Create a Scheduled Task Using Intune

In this blog post, we will learn to create a scheduled task using Intune on Windows 10/11 devices. For creating a scheduled task, we will be using PowerShell scripts and Intune device remediations. For understanding about PowerShell script deployment or how Intune device remediations work, please refer to below links:

• Deploy PowerShell script using Intune.
• Understanding Intune device remediations.

A scheduled task in Windows allows you to automate the execution of programs, scripts, or commands at specified times or events. It is part of the Windows Task Scheduler, a built-in tool in Windows operating systems.

Creating a scheduled task manually in Windows is straightforward through the Task Scheduler application. Go to Action > Create Basic Task. However, when dealing with hundreds of Windows 10 or Windows 11 devices, it becomes necessary to automate the deployment of scheduled tasks.

As we would be utilizing Intune device remediations, It requires two PowerShell scripts, one for detecting a given scheduled task and one for remediation. As an Example, We will deploy/create a scheduled task to restart a Windows device every day at 3 AM using Intune.

Create a Script Package

We will be creating a script package using detection and remediation scripts and deploy it to create a scheduled task on target Windows devices.

• Sign in to the Intune admin center > Devices > Scripts and remediatons.
• Click on + Create under the Remediations tab.

• Basics: Provide information about the script package, such as name, description, and publisher.
  • Name – Restart Device Everyday Scheduled Task.
  • Description – This remediation will create a scheduled task on a Windows device to initiate a daily computer restart at 3 AM.

• Settings: Create a detection script using below PowerShell script code. Save the file as Detection_scheduletask.ps1.

Detection_scheduletask.ps1

<#
.DESCRIPTION
    This script checkes if Cloudinfra-RebootDevice schedule task exists on the device or not
    Author: Jatin Makhija
    Site: cloudinfra.net
    Version: 1.0.0
#>
$taskName = "Cloudinfra-RebootDevice"
$taskStatus = get-scheduledtask | Where-object {$_.taskName -eq "Cloudinfra-RebootDevice"}
if ($taskStatus){
    Write-Host "Task already Exists. No Action Needed."
    Exit 0
}
Else{
    Write-Host "Task does not exist, Remediation required"
    Exit 1
}

• Create a remediation script using below PowerShell script code. Save the file as Remediation_scheduletask.ps1.

Remediation_scheduletask.ps1

<#
.DESCRIPTION
    This script checkes if Cloudinfra-RebootDevice schedule task exists on the device or not. If 
    it does not exist. It will Create a Task name Cloudinfra-RebootDevice.
    Author: Jatin Makhija
    Site: cloudinfra.net
    Version: 1.0.0
#>
$taskName = "Cloudinfra-RebootDevice"
$taskstatus = get-scheduledtask | Where-object {$_.taskName -eq "Cloudinfra-RebootDevice"}
if (!$taskstatus){
    try{
        Write-Host "Cloudinfra reboot device task does not Exists. Creating Task."
        $STaction  = New-ScheduledTaskAction -Execute 'c:\windows\system32\shutdown.exe' -Argument '-r -t 0'
        $STtrigger = New-ScheduledTaskTrigger -Daily -At 3am
        $STSet     = New-ScheduledTaskSettingsSet
        $STuser    = New-ScheduledTaskPrincipal -UserID "NT AUTHORITY\SYSTEM" -LogonType ServiceAccount -RunLevel Highest
        Register-ScheduledTask -TaskName "Cloudinfra-RebootDevice" -TaskPath "\"  -Action $STaction -Settings $STSet -Trigger $STtrigger -Principal $STuser
        Exit 0
    }
    Catch {
            Write-Host "Error in Creating scheduled task"
            Write-error $_
            Exit 1
    }
}
Else{
        Write-Host "Task already Exists, No Remediation required"
        Exit 1
}

• Detection script file – Browse to the detection script Detection_scheduletask.ps1
• Remediation script file – Browse to remediation script file Remediation_scheduletask.ps1
• Run this script using the logged-on credentials – No
• Enforce script signature check – No
• Run script in 64-bit Powershell – Yes

• Assignments: Click on Add group to add an Entra security group containing users or devices. You can also select the schedule for running the script package . You have three options: Once, hourly, or Daily.

• Review + create: Review the deployment and click on Create.

Sync Intune Policies

The device check-in process might not begin immediately. If you’re testing this policy on a test device, you can manually kickstart Intune sync from the device itself or remotely through the Intune admin center.

Alternatively, you can use PowerShell to force the Intune sync on Windows devices. Restarting the device is another way to trigger the Intune device check-in process.

End User Experience

After the deployment is completed successfully, A scheduled task will be created on the target device. To check and confirm, follow the below steps:

• Go to Start and search for the Task Scheduler application.
• Launch the application and click on Task Scheduler Library.
• You can find a new scheduled task created called Cloudinfra-RebootDevice. Its configuration, like action, trigger, etc., is configured as per the remediation PowerShell script.

Monitor Scheduled Task Script Package Deployment

• Sign in to the Intune admin center > Devices > Scripts and Remediations.
• Click on the Remediation script package you want to monitor – for example, Restart Device Everyday Scheduled Task.

• Visit the Overview page, where you can find the Detection Script and Remediation Script status.

• Below screenshot shows that the detection script found issues, indicating it couldn’t locate the scheduled task Cloudinfra-RebootDevice on the device. However, the remediation status is marked as Issue Fixed, signifying that the PowerShell script for remediation successfully created the scheduled task on the target device.

Find Intune Device Remediation Logs

To gather more information about this deployment, check the logs on one of the target devices. You can find Intune Management Extension logs at the following location: C:\ ProgramData\Microsoft\IntuneManagementExtension\Logs. Open the most recent IntuneManagementExtension.log file and check the Issues.

About Intune Management Extension (IME) Log Files

Create a Scheduled task to Execute a PowerShell Script

You might have a requirement to run a PowerShell script on a specific schedule. You can create a scheduled task for this, similar to what we have created in the previous section of the post.

Furthermore, you can use the same script and update the variable $STaction, which will run New-ScheduledTaskAction cmdlet. Copy the PowerShell script you want to schedule on to the target devices first before specifying its path in the script.

Here’s an example of the updated $STaction variable, which executes a PowerShell script stored at C:\AllScripts\RestartWindows.ps1 path.

$STaction

$STaction = New-ScheduledTaskAction -Execute '"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"' -Argument '-ExecutionPolicy Bypass -File "C:\AllScripts\RestartWindows.ps1"'

Conclusion

In this blog post, we have learnt the steps to set up a scheduled task using Intune on a Windows 10/11 devices. While there are various approaches for creating scheduled tasks with Intune, I’ve found this method to be the most effective and easily customizable to meet your specific requirements.

You can modify the remediation script and tailor it to your specific requirements. In this blog post, I’ve used an example of creating a scheduled task to reboot Windows devices daily at 3 AM.

Read Next

Schedule Windows Reboot Using Intune

Force Lock Screen After User Inactivity using Intune