If you’re developing a Windows application that needs to run continuously in the background, you might initially consider using Electron’s app.setLoginItemSettings to add the app to the startup list. However, this approach only launches the app when a user logs in after a machine restart. This becomes problematic for machines used as local servers, which often undergo automatic restarts for reasons like security patch updates without requiring a user to log in. In such cases, app.setLoginItemSettings won’t suffice for relaunching the app automatically.
To address this limitation, I recommend using Windows Task Scheduler. Unlike the startup app list, Task Scheduler enables your application to run even when no user is logged into the machine. This guide will walk you through the process of setting up your Electron app to launch automatically at machine startup using Task Scheduler.
Why Task Scheduler?
Task Scheduler enables you to initiate tasks based on different triggers, including system startup. Unlike the startup app list, Task Scheduler allows your application to run even if no user logs into the machine.
Creating a Task through the Task Scheduler UI
- Open Task Scheduler: Search for “Task Scheduler” in the Start menu and open it.
- Create New Task: Navigate to “Create Task…” to bring up the “Create Task” window.
- General Settings: In the “General” tab, name your task and choose “Run whether user is logged on or not.”
- Set Trigger: Move to the “Trigger” tab, click “New…” and set the trigger to “At startup.”
- Define Action: In the “Action” tab, select “Start a Program,” browse for your Electron app’s executable file, and select it.
- Additional Settings: Adjust any other settings as required.
- Save and Confirm: Click “OK,” and enter the password for the user account you wish to run the task under.
Testing Your Task Manually
Once the task is created, you can test it by right-clicking on the task and selecting “Run”. The task’s activity can be monitored under the “History” tab in Task Scheduler.
Unlike launching your app by double-clicking the executable file, initiating your app using the task scheduler will not display the app’s window. However, the app’s operation can be verified as it runs as a background process visible in the task manager.
To terminate your app, you will need to end the process via the task manager.
Running the Task as the SYSTEM User
For our app to perform, we do not want it to be bound to a specific user account, so ideally we want to run the task as the SYSTEM USER.
To do this, we need to change the user account that the task runs as. When creating a new task, follow the same steps from the previous section, but change the user in the “General” tab:
- in the “Security Options” section, click “Change User or Group…”.
- In the “Select User or Group” window, enter “SYSTEM” in the “Enter the object name to select” field, and click “Check Names”. This should change the name to “SYSTEM”.
- Click “OK” to select the user. You might see the user is labelled as “NT AUTHORITY\SYSTEM”, which is the name of the system user.
Why SYSTEM User?
The SYSTEM user, also known as “LocalSystem”, is a special user account used by the Windows operating system. This account has the highest level of permissions and it has full access to the system, more than any administrative user. It is used by the system to run services and tasks that require maximum privileges.
In our case, running our app as the SYSTEM user is beneficial because it allows the app to run with the highest level of permissions, which can be necessary for certain operations that the app may need to perform. Furthermore, running the app as the SYSTEM user ensures that the app can run at startup, regardless of whether a user is logged in or not.
What is NT AUTHORITY\SYSTEM?
The name “NT AUTHORITY\SYSTEM” is the full name of the SYSTEM user account. “NT AUTHORITY” is a Windows security identifier that represents the authority that services running on the Windows operating system have. It is used in the security identifier for several system accounts, including the SYSTEM user account. The “SYSTEM” part of the name represents the SYSTEM user account itself.
Limitations of SYSTEM User
Running your Electron app as the SYSTEM user has some limitations. The main limitation is that the app will not be able to render it’s window. This is because the SYSTEM user does not have access to the desktop, which is required for rendering the window. This means that you will not be able to use the app’s UI. However, the app will still be able to perform other operations, such as communicating with the server, etc. Another limitation is that the app will not be able to access the user’s files, such as the user’s documents, pictures, etc. This is because the SYSTEM user does not have access to the user’s files.
Create Task Using Command Line
We can create a task using the Task Scheduler UI, but we need to create a task using the command line, so that we can automate the process of creating the task. We can use the schtasks command to create a task. The command to create a task is as follows:
SCHTASKS /CREATE /SC ONSTART /TN "task name" /TR "path-to-your-app" /RU "NT AUTHORITY\SYSTEM" /RL HIGHEST
Remember to run your cmd as administrator, and another benefit of using the command line is that it does not requires you to enter the password, which will be useful when sometimes you are setting your app on a machine that you do not have the password for.
