The Windows Task Scheduler as been completely re-written for Windows Vista to be a very powerful automation tool. The Task Scheduler now has the ability to launch tasks from a wide variety of useful triggers rather than being limited to the standard time based trigger. One of the most powerful triggers is the ‘On an event’ trigger and this example can easly be extended to leverage it for even more alerting options. In addition, tasks can now execute notifications (message box and e-mail) where they were previously limited to the standard command line action.
This example sets up a simple e-mail alert using Task Scheduler and PowerShell which sends an e-mail every time somebody connects to (login, remote desktop, or unlocks) the local computer. This might be useful for auditing access to critical systems in a data center.
Consider the 2 options for sending an e-mail alert from the new Task Scheduler:
1 – E-Mail Action using PowerShell:
Since this PowerShell script uses the SmtpClient object in Windows, it has more flexibility when dealing with SMTP server authentication requirements. This example sends the alert e-mail through an SMTP server that does not require authentication.
2- E-Mail directly through a Task Scheduler action:
Although the new Task Scheduler supports direct e-mail actions via SMTP, it is limited to fairly specific scenarios. It will only work if authentication is required by the SMTP server and the credentials used for the SMTP authentication need to be the same credentials used to run the task. For these reasons, this example will focus on option #1.
Step 1: Open ‘Task Scheduler’ and create a task to run whether the user is logged on or not
Step 2: Create 3 triggers (‘At log on’, ‘On connection to user session’, ‘On workstation unlock’). Notice that an ‘On event’ trigger may be used instead to track a wide variety of state changes in a computer.
Step 3: Create the action to run the PowerShell e-mail script
Step 4: Create the PowerShell script (for this example it’s called ‘ConnectionAlert.ps1’)
$emailFrom = “firstname.lastname@example.org”
$emailTo = “email@example.com”
$subject = “Connection Alert”
$body = “Somebody has connected to the computer.”
$smtpServer = “somesmtpserver.nospam.com”
$smtp = new-object Net.Mail.SmtpClient($smtpServer)
Step 5: Test the PowerShell Script
C:\> PowerShell ./ConnectionAlert.ps1
Step 6: Test the Task by running it directly from the Task Scheduler, then by locking and unlocking the computer.
For more information:
- Windows Vista Task Scheduler: http://msdn2.microsoft.com/en-us/library/aa383614.aspx
- Get PowerShell bits and information: http://www.microsoft.com/technet/scriptcenter/hubs/msh.mspx