Good day! I’ve got a new instance of PowerShellUniversal that I have installed onto a new Windows Server. We have an existing production installation on a different server, but we’re migrating to the new server. On the production server, the PSU platform runs as a gMSA that we previously set up quite a while ago. Everything works properly on the existing production server.
I installed PSU on the new server, along with script dependancies, etc. I wanted to switch the running account for the PSU service to the gMSA before putting in the existing secrets, so I wouldn’t have to do the work twice. So I changed the running account in the services snap-in, and it started back up like normal. However, when I went to create a new secret variable, gone was the option to save the variable to the BuiltInLocalVault. The only option available was to save the variable to the database (which we do NOT want to do). The gMSA is properly installed on the server, tests correctly, has local administrator on the box, etc. If I let the platform run as the local system, the option for the BuiltInLocalVault is present.
I’m not sure exactly why we’re experiencing this issue. The gMSA is set up the same on both boxes. We don’t have GPO affecting who can acces the vault, etc. My organization pays for a subscription, but I am unable to open a ticket because my account for the support website has yet to be confirmed. Honestly, I’m not sure how long it takes, or if there is any other way to reach them. Anyway, has anyone else seen a similar issue before?