Deception
Configuring Windows Task Scheduler to Enable Alerting
After you download the trigger script from the Zscaler Deception Admin Portal, you can import it to the Windows Task Scheduler to enable alerts for the Active Directory (AD) decoys.
Prerequisites
Make sure that the following prerequisites are met:
- You must have admin access to the AD domain controller to import the trigger script.
- All AD domain controllers must have access to the selected Decoy Connector on port 80 or the Deception Admin Portal on port 443.
Configuring Windows Task Scheduler to Enable Alerting
To configure the Task Scheduler:
Download the trigger script from the Deception Admin Portal.
The Windows system can block the trigger script, so you must unblock the script before importing it to the Task Scheduler.
- To unblock the trigger script, right-click on the script (.xml file) and select Properties.
In the Properties window on the General tab, select Unblock and click OK.
- Press the
Windows key+Ron your system. - In the Run window, enter
taskschd.msc, and then click OK to open the Task Scheduler. - In the left-side navigation, go to Task Scheduler Library.
In the Actions pane, click Import Task.
- Browse to select the trigger script (.xml file), then click Open.
In the Create Task window, select the latest available version of Windows from the Configure for drop-down menu for which you want to import the scheduled task, and click OK.
The trigger script is imported to the Task Scheduler.
You must import the trigger script into every domain controller in the AD domain.
