How do I rename a task in Task Scheduled on Windows Server 2008 R2

Question

I have some tasks in the Task Scheduler on Windows 2008 R2. I created them as the admin and I'm logged in as the admin. I have no easy way to rename the tasks. The only way I can is to export the task config to a XML file and re-import to a new task, change the name there, then delete the old task. Is there an easier way?

Answer 1

EDIT: After well over a decade, this answer of mine has a better answer down below that I will gladly defer to: https://serverfault.com/a/1159533/9770

Answer 2

Not the best way but can be a life saver.

Tasks are stored in C:\Windows\System32\Tasks in XML format importable using schtasks.exe. As Weasly told, renaming the file doesn't work but Create/Delete will. That said, you need the running user password (that you have)

Compared to Weasly's suggestion, it just skips the export phase.

1. create a second task using the first as template
2. remove the original

Using srcname and dstname and an admin shell in Tasks folder:

C:\Windows\System32\Tasks>schtasks /Create /tn dstname /xml srcname /ru [running username] /rp [password]
SUCCESS: The scheduled task "dstname" has successfully been created.

C:\Windows\System32\Tasks>schtasks /delete /tn srcname /f
SUCCESS: The scheduled task "srcname" was successfully deleted.

Notes:

• With a little bit of scripting, you can rename a large bunch of tasks without effort
• If needed you should be able to extract the original RU from the XML (in node Task/Principals/Principal/UserId)
• If you want schtasks to ask for the password, simply remove /rp [password] portion

Answer 3

Short Version

You can't rename a scheduled task because that would change the SID the task runs as.

The name forms the Security Identifier (SID) of the user the task will run as. Renaming the task would break any existing permissions.

Long Version

There are a lot of people complaining about being unable to rename a scheduled task. There is a reason for it.

A scheduled task runs as some user, e.g.:

• Local Service (good)
• Network Service (good)
• System (bad)
• some process account manually created in Active Directory (bad)

This means if your task needs to access some resources, you need to grant that user access to those resources.

What we really want it to grant access to that Task; that scheduled task itself should have the permissions - not the user the task runs as. This is called Task Security Hardening.

Task Hardening

When a scheduled task is run, the task scheduler adds an additional Security Identifier (SID) in the token of the user running the task. E.g.:

• Name: NT TASK\[Task name] (e.g. "NT TASK\The quick brown fox jumped over the lazy dog")

• Group sid: S-1-5-87-x-x-x-x-x (e.g. S-1-5-87-2312335432-65297056-3549082870-2589977271-250352331)

The sid of this group is dynamically generated based on the hash of the name of the scheduled task. The group sid is a child of the authority S-1-5-87. The SID's Relative ID 87 comes from the constant defined in winnt.h:

SECURITY_TASK_ID_BASE_RID                 (0x00000057L)

You can see this additional group SID in the security token of the launched process:

Generating Task SIDs

You can manually hash a task name, or see what the hypothetical sid for that task would be, by running a command-line tool:

>schtasks /showsid /TN "The quick brown fox jumped over the lazy dog"
SUCCESS: The SID "S-1-5-87-2312335432-65297056-3549082870-2589977271-250352331" 
for the user name "The quick brown fox jumped over the lazy dog" 
has been computed successfully.

And you can use icacls to grant permissions to that group:

>icacls yellow.png /grant "*S-1-5-87-2312335432-65297056-3549082870-2589977271-250352331:(M)"

If the scheduled task is in a folder, you need to include that folder as well:

>schtasks /showsid /TN "Stackoverflow\Answer Question About Security"
SUCCESS: The SID "S-1-5-87-1865438416-972601292-3915696002-2261943663-3756584440" 
for the user name "Stackoverflow-Answer Question About Security" 
has been computed successfully.

And, again, you can grant that SID permissions on the object:

>icacls yellow.png /grant "*S-1-5-87-1865438416-972601292-3915696002-2261943663-3756584440:(M)"
processed file: yellow.png
Successfully processed 1 files; Failed processing 0 files

And you can see the group having been granted permissions (in this case Modify permissions):

The good thing about:

• this virtual account system (which is also used by services with NT SERVICE group, and by the IIS Application Identity)
• and with the special Local Service and Network Service accounts

is that these accounts have no password - no user is allowed to login as them. This means that you don't have to worry about the password leaking.

And on top of that, when you use NT TASK, NT SERVICE, or IIS APPPOOL virtual accounts to assign permissions: there is no way to impersonate that user. It's not a user in any sense. These are extra security boundaries that are a very good thing.

So of course you can't rename it

If you've been paying attention, you will now see why you cannot rename a scheduled task, or move it to another folder: it would change the hash of the task's name, changing the task's NT TASK SID, and invalidate any permissions it's been granted.

Answer 4

Unfortunately not. That's the way this is done now. I believe it's for security purposes, so that set tasks cannot be modified while they are actually setup and enabled.

Answer 5

It appears (as noted in other answers) that there is no API for renaming a Windows scheduled task. As a workaround, you can automate creation of a new task with a different name and/or path. I wrote a PowerShell script (Rename-ScheduledTask.ps1) that does this.

Basically, it uses the TaskService COM object. Script summary:

• Call the Connect method to connect to the task scheduler
• Call the GetFolder method to get a TaskFolder object
• Call the task folder's GetTask method to retrieve a TaskDefinition object for the task
• Call the task folder's RegisterTaskDefinition method to write the task with a new name
• Call the task folder's DeleteTask method to delete the older copy of the task

If the task uses the "Run whether user is logged on or not" option, you have to re-enter the password unless the account is a gMSA.

Answer 6

Please be sure before you answer "Cannot do this", "Impossible", etc.

Check out this power shell script.

Answer 7

Yes it's possible ! Just export the task (right click on the task / Export...) as an XML file (on the Desktop for instance). Then, delete the task in the Tasks Scheduler and right click / Import a task. Choose the previously saved XML file, rename the task and save it. Voila.

Answer 8

One possibility is, to export the task, delete the task, rename the file and import it again.

A good description can be found here: Rename task in task scheduler

Answer 9

This function can be used to rename Schedule Tasks using PowerShell. Below you can find examples on how to use it and how to move many tasks from one folder to another. The function takes advantage of the fact that all tasks are stored in the Windows folder. If you do not have access to them, you can create a new function to export them all into XML files that you can then use to upload. Or even make it part of the below function, export and them import.

function rename-task {
$src_path = "C:\Windows\System32\Tasks"
$src_xml = Join-Path -Path $src_path -ChildPath $args[0]
(schtasks /Create /tn $args[1] /xml $src_xml) -and (schtasks /delete /tn $args[0] /f)
} 

If you place this function inside PS profile it will auto load.

C:\Users\USER\Documents\WindowsPowerShell\Microsoft.PowerShell_profile.ps1

Example use:

rename-task "original_name" "target_name"

Search for tasks

Get-ScheduledTask|sls -SimpleMatch pattern

Move tasks from one folder to another. Pattern is a regular expression so you can pass many tasks in one pass:

Get-ScheduledTask|select TaskName, TaskPath|where {$_.TaskName -match "PATTERN"}|ForEach{rename-task $_.TaskName $(Join-Path "\TGT_Folder\" $_.TaskName)}