JumpCloud Community

Hi Community Folks

In environments like shared workstations, remote desktops and call centers, managing system uptime and ensuring systems are regularly rebooted or shut down can be challenging.
Automating this process can significantly improve system performance, reliability and your security posture as well. Using PowerShell and Task Scheduler, you can easily schedule a task that reboots or shuts down a computer after a specified period of inactivity.

Regular reboots can help to:

• Clear temp files and memory leaks
• Ensure that updates are applied
• Improve the overall system performance
• Ensure that workstations don't remain unsupervised for too long

This script creates a scheduled task named "RebootAfterIdling" that reboots the computer after the specified idle time (1 hour in this example). The task runs under the NT AUTHORITY\SYSTEM account, ensuring it runs invisibly and regardless of whether a user is logged on.

How to deploy it via JumpCloud?

1. Create a new Command or Command After Agent Install
   Customize the script to your liking (it's well documented)
2. Paste it into Command box, tick the checkbox for `PowerShell`
3. Assign it to a Group of Devices or a Devices (test before any bulk deployment)
4. Run the Command against the targeted systems

That's it. 

 The entire script (link to my Github😞

<# 
- Create a scheduled task that reboots or shuts down the computer after a specified number of hours of idle time.
- The task runs invisibly and whether or not users are logged on.
- The task is created to run only when the computer is idle.
- The task is created to run as the SYSTEM account.
- The task is created to run with the highest privileges.
- The task is created to run the action in a PowerShell process that is not visible to users, and doesn't load the user's profile.
- The task is created to run the action in a PowerShell process that does not require user confirmation/interaction/input/output/prompts.
#>


# Specify the number of hours of idle time after which the reboot or shutdown should occur:
$idleTimeoutHours = 1
# Specify the task name to your liking:
$taskName = 'RebootAfterIdling'

# Create the reboot or shutdown action.
# Note: Passing -Force to Restart-Computer is the only way to ensure that the
#       computer will reboot. This result in data loss if the user has unsaved data:
$action = New-ScheduledTaskAction -Execute powershell.exe -Argument @"
  -NoProfile -Command "Start-Sleep $((New-TimeSpan -Hours $idleTimeoutHours).TotalSeconds); Restart-Computer -Force"
"@

# If you want to shutdown instead of a reboot, replace Restart-Computer with Stop-Computer:
# $action = New-ScheduledTaskAction -Execute powershell.exe -Argument @"
#  -NoProfile -Command "Start-Sleep $((New-TimeSpan -Hours $idleTimeoutHours).TotalSeconds); Stop-Computer -Force"
# "@

# Specify the user identity for the scheduled task:
# Using NT AUTHORITY\SYSTEM, so that the tasks runs invisibly and whether or not users are logged on.
$principal = New-ScheduledTaskPrincipal -UserID 'NT AUTHORITY\SYSTEM' -LogonType ServiceAccount

# Create a settings set that activates the condition to run only when idle.
$settings = New-ScheduledTaskSettingsSet -RunOnlyIfIdle

# New-ScheduledTaskTrigger does NOT support creating on-idle triggers, but you can use the relevant CIM class directly, courtesy of this excellent blog post:
# https://www.ctrl.blog/entry/idle-task-scheduler-powershell.html
$trigger = Get-CimClass -ClassName MSFT_TaskIdleTrigger -Namespace Root/Microsoft/Windows/TaskScheduler  

# Create and register the task with the specified action, principal, settings, and trigger:
Register-ScheduledTask $taskName -Action $action -Principal $principal -Settings $settings -Trigger $trigger -Force

Thanks for reading!
- Juergen