April EventSource Newsletter
By Danielle Ruest and Nelson Ruest
Explore the Vista Task Scheduler
Microsoft has made some considerable changes to event management in Windows Vista. One related change is the way the Vista Task Scheduler has been enhanced. These enhancements allow you to link events to automated tasks. This article is the third in a series that demystifies the Vista Event Log.
Event management includes close ties to system automation because you often need to generate automatic actions when specific events occur. For example, one of the most common tasks that is related to events is the automatic deletion of temporary files when disk drives get too full. Or in another scenario, you may require an automatic notification when unauthorized users try to log on to workstations that contain access to highly sensitive or confidential information.
In order to automate either notifications or tasks, you need to rely on the Task Scheduler. In Vista, the Task Scheduler has become much more of a real job scheduler. Like the Event Viewer and the Event Log system, the Task Scheduler has been completely rewritten and now offers several enhancements over the Task Scheduler found in previous versions of Windows. For one thing, the Task Scheduler now maintains a complete library of all scheduled tasks, all categorized according to source. In addition, like the Event Viewer, the Task Scheduler profits from a new interface based on the Microsoft Management Console (MMC) version 3.0 (see Figure 1).
Figure 1. The New Task Scheduler Interface
As with all MMC version 3 interfaces, this one sports three panes—moving from left to right, the first is the tree pane, the second is the details pane and the third is the action pane. And as you can see, the main Task Scheduler details pane displays task summaries, task summaries and active tasks giving you ready access to any task information.
Tasks in Vista are based on two main components:
- Launch conditions which can include up to three components:
- Triggers which are the elements which actually start a task
- Conditions which outline when and how the task can run
- Settings which outline the options for a task
- Actions which tell a task what to do
So far, this isn’t very different than previous task automation features found in other versions of Windows, but Vista’s Task Scheduler is a far cry from the Windows NT AT command. Previous versions of Windows had serious drawbacks when it came to system automation. Credentials for a task were stored with the task, therefore any credential changes had to be updated in the task’s properties. In addition, only one single action could be performed per task, limiting the usefulness of the Scheduler. And, in some cases, the Task Scheduler was restricted to administrators only, once again reducing the usefulness of this tool.
In Vista, all of these situations have been corrected. Vista now includes a whole series of new triggers—events; machine status such as idle, startup, logon and so on; session state changes such as opening or closing of Terminal Services sessions, or lock or unlocking of sessions; or even the more conventional time-based task startups. Tasks can even use other tasks as triggers, letting you create new, conditional or chained tasks and then, once the task has been initiated, have it repeat regularly or in other situations, add delays or other limits to a task (see Figure 2). In addition, tasks can run on universal time so that global organizations can create tasks in one time zone and ensure they run properly in any time zone.
Figure 2. Task Triggers
Each task can include more than one trigger ensuring the task will run if any of the launch elements occurs. Along with triggers, tasks will include conditions (see Figure 3) which determine how the task will behave. Conditions control if the task should run while the system is idle, if the task should run while the system is on battery power, if the system should be booted up to run the task should it be turned off, or even if the system should be linked to a network for the task to run.
Figure 3. Task Conditions
Settings control whether the task can be run manually, what should happen if the system was turned off when the task start time occurred, what to do if the task does not complete or fails or even runs too long. Settings can also apply rules to a task. These rules can include what to do if the start time occurs and an instance of the task is already running, or even delete the task once it has run (see Figure 4).
Figure 4. Task Settings
Actions can be any number of items including running a program, sending an email or simply displaying a message. This makes the Task Scheduler very powerful indeed since you could automatically display a warning message to users whenever they try to access protected areas of their system. This makes a strong case for running locked down systems and the Task Scheduler gives you the tools you need to make sure the systems stay locked down and users curb their habits.
Of course, actions can also be more traditional and actually run programs. This is after all, what the Task Scheduler was originally designed to do. And sending messages is also quite useful since administrators can receive notifications when tasks occur. For example, if you want to make sure that a critical task was performed on a system, then create a conditional task that sends an email once the other task completes. This saves you from having to verify task logs after the task was scheduled to run.
Vista will even hide tasks and otherwise control which credentials should be used when a task is run. In most cases, credentials are not stored in the task so you can change account passwords centrally without having to worry about all tasks failing. In some scenarios, though, credentials are stored in the secure Credential Manager store. In these cases, you still need to modify passwords locally but not in the task.
You can also use the Task Scheduler to create tasks for either Vista systems or for down-level versions of Windows. Tasks can be exported in XML format and re-imported to any other system. This makes it very easy to generate tasks on one system and ensure they run on all the systems in organizations of all sizes.
Finally, each task includes a history of operation, listing all of the events which indicate when the task was run and for how long. This makes it very easy to monitor tasks and make sure they run when expected.
Tasks can be created in one of three ways. The first lets you create a basic task and runs you through a wizard that takes you through each step required to build the task. Advanced tasks are created using the Create Task command which can be found either in the context menu or in the action pane. Create Task opens the Task dialog box and gives you access to each of the elements that make up a task. Finally, you can create and manage tasks through the command line through an updated schtasks.exe command (see Figure 5). This command lets you script operations such as importing tasks on different systems.
Figure 5. The schtasks.exe Command
Overall, the Task Scheduler is a much more powerful engine for task management and automation on Vista and, when it is linked to the Event Log, Task Scheduler becomes a very strong engine for proactive systems management. In our next article, we’ll examine just how Vista’s new Task Scheduler can be linked to the Event Viewer to automate tasks based on events and create a powerful system management platform with Vista’s own feature set.
About the Authors
Danielle Ruest and Nelson Ruest, MCSE+Security, MCT, Microsoft MVP, are IT professionals specializing in systems administration, migration planning, software management and architecture design. They are authors of multiple books, and are currently working on the Definitive Guide to Vista Migration for Realtime Publishers as well as the Complete Reference to Windows Server Codenamed “Longhorn” for McGraw-Hill Osborne. They have extensive experience in systems management and operating system migration projects.
Whether SOX, HIPAA, GLBA or NISPOM, effective log management is key for meeting compliance requirements.
Network downtime resulting from security attacks is costing companies a bundle, but steps can be taken to prevent the added expense.
Enhance the security of your critical systems (link to solutions – secure) with comprehensive security management including host-based intrusion detection, external attack detection, fast incidence response and forensic analysis.
Whether your company is public or private, large or small, today’s information privacy regulations may affect you and your organization on many different levels, not just financially and legally.