In my post about enabling PowerShell. I mentioned I got blocked for a while and would explain later why and what happened.
Problem: Windows Azure runs startup tasks as localsystem. Some startup tasks need to be running in the context of a user.
Solution: Use the task scheduler in Windows Server to execute the command.
A few people have already asked how to apply the technique to other things so here goes.
Lets take a look at the original startup task I was trying to execute.
This doesn’t work because the powershell command “Enable-PSRemoting” doesn’t work unless it runs as an elevated user that belongs to the administrators group. Localsystem doesn’t belong to this group.
In my original blog post, I showed how you could enable this using winrm. But sometimes you want this something to happen when the role starts.
To make a task run as a user account as a startup task simply create a new task for the Windows Scheduler to execute as shown below.
Works like a charm. Hopefully you can figure out how to run your own commands instead of PowerShell.
It is safe to say that you probably want to secure the username and password that is created. I think ideally a wrapper that can read a username and encrypted password from config, create all the scheduled tasks and then execute them. Maybe that is a job for next time.
THIS POSTING IS PROVIDED “AS IS” WITH NO WARRANTIES, AND CONFERS NO RIGHTS