script may not run when a user does not login. We have had a similar issue in the past.
– Ensure to run with the highest privilege (Here you have to evaluate your security need)

Note: If you are using an account with administrative privileges, the default user should be fine. If you are running a Command Prompt or PowerShell command, you can select the Run whether user is logged on or not option to prevent the command window from showing up when the task runs automatically.
- If the task requires elevated privileges, check the Run with highest privileges option.

Navigate to the Trigger Tab as shown below
– Click on New, This will open a window where the trigger can be defined.

Since we are defining this task for Windows update, and maintenance are done just one in a Month, I will perform the following highlighted in red.

You can decide to have the updates installed on a particular day.
– By selecting the Days and from the dropdown menu, you can select a date.

When you are done creating the trigger, The following configured trigger will be displayed as shown below

More about schedule, see https://docs.microsoft.com/en-us/windows/win32/taskschd/task-scheduler-start-page
– Next. click on the Action tab

This will open a new Action tab as shown below
– Under the “Settings” section, in the “Program/script” field, specify the path for the application (Here you will have to select the script by browsing to the location or copy the script path to this field).
– Optionally enter the “PowerShell.exe” program path needed to run your script. When this is not select, your script cannot run.

Note: If you don't know the path of the app, click the Browse button to find it. Also, if it is a known application like PowerShell or Command Prompt, all you need to do is to specify the file name.
Note: Use the "Action" drop-down menu and select the Start a program option.You can still use the Send an e-mail or Display a message option, but these are deprecated features, which means that they may or may not work because Microsoft is no longer maintaining them.
- In the "Add arguments" field, you can specify arguments to run the task with special instructions. E.g., -NoExit -ExecutionPolicy Bypass C:\PATH\TO\SCRIPT\first_script.ps1.
Using the "powershell.exe" command and the above argument, it'll run the script named "first_script.ps1." The argument "-ExecutionPolicy Bypass" ensures that the script runs successfully, and the "-NoExit" argument will prevent the window from closing after running the script.

When this step is complete, it will appear as shown below

Note: You can also edit the Action after it has been created etc.

Next, click on the condition tab as shown above.
– For me, these settings are not applicable, but below is a screenshot of how it looks like 🙂

Also, on the settings tab, all needed

This will prompt you to enter your password as shown below

To view the configured task, click on the “Task Scheduler Library” and
– Search for your configured task on the left pane of the Window.

To test this task, since the date we have configured this task to run is still in the future, we will manually run the task as shown below.
– For more information on how to run, edit, and delete a task using Task Scheduler GUI (taskschd.msc), see the following link https://techdirectarchive.com/2020/04/02/how-to-run-edit-and-delete-a-task-using-task-scheduler-gui-taskschd-msc/

– Right-click on the task and
– Click on run

In this same manner, the task can be disabled or also from the Actions pane
– Now that you have selected to run your scheduled task, the status will change to running as shown below.
– With the F5 button on your keyboard, you can use this to refresh the states

For more https://docs.microsoft.com/en-us/windows/win32/taskschd/task-scheduler-start-page

Kerberos error: Clock skew too great while getting initial credentials

What is Clock screw? “Clock skew is a phenomenon in synchronous digital circuit systems in which the same sourced clock signal arrives at different components at different times. The instantaneous difference between the readings of any two clocks is called their skew” Src: Wikipedia.

The screenshoot below shows that the Ansible server is actually not in sync with the Domain controller (DC).

This simply shows that devices are not in sync with the domain controller. The role responsible for this is the PDC Emulator. For more information on this, see https://techdirectarchive.com/2020/02/13/active-directory-flexible-single-master-operations-fsmo-roles/

The below shows a correct time set for the Ansible server

While the Domain controller has a great deviation in the time settings as shown below.

Solution: Set the right time on the Domain controller because Kerberos is time-sensitive.
– On the Server Manager,
– Select Local Server
– This will open up the Date and Time window
– Click on Change date and time.

For more details on post operating system installation, see https://techdirectarchive.com/2020/03/19/post-os-installation-configure-windows-server-2019-properties/