As a follow-up to this regular and manual maintenance tasks post, let’s focus on tasks that are scheduled and automated. To make management a bit easier, there are a few things that I like to do before setting up the first task.
Setting Up A Scheduled Task Server
First, where possible – run your tasks from a central dedicated VM with dedicated user(s) accounts. In the past, I’ve setup these tasks on my workstation with my user. When my machine messed up or I changed my password (or any other number of things), the tasks stopped working. Now, I like to use a VM with dedicated service users delegated the permissions required for their task. For example, you might have a user for AD changes, SCCM management, and syncing to outside services. Or you might be comfortable with one account delegated only the permissions that it needs. Either way, your service account(s) most likely do not need domain admin permissions and should not be used elsewhere.
Second, make sure that you have a backup strategy for your maintenance machine. We often forget to include these types of side servers in DR plans. As you centralize tasks, they become critical to your environment.
Automatic Tasks for Your Server
Here is a list of tasks that I have running. Item without a link are custom scripts that I haven’t polished enough to publish here. 🙂
- AD – Add Objects to Groups Automatically
- AD – Create Users from SIS
- AD – Find Computers with Broken Trusts
- AD – Move Computers to OU by IP or Name
- AD – Prevent Accidental Deletions
- AD – Set and Update Manager Attributes
- AD – Stale Object Cleanup
- File Servers – Create Student Classwork Folders
- File Servers – Create Substitute Lesson Plan Shares
- File Servers – Reduce Picture Size
- File Servers – Reduce Video Size
- O365 – Change Default Reply All to Reply
- O365- Hide Users in Global Address List
- O365 – Set Default Language and TimeZone
- Print Servers – Set Printer IP in Comments
- Print Servers – Set Printer Deployment Group Descriptions
- SCCM – Remove Disabled/Deleted Computers
- SCCM – Remove Computers from OSD Groups after deployment
- SCCM – Sync Collections to AD Security Groups
Those are the main tasks that keep our environment humming along. What automatic tasks do you use?