You can use Group Policy to distribute Windows Task Scheduler scheduled tasks to domain user computers. For example, you can create a task that will automatically log out/shutdown the user's computer at a specific time, or run a specific script.
In this example, we will create and distribute a new scheduler task through Group Policy Preferences to users' computers, which will display a pop-up notification to users.
- Open the Domain Group Policy Management Console (gpmc.msc), create a new GPO and assign it to the Organizational Unit with the users or computers to which you want to assign the scheduler task (if you assign a GPO to an OU with computers, you must enable the Configure user Group Policy Loopback setting Processing mode under Computer Configuration -> Administrative Templates -> System -> Group Policy, see explanation here);
- Go to User Configuration -> Preferences -> Control Panel Settings -> Scheduled Tasks;
- Create a new scheduler task New -> Scheduled task (At least Windows 7);
The Immediate Task (at least Windows 7) item allows you to create a task that will run only once, but as quickly as possible (immediately after the next group policy update on the client).
- You will see a window similar to the standard Windows Scheduler task settings window. Adjust the parameters of your task;
- On the General tab, set Action = Update, specify the name of the task. To run the task on behalf of the user, specify here %LogonDomain%\%LogonUser%. To run the job with administrator rights, enable the Run with highest privileges option;
If you create a scheduler job in the GPO Computer Configuration section, you can run the job as system (NT AUTHORITY\System).
- On the Triggers tab , specify when you want the task to run. In my case, I want to run the job daily at 17:00. Select New -> Begin the task On a schedule -> Daily, specify the time to start the task;
On the Actions tab , you need to specify a command or script that needs to be executed through the scheduler. Specify the following job options:
Action: «Start a program»
Program/Script: C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe
Add Arguments (optional): -ExecutionPolicy Bypass -command "& \\site.io\SysVol\site.io\scripts\ShowReminder.ps1"
You can start this scheduler job manually using the PowerShell command: Start-ScheduledTask YourTaskName1
Please note that, unlike GPO logon scripts, which can be configured to run only when the computer is booted/shutdown, or the user logs in/logs out, scheduler tasks can be run at any time or after a specific trigger event occurs (see an example of how to run script (action) when starting (ending) a certain program in Windows).