Ok so this turns out to be pretty interesting and illustrates a few troubleshooting steps to perform in general.
I ran this on my machine, and the action status was Completed but no scheduled task was created. The Completed status just means that every line of the script executed; without Relevance to check the results, it’s impossible to tell whether the command line did what you wanted, just that it executed.
The next place to check is the client log.
At 14:16:26 -0500 - actionsite (http://BES-Dev-Root:52311/cgi-bin/bfgather.exe/actionsite)
Command succeeded (Exit Code=1) wait cmd.exe /C "schtasks /create /f /sc ONCE /TN BLC /TR "C:\Program Files (x86)\BLC\LEWIN\INSDESK.EXE" /rl highest /st 17:00" (action:11008)
The command executed on the client, but gave an Exit Code of 1. Usually, any exit code other than 0 indicates some kind of failure.
The next step is to execute the command line manually on a machine. This is successful. We can also check the exit code from the command line as follows:
C:\>cmd.exe /C "schtasks /create /f /sc ONCE /TN BLC /TR "C:\Program Files (x86)\BLC\LEWIN\INSDESK.EXE" /rl highest /st 17:00"
SUCCESS: The scheduled task "BLC" has successfully been created.
C:\>echo %ERRORLEVEL%
0
That says it was successful, and the error code is 0 (success). So what gives?
Next I updated the Action Script to produce a log file, with the output of the command line that we are running. Here both Standard Output and Standard Error are output to the same log, c:\temp\task.out :
wait cmd.exe /C "schtasks /create /f /sc ONCE /TN BLC /TR "C:\Program Files (x86)\BLC\LEWIN\INSDESK.EXE" /rl highest /st 17:00 > c:\temp\task.out 2>&1"
After running this action script, I check that output file on the client and see
C:\>type c:\temp\task.out
ERROR: No mapping between account names and security IDs was done.
(16,8):UserId:
It’s the schtasks.exe command itself that is giving the error. From the ‘no mapping between account names and security IDs was done’ message, I can surmise that by default schtasks.exe is trying to create the task to run under the account of the user - and it is failing to figure out the username for the LocalSystem account that BigFix is running under.
We can create the task specifically to run as LocalSystem by changing the schtasks command line, adding the /RU parameter to configure which user account should execute the task:
wait cmd.exe /C "schtasks /create /f /sc ONCE /TN BLC /TR "C:\Program Files (x86)\BLC\LEWIN\INSDESK.EXE" /rl highest /st 17:00 /RU "NT AUTHORITY\System" > c:\temp\task.out 2>&1"
This time it looks better in the client log, with the exit code of 0 :
At 14:31:30 -0500 - actionsite (http://BES-Dev-Root:52311/cgi-bin/bfgather.exe/actionsite)
Command started - wait cmd.exe /C "schtasks /create /f /sc ONCE /TN BLC /TR "C:\Program Files (x86)\BLC\LEWIN\INSDESK.EXE" /rl highest /st 17:00 /RU "NT AUTHORITY\System" > c:\temp\task.out 2>&1" (action:11010)
At 14:31:31 -0500 - actionsite (http://BES-Dev-Root:52311/cgi-bin/bfgather.exe/actionsite)
Command succeeded (Exit Code=0) wait cmd.exe /C "schtasks /create /f /sc ONCE /TN BLC /TR "C:\Program Files (x86)\BLC\LEWIN\INSDESK.EXE" /rl highest /st 17:00 /RU "NT AUTHORITY\System" > c:\temp\task.out 2>&1" (action:11010)
And, on the endpoint machine, the task was created
C:\>schtasks /query /tn BLC
Folder: \
TaskName Next Run Time Status
======================================== ====================== ===============
BLC 3/18/2021 5:00:00 PM Ready