Discover SCCM workflow errors with "Authentication failure with the local MID server service credential" - Support and Troubleshooting

Discover SCCM workflow errors with "Authentication failure with the local MID server service credential" Issue  Symptoms Navigate to Client Software Distribution > SCCM Server Instances 2. Select the instance and click Discover Now UI Action 3. Navigate to Workflow Contexts and find the newly started Context The ecc queue input record will show the below error: Authentication failure with the local MID server service credential 2018-07-20 12:49:51 Tried Credential: name=SCCM Credentials, affinity: no, status=failed, sysid=67614c5e0f618b009fbe9bd692050e5b, username=#######, type=Windows, order=100&#13; 2018-07-20 12:49:55 Tried credential: MID service account, status=failed&#13;

The mid server log after enabling debug shows the following message:

07/23/18 14:11:09 (097) Worker-Standard:PowershellProbe DEBUG: Executing command: C:\Windows\Sysnative\WindowsPowerShell\v1.0\powershell.exe -executionpolicy unrestricted -noninteractive -nologo -noprofile -command "&amp; {&amp; 'scripts\PowerShell\PSScript.ps1' -computer '######' -script 'E:\Service-Now\#####\scripts\PowerShell\SCCM\GetApplications.ps1' 'use_mid_service_account' $false -useCred $true -ismid $false -isDiscovery $false -debug $true -logInfo $false; exit $LASTEXITCODE}"&#13; 07/23/18 14:11:09 (097) Worker-Standard:PowershellProbe DEBUG: With credential: ####&#13; 07/23/18 14:11:09 (097) Worker-Standard:PowershellProbe DEBUG: Thread name is Powershell is executing...&#13; 07/23/18 14:11:09 (581) Gobbling stdout: Powershell is executing... Gobbled: &#13; 07/23/18 14:11:09 (581) Gobbling stdout: Powershell is executing... Gobbled: testCredentialSCCM&#13; 07/23/18 14:11:09 (581) Gobbling stdout: Powershell is executing... Gobbled: testNoCredentialAccessSCCM&#13; 07/23/18 14:11:09 (581) Gobbling stdout: Powershell is executing... Gobbled: entered usecred calling testCredentialSCCM&#13; 07/23/18 14:11:09 (581) Gobbling stdout: Powershell is executing... Gobbled: Entered testCredentialSCCM&#13; 07/23/18 14:11:09 (612) Gobbling stdout: Powershell is executing... Gobbled: buildng cred object in getCredential function&#13; 07/23/18 14:11:09 (628) Gobbling stdout: Powershell is executing... Gobbled: returned from getCredential function call with cred object&#13; 07/23/18 14:11:09 (628) Gobbling stdout: Powershell is executing... Gobbled: new PSSession check done&#13; 07/23/18 14:11:09 (940) ConnectionCacheTickler Monitoring active connections&#13; 07/23/18 14:11:09 (956) Gobbling stdout: Powershell is executing... Gobbled: new session created&#13; 07/23/18 14:11:09 (956) Gobbling stdout: Powershell is executing... Gobbled: Session is not NULL&#13; 07/23/18 14:11:09 (972) Gobbling stdout: Powershell is executing... Gobbled: Invalid credential for SCCM, system exceptio&#13; 07/23/18 14:11:09 (987) Worker-Standard:PowershellProbe DEBUG: The exit value from waitFor() is 1&#13; 07/23/18 14:11:12 (056) Worker-Standard:PowershellProbe DEBUG: Execution status: failed&#13; 07/23/18 14:11:12 (056) Worker-Standard:PowershellProbe SEVERE *** ERROR *** Authentication failure with the user ####&#13; 07/23/18 14:11:12 (213) Worker-Standard:PowershellProbe DEBUG: Authentication failure(s) with available Windows credentials from the instance. Credentials tried: ####&#13; 07/23/18 14:11:12 (213) Worker-Standard:PowershellProbe DEBUG: Windows credentials all failed... Attempting to use the local MID server service credential.&#13; 07/23/18 14:11:12 (400) Worker-Standard:PowershellProbe DEBUG: Executing command: C:\Windows\Sysnative\WindowsPowerShell\v1.0\powershell.exe -executionpolicy unrestricted -noninteractive -nologo -noprofile -command "&amp; {&amp; 'scripts\PowerShell\PSScript.ps1' -computer 'J####' -script 'C:\Windows\TEMP\GetApplications.ps16618465176369652466.PS1' 'use_mid_service_account' $false -useCred $false -ismid $false -isDiscovery $false -debug $true -logInfo $false; exit $LASTEXITCODE}"&#13;

Cause In Kingston during the credential test stage, we create a powershell remote session using configuration microsoft.powershell32 from MID server to target SCCM server. Then we import the module ConfigurationManager.psd1, which will load PSDrive with provider "CMSite". If the execution policy is restricted then it will fail.

Resolution Verify that the execution policy is unrestricted on the SCCM server. You can do so by using the following command:

RDP session to SCCM server and try the below command: enter-pssession -computername servername -configurationname microsoft.powershell32 get-executionpolicy

If this shows restricted please change this to unrestricted. Inorder to do so use :set-executionpolicy unrestricted.

Also check:

Even though the environment variable appeared to be set in SCCM server, seems that it wasn't picked up. logging onto the SCCM host with that user and explicitly connecting a powershell session was the fix. There is a step that does similar ( https://docs.servicenow.com/bundle/quebec-servicenow-platform/page/product/orchestration/task/t-config-SCCM-deployment-manager.html) but is dependant on the user having access/knowing where the SCCM console can be kicked off from.