|
Just to save people time, I think that I have come up with a solution that actually works !
So I don't at this point, need anyone to spend time trying to answer the question. consider the question on closed for the moment.
I have managed to get a standard user to run the scheduled task so will not be running the scheduled task on login as I discovered that there was no way to prevent the settings being applied to the admin account as you need to be a member of the admins account to run the script !
I managed to find a solution to the Sid problem unbelievably in a macro called @SID - how ironic. However, I now need to write into the script that the logged on user must write their SID number to a file and then the scheduled task must read the sid number from the file and execute the script accordingly using the correct SID. Unfortunately if I use the @SID variable in the policy script it returns the SID of the scheduled task user and not the logged on user.
I will immediately go out and buy Glenn some chocolate Les as he has set me on the right track. Its been a bloody nightmare getting the scheduled tasks working properly in windows 7, but its a brilliant way to run a script with elevated privileges without ever revealing the admin credentials. So I am very pleased with Glenn's solution. While I am out buying that chocolate, I just may buy some hard liquor as well. after spending the entire day messing around with scheduled tasks I need it!
| 
