Scheduled task not detecting dirty reboots

Question

With the following I'm attempting to get a notification on dirty reboot.

$taskName = "MON_UNEXPECTED_REBOOT"
$psPath = "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
$arguments = '-file "C:\MAINTENANCE\MON\MON_REBOOT\MON_UNEXPECTED_REBOOT_SEND_MAIL.ps1"'
$action = New-ScheduledTaskAction -Execute $psPath -Argument $arguments
$CIMTriggerClass = Get-CimClass -ClassName MSFT_TaskEventTrigger -Namespace Root/Microsoft/Windows/TaskScheduler:MSFT_TaskEventTrigger
#Start trigger 1
$Trigger1 = New-CimInstance -CimClass $CIMTriggerClass -ClientOnly
$Trigger1.Subscription = 
@"

"@
$Trigger1.Enabled = $True 
#Start trigger 2
$Trigger2 = New-CimInstance -CimClass $CIMTriggerClass -ClientOnly
$Trigger2.Subscription = 
@"

"@
$Trigger2.Enabled = $True 
#Create an array of triggers
$Triggers = @($Trigger1,$Trigger2)
$principal = New-ScheduledTaskPrincipal -UserID DOMAIN\gMSA$ -LogonType Password -RunLevel Highest
$settings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -StartWhenAvailable -ExecutionTimeLimit (New-TimeSpan -Hours 1)
Register-ScheduledTask -TaskName $taskName -taskpath 'MON' -Action $action -Trigger $Triggers  -Settings $settings -Principal $principal -Description "Sends email when reboot is unexpected."

But what happens is....nothing. I can run the task manually (from scheduler by hitting run) after dirty reboot and it will pick up the event id and send the email. What I suspect is happening here is the event ID is thrown after startup but before task scheduler can see that it's a new event id, but how to capture that in PowerShell for creating a task remains a mystery. I have a similar task running successfully for user-initiated reboots: the only thing different is the event id's.

tldr: No email is sent from scheduled task that is supposed to detect dirty reboot and send email

Scheduled task not detecting dirty reboots

Answers (0)

Related Questions