Even in a well run network it’s easy to let things slip through the cracks; scheduled tasks in Windows are one of those things that can get out of hand. You set them and forget them until one day you change the password on a service account that keeps getting locked out to your frustration and then you discover the culprit was a long lost automated job that did something important a computer-eon ago.

If you have a good tool such as Hyena by System Tools you can run a report using Exporter Pro but if you are on a beer budget or are a contractor going site to site then a good script is your weapon of choice. Running Windows command line SCHTASKS is a powerful means to task automation on a number of levels. Having a view of all the tasks running inside an Active Directory (AD) domain is valuable to any admin and a must know for any system security expert. With a little extra coding effort you can generate a clean report encompassing all Windows systems, the below script flips the tables and on this unexciting work like this, another great way of buying time by workin’ them tasks.

Workin' Them Tasks

All you need to make this script run is to define the root of the search by modifying LDAP variable at the top of the script to search your domain. This script uses built-in Windows commands so no extra utilities are needed. In nutshell computer names are pulled from AD using DSQUERY, then the list is cleaned up buy removing disabled computer accounts. You can further refine the list by adding computer names to a file called _Exclude.dat (return carriage format) you want exploded from the report. To save time the script further refines the list to run against by pinging each one first, those that are available are checked and a report is spit out in CSV format so you can open it easily in a spreadsheet.

Recommendations

To start using the script modify the _srcroot variable as shown below:

Modify the variable as follows in light green:

REM Set variables for the root of your LDAP search
REM **********************************************
set _srcroot=DC=yourdomain,DC=com

• Download Workin' Them Tasks

Possible Errors

It’s best to run the script manually at least the first few times because you may run into computers that deny you access, sometimes schtasks bombs out on the target system and generates an error, you may also hit a machine disjoined from the domain which prompts you for credentials and the script will not continue until it's given an entry. Worry not the script will finish regardless, as annoying as this may seem you are getting good information. No centrally controlled computer should deny you access with the exception of outdated Windows OS’s, such issues are telling you which computers are not acting properly or security may have been modified on.

(server names are blurred)