With SCOM 2019, Service Accounts can now be Group Managed service accounts. Potentially, this means that they will authenticate to remote servers as the machine name. Consider adding a Run As profile to the MP and running the scripts as the Run As profile. Examples:
If the admin does not assign an account to the profile, then nothing changes (it will run as the default). The account should be a member of the SCOM Admins group, but it might be enough to be a member of an advanced operators group.
hmscott4
commented
3 years ago
With SCOM 2019, Service Accounts can now be Group Managed service accounts. Potentially, this means that they will authenticate to remote servers as the machine name. Consider adding a Run As profile to the MP and running the scripts as the Run As profile. Examples:
If the admin does not assign an account to the profile, then nothing changes (it will run as the default). The account should be a member of the SCOM Admins group, but it might be enough to be a member of an advanced operators group.