2.5.6 Principal Schema Part

If present, this field specifies the identity used as security principal for the task's execution context. For information about the elements in the Action group, see section 2.5.7.

 <!-- Principal -->
 <xs:complexType name="principalType">
       <xs:element name="UserId" type="nonEmptyString" minOccurs="0"/>
       <xs:element name= "LogonType " type= "logonType " 
       minOccurs= "0 "/>
       <xs:element name="GroupId" type="nonEmptyString" minOccurs="0"/>
       <xs:element name="DisplayName" type="xs:string" minOccurs="0"/>
       <xs:element name="RunLevel" type="runLevelType" minOccurs="0"/>
 <!-- begin v1.3 only -->
       <xs:element name="ProcessTokenSidType" type="processTokenSidType" minOccurs="0" maxOccurs="1"/>
       <xs:element name="RequiredPrivileges" type="requiredPrivilegesType" minOccurs="0" />
 <!-- end v1.3 only -->
    <xs:attribute name="id" type="xs:ID" use="optional"/>
 <xs:simpleType name="logonType">
    <xs:restriction base="xs:string">
       <xs:enumeration value="S4U"/>
       <xs:enumeration value="Password"/>
       <xs:enumeration value="InteractiveToken"/>
       <xs:enumeration value="InteractiveTokenOrPassword"/>
       <!-- for backward compatibility -->
 <xs:simpleType name="runLevelType">
     <xs:restriction base="xs:string">
       <xs:enumeration value="LeastPrivilege"/>
       <xs:enumeration value="HighestAvailable"/>
 <!-- begin v1.3 only -->
 <xs:simpleType name="processTokenSidType">
     <xs:restriction base="xs:string">
       <xs:enumeration value="None" />
       <xs:enumeration value="Unrestricted" />
 <xs:complexType name="requiredPrivilegesType">
       <xs:element name="Privilege" type="privilegeType" minOccurs="1" maxOccurs="64"/>
 <xs:simpleType name="privilegeType">
     <xs:restriction base="xs:string">
       <xs:enumeration value="SeCreateTokenPrivilege" />
       <xs:enumeration value="SeAssignPrimaryTokenPrivilege" />
       <xs:enumeration value="SeLockMemoryPrivilege" />
       <xs:enumeration value="SeIncreaseQuotaPrivilege" />
       <xs:enumeration value="SeUnsolicitedInputPrivilege" />
       <xs:enumeration value="SeMachineAccountPrivilege" />
       <xs:enumeration value="SeTcbPrivilege" />
       <xs:enumeration value="SeSecurityPrivilege" />
       <xs:enumeration value="SeTakeOwnershipPrivilege" />
       <xs:enumeration value="SeLoadDriverPrivilege" />
       <xs:enumeration value="SeSystemProfilePrivilege" />
       <xs:enumeration value="SeSystemtimePrivilege" />
       <xs:enumeration value="SeProfileSingleProcessPrivilege" />
       <xs:enumeration value="SeIncreaseBasePriorityPrivilege" />
       <xs:enumeration value="SeCreatePagefilePrivilege" />
       <xs:enumeration value="SeCreatePermanentPrivilege" />
       <xs:enumeration value="SeBackupPrivilege" />
       <xs:enumeration value="SeRestorePrivilege" />
       <xs:enumeration value="SeShutdownPrivilege" />
       <xs:enumeration value="SeDebugPrivilege" />
       <xs:enumeration value="SeAuditPrivilege" />
       <xs:enumeration value="SeSystemEnvironmentPrivilege" />
       <xs:enumeration value="SeChangeNotifyPrivilege" />
       <xs:enumeration value="SeRemoteShutdownPrivilege" />
       <xs:enumeration value="SeUndockPrivilege" />
       <xs:enumeration value="SeSyncAgentPrivilege" />
       <xs:enumeration value="SeEnableDelegationPrivilege" />
       <xs:enumeration value="SeManageVolumePrivilege" />
       <xs:enumeration value="SeImpersonatePrivilege" />
       <xs:enumeration value="SeCreateGlobalPrivilege" />
       <xs:enumeration value="SeTrustedCredManAccessPrivilege" />
       <xs:enumeration value="SeRelabelPrivilege" />
       <xs:enumeration value="SeIncreaseWorkingSetPrivilege" />
       <xs:enumeration value="SeTimeZonePrivilege" />
       <xs:enumeration value="SeCreateSymbolicLinkPrivilege" />
 <!-- end v1.3 only -->

UserId: If present, this field contains the principal for running the task. It contains the account name specified in one of the following forms:

  • NetBIOS or fully qualified domain name (FQDN) domain\username

  • UPN username@domain

  • ".\username" which specifies a user on the local machine.

  • "LOCAL SYSTEM", "NETWORK SERVICE", or "LOCAL SERVICE", in which case the task will run under one of those computer-reserved accounts.

  • The SID string for the user's account, as defined in [MS-DTYP] section

LogonType: If present, this field contains one of the following strings:

  • S4U: Specifies that the task can run non-interactively. The password is not saved.

  • Password: Specifies that the task can run non-interactively.

  • InteractiveToken: Specifies that the task can run interactively using the credentials of the currently logged-on user.

  • InteractiveTokenOrPassword: Specifies that the task can run interactively if the user is logged-on and non-interactively if the user is logged-off.

GroupId: If present, this field contains a security group id, either local or centrally specified in Active Directory. The task can be triggered for each user in the specified security group.

Note The multiple instance policy can affect the actual start of the task. See MultipleInstancesPolicy (section

DisplayName: If present, this field contains a friendly (descriptive) name of the principal. This field is present to provide a short, human-readable description of the principal identity.

RunLevel: If present, this field contains one of the following strings:

  • LeastPrivilege: Specifies that the task can run with least privileges allowed for the user.

  • HighestAvailable: Specifies that the task can run with highest privileges allowed for the user.

ProcessTokenSidType: If present, the ProcessTokenSidType field contains one of the following strings:

  • None: Specifies that the task runs in a process that does not contain a process token SID.

  • Unrestricted: Specifies that the task runs in a process that has an unrestricted process token SID.

If the ProcessTokenSidType field is present, validation occurs ensuring that UserId contains the name or the corresponding SID string for one of those computer-reserved accounts: "NETWORK SERVICE" or "LOCAL SERVICE".

RequiredPrivileges: If present, the RequiredPrivileges field contains at least one and a maximum of 64 <Privilege> elements with the following strings.

These values represent the set of privileges needed to run the task.

  • "SeCreateTokenPrivilege"

  • "SeAssignPrimaryTokenPrivilege"

  • "SeLockMemoryPrivilege"

  • "SeIncreaseQuotaPrivilege"

  • "SeUnsolicitedInputPrivilege"

  • "SeMachineAccountPrivilege"

  • "SeTcbPrivilege"

  • "SeSecurityPrivilege"

  • "SeTakeOwnershipPrivilege"

  • "SeLoadDriverPrivilege"

  • "SeSystemProfilePrivilege"

  • "SeSystemtimePrivilege"

  • "SeProfileSingleProcessPrivilege"

  • "SeIncreaseBasePriorityPrivilege"

  • "SeCreatePagefilePrivilege"

  • "SeCreatePermanentPrivilege"

  • "SeBackupPrivilege"

  • "SeRestorePrivilege"

  • "SeShutdownPrivilege"

  • "SeDebugPrivilege"

  • "SeAuditPrivilege"

  • "SeSystemEnvironmentPrivilege"

  • "SeChangeNotifyPrivilege"

  • "SeRemoteShutdownPrivilege"

  • "SeUndockPrivilege"

  • "SeSyncAgentPrivilege"

  • "SeEnableDelegationPrivilege"

  • "SeManageVolumePrivilege"

  • "SeImpersonatePrivilege"

  • "SeCreateGlobalPrivilege"

  • "SeTrustedCredManAccessPrivilege"

  • "SeRelabelPrivilege"

  • "SeIncreaseWorkingSetPrivilege"

  • "SeTimeZonePrivilege"

  • "SeCreateSymbolicLinkPrivilege"

If the RequiredPrivileges field is present, the task runs in a process that has a token with a superset of privileges as the one specified in the task definition.

Id attribute:  If present, this field contains a user-selected identifier as specified in section 2.2, allowing the credential to be referenced elsewhere in the task body. This ID is unique in the context of the task.