How to Create a Scheduled Task Using Intune

My previous blog post provided the steps for deploying PowerShell scripts using Intune. This method is excellent for deploying one-time scripts to specific devices. In this blog post, we’ll explore an alternative approach: using Intune device remediations to create scheduled tasks for deploying PowerShell scripts.

A scheduled task in Windows allows you to automate the execution of programs, scripts, or commands at specified times or events. It is part of the Windows Task Scheduler, a built-in tool in Windows operating systems.

Creating a scheduled task manually in Windows is straightforward through the Task Scheduler application. Go to Action > Create Basic Task. However, when dealing with hundreds of Windows 10 or Windows 11 devices, it becomes necessary to automate the deployment of scheduled tasks to minimize your workload.

We will use two PowerShell scripts, one for detecting a given scheduled task and one for Remediation. For Example, we will Deploy/Create a scheduled task to Restart a Windows device every day at 3 AM using Intune.

Create a Script Package

To create a script package, follow the below steps:

• Sign in to the Intune admin center
• Go to Devices > Scripts and remediatons.
• Click on + Create under the Remediations tab

Basics Tab

The basics tab will provide information about the script package, such as name, description, and publisher.

• Name – Restart Device Everyday Scheduled Task.
• Description – This remediation will create a scheduled task on a Windows device to initiate a daily computer restart at 3 AM.
• Publisher – Jatin Makhija.

Settings Tab

• Create a detection script using the Powershell code below. Save it as Detection_scheduletask.ps1.

Detection_scheduletask.ps1

<#
.DESCRIPTION
    This script checkes if Cloudinfra-RebootDevice schedule task exists on the device or not
    Author: Jatin Makhija
    Site: cloudinfra.net
    Version: 1.0.0
#>
$taskName = "Cloudinfra-RebootDevice"
$taskStatus = get-scheduledtask | Where-object {$_.taskName -eq "Cloudinfra-RebootDevice"}
if ($taskStatus){
    Write-Host "Task already Exists. No Action Needed."
    Exit 0
}
Else{
    Write-Host "Task does not exist, Remediation required"
    Exit 1
}

• Create a remediation script using the Powershell code below. Save it as Remediation_scheduletask.ps1.

Remediation_scheduletask.ps1

<#
.DESCRIPTION
    This script checkes if Cloudinfra-RebootDevice schedule task exists on the device or not. If 
    it does not exist. It will Create a Task name Cloudinfra-RebootDevice.
    Author: Jatin Makhija
    Site: cloudinfra.net
    Version: 1.0.0
#>
$taskName = "Cloudinfra-RebootDevice"
$taskstatus = get-scheduledtask | Where-object {$_.taskName -eq "Cloudinfra-RebootDevice"}
if (!$taskstatus){
    try{
        Write-Host "Cloudinfra reboot device task does not Exists. Creating Task."
        $STaction  = New-ScheduledTaskAction -Execute 'c:\windows\system32\shutdown.exe' -Argument '-r -t 0'
        $STtrigger = New-ScheduledTaskTrigger -Daily -At 3am
        $STSet     = New-ScheduledTaskSettingsSet
        $STuser    = New-ScheduledTaskPrincipal -UserID "NT AUTHORITY\SYSTEM" -LogonType ServiceAccount -RunLevel Highest
        Register-ScheduledTask -TaskName "Cloudinfra-RebootDevice" -TaskPath "\"  -Action $STaction -Settings $STSet -Trigger $STtrigger -Principal $STuser
        Exit 0
    }
    Catch {
            Write-Host "Error in Creating scheduled task"
            Write-error $_
            Exit 1
    }
}
Else{
        Write-Host "Task already Exists, No Remediation required"
        Exit 1
}

• Detection script file – Browse to the Detection script Detection_scheduletask.ps1
• Remediation script file – Browse to Remediation script file Remediation_scheduletask.ps1
• Run this script using the logged-on credentials – No
• Enforce script signature check – No
• Run script in 64-bit Powershell – Yes

Assignments tab

Click on Add group to add an Entra security group containing users or devices. You can also select the Schedule to run this Powershell script. You have three options: Once, hourly, or Daily.

Review + Create

Review the deployment and click on Create to start the deployment process.

Sync Intune Policies

The device check-in process might not begin immediately. If you’re testing this policy on a test device, you can manually kickstart Intune sync from the device itself or remotely through the Intune admin center.

Alternatively, you can use PowerShell to force the Intune sync on Windows devices. Restarting the device is another way to trigger the Intune device check-in process.

End-user Experience

After the deployment is completed successfully, A scheduled task will be created on the target device. To check and confirm, follow the below steps:

• Go to Start and search for the Task Scheduler application.
• Launch the application and click on Task Scheduler Library.
• You can find a new Scheduled task created called Cloudinfra-RebootDevice. Its configuration, like action, trigger, etc., is configured as per the remediation PowerShell script.

How to Monitor Intune Device Remediations

To check Intune device remediation script packages, do the following:

• Sign in to the Intune admin center.
• Go to Devices > Scripts and Remediations.
• Click on the Remediation script package you want to monitor—for example, Restart Device Everyday Scheduled Task.

• Visit the Overview page, where you can find the Detection Script and Remediation Script status.

• The screenshot below shows that the Detection script found issues, indicating it couldn’t locate the scheduled task Cloudinfra-RebootDevice on the device. However, the Remediation Status is marked as Issue Fixed, signifying that the PowerShell script for remediation successfully created the scheduled task on the target device.

Where to find Intune Remediation Logs?

To gather more information about this deployment, check the logs on one of the target devices. You can find Intune Management Extension logs at the following location: C:\ ProgramData\Microsoft\IntuneManagementExtension\Logs. Open the most recent IntuneManagementExtension.log file and check the Issues.

Create a Scheduled task to Execute a Powershell Script

You might have a requirement to run a PowerShell script on a specific schedule. You can create a scheduled task for this in the same manner we previously established a scheduled task for rebooting the device.

You can use the same script and update the variable $STaction, which will run New-ScheduledTaskAction cmdlet. Make sure to copy the PowerShell script to the target devices first before specifying its path in the script.

Here’s an example of the updated $STaction variable, which executes a PowerShell script stored at C:\AllScripts\RestartWindows.ps1 path.

$STaction

$STaction = New-ScheduledTaskAction -Execute '"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"' -Argument '-ExecutionPolicy Bypass -File "C:\AllScripts\RestartWindows.ps1"'

Conclusion

In this blog post, we’ve learned how to set up a scheduled task using Intune on a Windows 10 or Windows 11 device. While there are various approaches for creating scheduled tasks with Intune, I’ve found this method to be the most effective and easily customizable to meet your specific requirements.

You can modify the remediation script and tailor it to your specific requirements. In this blog post, I’ve used an example of creating a scheduled task to reboot Windows devices daily at 3 AM.

READ NEXT

• How To Create Registry Keys Using Intune Win32 App
• Enable/Disable Local Admin Account Using Intune Remediations
• Intune: Configure Windows Telemetry/Diagnostic data [3 ways]
• How To Set Desktop And Lock Screen Wallpaper Using Intune
• How To Create Windows Defender Firewall Rules Using Intune
• How To Configure Time Zone Using Intune