Skip to main content

Hey folks,

I’ve been working a worklet to enroll Windows 10 device in Autopilot using Graph API.

Mandatory “it works when run manually” but when testing in NTAUTHORITY/SYSTEM context via psexec, it fails. Specifically, when trying to install modules due to network access being heavily restricted in this account.

I could temporarily create a local administrator account, but I’m unsure as to how to run Automox-deployed worklets in another local user context.

Any pointers on how to run Worklets in another (local) user’s context?

Thanks!

Can’t add much to actually answer the question, but did want to reply as I am also running into this issue. Scripts run fine in PS on my laptop, but when I run them through Automox I get no such luck.

Use the worklet to create a scheduled task that runs in user context. 

 

copy-item script.ps1 C:\windows\temp\script.ps1

$TaskStartTime = (Get-Date)
$SchedService = New-Object -ComObject Schedule.Service
$SchedService.Connect()
$Task = $SchedService.NewTask(0)
$Task.RegistrationInfo.Description = 'Description'
$Task.Settings.Enabled = $TaskSchd
$Task.Settings.AllowDemandStart = $true
$Task.Settings.WakeToRun = $true
$trigger = $Task.triggers.Create(1) # https://docs.microsoft.com/en-us/windows/win32/taskschd/triggercollection-create
$trigger.StartBoundary = $TaskStartTime.ToString("yyyy-MM-dd'T'HH:mm:ss")
$trigger.Enabled = $true
$action = $Task.Actions.Create(0)
$action.Path = "c:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
$action.Arguments = '-NoProfile -NoLogo -NonInteractive -ExecutionPolicy Bypass -File "C:\windows\temp\script.ps1"'
$taskFolder = $SchedService.GetFolder('\')
$taskFolder.RegisterTaskDefinition("Task Name", $Task , 6, 'Users', $null, 4) | out-null

Terms & ConditionsCookie settingsAccessibility statement