Windows

Granting „Logon as a batch job” permission for Task Scheduler to work

Running Tasks with Task Scheduler is one of most common scenarios in Administrators life. By default you can run your Task as SYSTEM which is OK solution if you don't have to access any resources over network. However if you do and you want to run it as specially created domain account for that you need to setup 'Logon as Batch Job' on Windows. This privilege is granted through the Local or Domain Security Policy. If you don't do that and you try to run the task anyway you will get Event ID 4625 in Security log.

And in Task Scheduler history

💡 Solution – Local Security Policy

To do this using the Local Security Policy, follow these steps.

  1. In the Control Panel, open Administrative Tools, then Local Security Policy.
  2. Beneath Security Settings, open Local Policies and highlight User Rights Assignment.
  3. Locate Log on as a batch job. Open the properties and add any users that need this right.
  4. When finished, save your changes and close the Local Security Settings window.

Your changes should take effect immediately.

This post was last modified on 7 czerwca, 2025 12:22

Przemyslaw Klys

System Architect with over 14 years of experience in the IT field. Skilled, among others, in Active Directory, Microsoft Exchange and Office 365. Profoundly interested in PowerShell. Software geek.

Share
Published by
Przemyslaw Klys

Recent Posts

Supercharging Your Network Diagnostics with Globalping for NET

Ever wondered how to run network diagnostics like Ping, Traceroute, or DNS queries from probes…

1 tydzień ago

Automating Network Diagnostics with Globalping PowerShell Module

Are you tired of manually running network diagnostics like Ping, Traceroute, or DNS queries? The…

1 tydzień ago

Enhanced Dashboards with PSWriteHTML – Introducing InfoCards and Density Options

Discover new features in the PSWriteHTML PowerShell module – including New-HTMLInfoCard, improved layout controls with…

2 tygodnie ago

Mastering Active Directory Hygiene: Automating SIDHistory Cleanup with CleanupMonster

Security Identifier (SID) History is a useful mechanism in Active Directory (AD) migrations. It allows…

2 tygodnie ago

Upgrade Azure Active Directory Connect fails with unexpected error

Today, I made the decision to upgrade my test environment and update the version of…

2 tygodnie ago

Mastering Active Directory Hygiene: Automating Stale Computer Cleanup with CleanupMonster

Have you ever looked at your Active Directory and wondered, "Why do I still have…

2 tygodnie ago