How to trigger a Scheduled Task On Demand from a remote computer using VBA

THIS IS DESMOND OSHIWAMBO GOLD. UNIQUE AND ORIGINAL, HOT OFF THE PRESS !!
How to trigger a Scheduled Task On Demand from a remote computer using VBA.

This post is NEW : If you find it useful or have any questions then please let me know. This post requires a reasonable level of competence, if you don’t know about Scheduled Tasks/Event Viewer/Command Prompts/Run as Administrator then perhaps this post is not for you, sorry !

Also, if you are looking for a PSEXEC solution, this post is not for you; but PSEXEC is a valid alternative.
Also, the command line tool SchTasks can be used by administrators to manage tasks locally and remotely, but as this requires administrative privileges it is not usually good enough.

The Oshiwambo way (below) shows how to trigger an event into a remote computers application log,  the remote computers application log then recognises the event and processes a scheduled task. If this is what you are looking for, then read on  …

Solution begins after a juicy Mango :

mango_16x9[2]

Hello, in case you do not know me, my name is Desmond Oshiwambo.

I love to sit on the beach surfing the web on my laptop, looking out at the waves and contemplating my dry feet. I am connected to my beach-hut via WI-FI, and my beach-hut has a scheduled task that updates the weather twice daily. Occasionally, it would be nice to force that scheduled task from my laptop by the sea, without having to wait for the time of day to reach that rightful hour. So, how do I call a scheduled task on demand ? Well, let us go coconut crazy and find out !!….

First of all, you should really know about the Event Viewer in Control Panel, and about Scheduled Tasks.  Also, a fair degree of awesomeness and confidence is required to go ahead with this method, it is not for the feint hearted ! If it any point you feel scared (and perhaps you should when modifying the permissions of your Event Logs) read the links that I have provided, study hard and you will get there; it’s not as difficult as it looks !!

Ok, so you’re brave and confident and mango’d up to the eyebrows… let’s go..

There are 3 basic steps.
1. Create a scheduled task, instead of using a time trigger, use an Event Log trigger. This runs the scheduled task when a specific Event happens in the computers Event Log (accessible via Control Panel)
2. Modify the Events Log (control panel) Application Log security to allow all Domain Users to alter the log. In secure environments please consider the security implications of this, but my beach hut is fine !!
3. Call the event from a remote computer using WShell->LogEvent method.

It’s all quite simple when you know how …

1. Create The Scheduled Task.
Create your scheduled task with adequate permissions etc.
Triggers -> Begin Task -> On An Event -> Select Custom (instead of Basic) -> Press New Event Filter -> Select the XML tab across the top.

Insert the following XML, replace the text ‘CoconutTrigger’ with the name of your trigger. This is the details of the Event that will appear in the Application Event Log that you want to use as a trigger.

<QueryList>
<Query Id=”0″ Path=”Application”>
<Select Path=”Application”>*[System[Provider[@Name=’WSH’] and (EventID=4)]] and *[EventData[Data[1]=’CoconutTrigger’]]
</Select>
</Query>
</QueryList>

Continue setting up your scheduled task as you like it, with all the necessary actions and permission etc.

2. Modify Events Log permissions.
The events log can only really be looked at and modified by Administrators of the local computer. This solution requires you to relax this rule and allow other members of your Domain to make modifications too. If you work at GCHQ or the NSA then perhaps this is not an option, but here on my beach the security implications of allowing another computer to the access the logs of my local computer are negligible. Anyway, it’s a requirement of this solution.

Modifying the Event Logs permissions should be simple, but it is not. In fact, it is voodooly complicated.

I will explain how, but know that I gleaned my information from the following resources, which may assist you if you are having difficulties.
http://jpadda.wordpress.com/2010/08/08/event-log-write-permissions/
http://www.netid.washington.edu/documentation/domains/sddl.aspx (SDDL Link)

Open up a Command prompt (Start Run-> cmd) with admin privileges (Run As Admin).
To output the permissions of your EventLogs as a text file c:\out.txt type :

c:\wevtutil gl application > C:\out.txt

(The gl parameter of wevtutil outputs the security permissions)
Edit the file with notepad to get the Channel Access line. It will look something like this
channelAccess: O:BAG:SYD:(A;;0xf0007;;;SY)(A;;0×7;;;BA)(A;;0×7;;;SO)(A;;0×3;;;IU)(A;;0×3;;;SU)(A;;0×3;;;S-1-5-3)(A;;0×3;;;S-1-5-33)(A;;0×1;;;S-1-5-32-573)

The Goblidegook represents security permissions for the Application Log. Each set of brackets represents a specific security rule. See http://www.netid.washington.edu/documentation/domains/sddl.aspx)

The string starting O:BAG…. etc, needs the following permission appending to the end of it it (A;;0×3;;;DU)

n.b. (DU – means Domain Users)
To update the security settings you must use wevtutil tool again this time using the sl parameter – to save the settings.
You must be extremely careful using this command (use copy and paste if you can), the O:Bag string must be the same as the channelAccess string above but with (A;;0×3;;;DU) at the end.

WARNING : DO NOT USE THE LINE OF CODE BELOW DIRECTLY — MAKE SURE YOU UPDATE THE O:BAG line WITH THE EQUIVALNET GOBLEDIGOOK FROM YOUR OWN c:\Out.txt FILE.

Example :
C:\wevtutil sl Application /ca:O:BAG:SYD:(A;;0xf0007;;;SY)(A;;0×7;;;BA)(A;;0×7;;;SO)(A;;0×3;;;IU)(A;;0×3;;;SU)(A;;0×3;;;S-1-5-3)(A;;0×3;;;S-1-5-33)(A;;0×1;;;S-1-5-32-573)(A;;0×3;;;DU)

If all has gone well, which I hope it has, you should get a Success message. If so then great! the lion is dead, the witch has melted and the wardrobe is wide open, Welcome to Narnia!

3. Finally, create a trigger !

The following code can be run from any computer in the domain. It triggers an event to be created on the remote computer in the Application Log – which then triggers the Scheduled Task on the computer (created in step 1).

This code can be called from VBA/Access, Excel or VB Script – where ‘CoconutTrigger’ is the data in the event that will cause the trigger (as per step 1).
And “\\remotePC” is the name of the PC on the network. This could be replaced by the name of the PC on the network or its local IP address.

Const EVENT_INFO = 4
Set objShell = Wscript.CreateObject(“Wscript.Shell”)
objShell.LogEvent EVENT_INFO, “CoconutTrigger” , “\\remotepc”
Set objShell = nothing

The event in the remote Application Log appears as WSH – Information – with ‘CoconutTrigger’ in the details.

Well, that took a lot to explain, but should really take about 8 minutes or so once you’ve done it a couple of times, it’s like peeling a mango!
Once you’re done, shoes and sandles off, let’s hit the WAVES !

Have Fun !!!

Advertisements


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s