Task-Planner: Trigger ‘At startup’ fails for tasks

[German]There is a problem with task scheduling in Windows (Task Scheduler). The trigger ‘At startup’ may fail sporadically when executing a task under very special conditions. In the Event Viewer, an entry ERROR_LOGON_FAILURE (2147943726) with the ID 101 may be found in the event history of the task scheduler.


Advertising

Microsoft explained the problem in a Technet post by the Ask Core team of Microsoft Japan at the end of September 2018 (thanks to blog reader Markus K. for the tip).

What the problem

In Windows Task-Planner an administrator can set the trigger ‘On startup’ to execute a task directly at Windows system startup. This can be configured in the properties of a task on the Trigger tab. The following dialog box shows a trigger to be edited, where Start Task is set to ‘On Startup’.

Task Scheduling: Edit Triggers

Once the Enabled check box is checked, the task should be executed at that time.

The problem: The trigger fails randomly

Within this blog post the Aks Core team describes the issue, that the execution of the task that uses a “On startup” trigger (on system startup) fails randomly in the Task Scheduler. The error always occurs when multiple tasks are registered in the Task Scheduler with the On startup trigger.


Advertising

The ‘System start’ event occurs, but the corresponding task and the ID of the error event are not executed. Subsequently, an entry with the ID 101 is found in the event history of the task scheduler in the Event Viewer. ERROR_LOGON_FAILURE (2147943726) is displayed as the error value (if history is enabled in the Action menu using the Enable history for all tasks command).

In which constellations does the error occur?

For this sporadic error to occur, various conditions must be fulfilled.

Condition 1

The problem only affects the following versions of Windows.

Windows Server 2016
Windows Server 2012 R2
Windows 10 (alle Versionen, mind. bis 1803)
Windows 8.1

Condition 2

The bug seems to have been introduced with updates since September 2017. The Ask Core team states the following as the second condition for the issue:

  • Updates have been installed since September 2017.
  • The error also occurs if no updates have been installed on Windows 10 version 1703 or later.
  • It is an operating system version up to Windows 10 version 1607 (or a server version) on which updates were installed after September 2017.

The team provided the following updates, which will cause the issue:

  • Windows 8.1 / Windows Server 2012 R2: Update KB4038774 (Monthly rollup preview) September 20, 2017
  • Windows 10 RTM: Update KB4038781 (OS Build 10240.17609) September 13, 2017
  • Windows 10 Version 1607 / Windows Server 2016: Update KB4038801 (OS Build 14393.1737) September 29, 2017

In general, the Ask Core article contains the note that ‘A similar error occurs when a rollup update is installed’. The security online updates do not contain the module that is responsible for the problem, the Microsoft people write.

Condition 3

This issue with non-executed triggers occurs when the task scheduler requests credentials from the Credential Manager to perform the task and the Credential Manager could not complete processing correctly with multiple threads. This constellation therefore only occurs when there are multiple (two or more) tasks that must all fulfill the three conditions listed below.

  • The executing user is not a special account like the SYSTEM account.
  • The option “Do not save password” is not activated.
  • The trigger ‘On startup’ is set for the task..

These are all quite restrictive conditions that must occur simultaneously. Therefore it is unclear to me, whether many administrators are really affected by this problem. But at least it is good to be informed about the cause.

Proposed workarounds

By avoiding these three above conditions it is possible to circumvent the issue of non-executed triggers ‘At startup’ in task planning.

  • The Ask-Core team first makes a simple suggestion to use the special SYSTEM account for the task. The SYSTEM account (Local System Account) is a special service account used internally by Windows. S – 1 – 5 – 18 is assigned as a security identifier, and on the local computer it has the same or more permissions than the administrator (Administrators group). Assigning this account avoids the problems outlined above when the Task Scheduler requests Credential Manager credentials.
  • In domain environments, a second workaround can be established by using the “Do not store passwords” option (for domain users only). This can be set on the General tab of the task under the Do not save password option.
  • The last suggested workaround is to set a different “delay time” for each scheduled task and not have it run at the same time. According to the above explanations, the error that the trigger fails to appear sporadically should also not occur.

Further details may be found in the Ask Core Technet blog post (the English machine translation). If the error occurs, you will know the conditions, maybe it will be helpful.

Similar articles
Windows 10 Version 1803: Sysprep bug and a workaround
Windows 10 Pro V1803: SMBv1 ‘special traps’
Windows 10 Service Stack Update (SSU) internal explained


Advertising
This entry was posted in issue, Windows and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *