I am trying to write an automation script to remove calendar permissions on Exchange Online automatically using Powershell and Task Scheduler.
When I run the command, the permission is removed as expected, but when I create the task, I get an error that says "Missing argument in parameter list" and I am not sure why.
This is the entire script:
$Trigger= New-ScheduledTaskTrigger -Once -At "01/11/2023 10:00:00"
$User= "user-account"
$Action= New-ScheduledTaskAction -Execute "PowerShell.exe" -Argument "-NoExit [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12; $userName = '[email protected]'; $passwordText = Get-Content 'C:\Users\User\Secure.txt'; $securePwd = $passwordText | ConvertTo-SecureString; $credObject = New-Object System.Management.Automation.PSCredential -ArgumentList $userName, $securePwd; connect-exchangeonline -Credential $credObject; Remove-MailboxFolderPermission -Identity [email protected]:\Calendar -User [email protected] -Confirm:$false"
Register-ScheduledTask -TaskName "REMOVE-CONFIG" -Trigger $Trigger -User $User -Action $Action -RunLevel Highest –Force
I have determined that the issue comes in here: -ArgumentList $userName, $securePwd. When the task runs the script, it does't recognise that there are these two $ variables in the command.
How do I get this script to execute correctly?
Any help will be appreciated!
Kind regards,
Dust
UPDATE This is my new command that still doesn't work however the command works if I manually create a task in task scheduler:
$Trigger= New-ScheduledTaskTrigger -Once -At "01/11/2023 19:00:00"
$User= "MYDOMAIN\User"
$Action= New-ScheduledTaskAction -Execute "PowerShell.exe" -Argument "-NoExit -Command [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12; Set-Variable -Name userName -Value '[email protected]'; Set-Variable -Name passwordText -Value (Get-Content C:\Users\User\Secure.txt); Set-Variable -Name securePwd -Value ($passwordText | ConvertTo-SecureString); Set-Variable -Name credObject -Value (New-Object System.Management.Automation.PSCredential -ArgumentList $userName, $securePwd); connect-exchangeonline -Credential $credObject; Remove-MailboxFolderPermission -Identity [email protected]:\Calendar -User [email protected] -Confirm:$false"
Register-ScheduledTask -TaskName "REMOVE-CONFIG" -Trigger $Trigger -User $User -Action $Action -RunLevel Highest –Force`
CodePudding user response:
I suggest to call PowerShell with parameter -EncodedCommand so you don't need to worry about quoting and escaping. Instead, you can just write a regular PowerShell script and encode it to base-64 afterwards. Using a here-string @'…' lets you avoid to crunch everything into a single line.
$Trigger = New-ScheduledTaskTrigger -Once -At "01/11/2023 19:00:00"
$User = "MYDOMAIN\User"
$command = @'
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12
$userName = '[email protected]'
$passwordText = Get-Content C:\Users\User\Secure.txt
$securePwd = $passwordText | ConvertTo-SecureString
$credObject = New-Object System.Management.Automation.PSCredential -ArgumentList $userName, $securePwd
connect-exchangeonline -Credential $credObject
Remove-MailboxFolderPermission -Identity [email protected]:\Calendar -User [email protected] -Confirm:$false
'@
# Encode command to base-64
$commandBytes = [System.Text.Encoding]::Unicode.GetBytes( $command )
$commandBase64 = [Convert]::ToBase64String( $commandBytes )
$Action= New-ScheduledTaskAction -Execute "PowerShell.exe" -Argument "-NoExit -EncodedCommand $commandBase64"
Register-ScheduledTask -TaskName "REMOVE-CONFIG" -Trigger $Trigger -User $User -Action $Action -RunLevel Highest –Force