Description
When running SCCM related Orchestration activities, below error might be received:
Authentication failure with the local MID server service credential.
Troubleshooting
The issue is usually caused by PSDrive CMSite not available on Target SCCM Server.
To fix this, use the SCCM credential to log into the SCCM Server and connect via Windows PowerShell from the System Center Configuration Manager console.
Once this is done, the PSDrive is created for the credential after the ConfigurationManager module is loaded.
This requirement is documented in below product doc:
Create Windows credentials for SCCM deployments
To confirm this, or to find out what exactly is happening, below steps can be used:
(Note: the testing scripts are created from MID Server script: credentials.psm1, under function testCredentialSCCM )
Create an ECC with below attributes:
Topic: Powershell
Name: anything
Source: Target SCCM Server
Queue: Output
State: Ready
Payload:
<?xml version="1.0" encoding="UTF-8"?><parameters><parameter name="script.ps1" value="$cred.username;$session = new-pssession -computername $computer -configurationName Microsoft.PowerShell32 -credential $cred; invoke-command -session $session -scriptblock {import-module -name "$(split-path $env:SMS_ADMIN_UI_PATH)\ConfigurationManager.psd1";get-module;get-psdrive};remove-pssession $session;"/></parameters>
Once the output ECC is processed, in the input ECC, confirm:
1. The credential used is correct (credential username is showing in the first line of the result. Not included in the screenshot below for confidential reasons)
2: The module ConfigurationManager is loaded
3: Drive with Provider "CMSite" is not in the result
(Side note: the credential picked will be the windows credential that has lowest order value and has passed wmi query to target. If it's not the SCCM credential, adjust the order or make other credentials inactive)
Below is a sample screenshot of the result in input ECC that doesn't have CMSite, which means it's not loaded correctly. (result partially removed for confidential reasons)
===
Alternatively, you can direct customer to do below:
On Target SCCM Server, run below command:
Import-Module -Name "$(split-path $Env:SMS_ADMIN_UI_PATH)\ConfigurationManager.psd1"
Get-PSDrive -PSProvider CMSite
It might say:
Cannot find a provider with the name 'CMSite'
Applicable Versions
Kingston