I am trying to run a Powershell script using Task Scheduler. The script uses a Logical account with an encrypted password file. If run manually, I am prompted to login to the connection client. I can dismiss the client without logging in and the script runs successfully, but if run with task scheduler the script fails with the following error:
Error: [Error 55515: Invalid user name and password combination.]
This is strange since the same password file is used when run manually or through the task scheduler. Here is the code for logging in I use:
If(Test-Path $PWPsswdFilePath){
$SecurePassword = Get-SecureStringFromEncryptedFile -FileName E:\PowerShell\Pswd\Refresh_Geo_PWFiles_pw.txt
} else {
Save-SecureStringToEncryptedFile -FileName E:\PowerShell\Pswd\Refresh_Geo_PWFiles_pw.txt -prompt "enter password to encrypt and store"
}
if (New-PWLogin -DatasourceName $datasource -UserName $pwuser -Password $SecurePassword -NonAdminLogin){
$SecurePassword.Dispose()
Hoping someone may have some experience with this and has found a workaround. I saw a post suggesting rolling back to an older version of ProjectWise on the Server (*.*.*.280). I am considering this however not sure how long the version will be supported and I'd rather know I am using the latest version.
Thanks,
Mike Robertson
Gratuitous commentary:
Why are you using the -NonAdminLogin switch? Using that will limit the functionality of many of the PWPS_DAB cmdlets. PowerShell is really for administrators, as opposed to automating tasks for non-admin users.
A couple of suggestions:
Modify your script to use the hard-coded user name and password of the logical account. Get that right first. You could also look at the rights of the user you are running the task scheduler under.
Hopefully we can get this working without rolling back client or server versions.
Mark Weisman | Bentley Systems
Be sure to create the file containing your encrypted password using the account you are running the scheduled task with. If you don't it will not work.
We've been doing that type of login (without the -Non switch) for years with servers .271 and .299.
Windows encrypts the password file using data from the user account so only that user can decrypt. Is the task running under your account? I presume you had run it from yours when you encrypted it.
Consider writing the password length, part of the password, or something to a different file just to get an idea what is happening then take it out any debug code once fixed to ensure it's not possible to activate. You could even use the msg utility on that machine but make sure it targets you and nobody else can log in as the command line can be viewed.
Bill
Forgot to add, it's not only encrypted using the user (public key?) but also data about the machine too. Those files are not portable
Good point!