Error with credentials and schedules.ps1

Product: PowerShell Universal
Version: 2.10.0
Logfile level: debug


there still seems to be some kind of problem with the credentials. We changed our service account to a gMSA which has been added to “Protected Users”. Everything seems to work fine on first glance, REST works and most scripts work when run manually. But one of our Schedules would not load from schedules.ps1 and another one would not run anymore.
Our schedules.ps1 looks like this:

New-PSUSchedule -Cron "55 23 * * *" -Script "Test-ExpiringADAccounts.ps1" -TimeZone "System Default" -Credential "TU, Exchange Information" -Environment "Windows PowerShell 5.1" -Name "Test-ExpiringADAccounts" 
New-PSUSchedule -Cron "*/10 * * * *" -Script "Test-Creds.ps1" -TimeZone "System Default" -Credential "TU, Exchange Information" -adCred 'DBD-ADSTAGE-SVC-PSU' -ExchangeTargetServer 'adstage-ex03.FQDN' -Name "Test" -Environment "Windows PowerShell 5.1" 

The first one was created before the update to 2.10 and is shown in the “Schedules” tab.
The second one throws this error which is only visible in the notification bell, not in the logfile and it isn’t shown in the Schedules tab.

The first schedule throws an error when running on schedule with no entry in the logfile.

This is most likely related to changing the account to gMSA but still an error.

The gMSA has been configured according to and been added to local administrators as stated in Script run fails when using gMSA for PSU service - #8 by adam.

Is there anything we can do to fix this or do we have to wait for an update or even roll back to a previous version of PU?



I’ll have to investigate this one. I’m not sure why you couldn’t pass a credential in this way. I doubt it has to do with how you are running the service unless this credential isnt accessible any more because the user account changed.

If you view the Variables page there will be an icon next to any secrets that are referenced in PSU but don’t exist in the vault.

I also opened an issue for this here.

I thought using ‘Run as’ when running PSU in anything but system, wouldn’t work?

It works if you configure the account privileges correctly as @sven has posted in this link → Running as a Service Account - PowerShell Universal

I can reproduce the first issue with the schedule failing to run as another user. It seems like the process may be starting and stopping.

I need to look into the second issue since that may be a bug in PSU.

1 Like

ooooh I missed that that was changed. thanks!

Edit. didn’t miss it, forgot that people host outside iis :smiley:

any updates? a hotfix or rollback to a previous version that helps get it running again?