Translation: Fail Whale for SQL Server Management Studio and Central Management Server for Policy Based Managment using PowerShell…. lol simple eh?
So this is a Microsoft Connect Item in the making…
I had created a PowerShell script to run a bunch of policies against a list of servers that I defined in a ServerList.txt file. I decided that I didn’t like the idea of needing to maintain a text file and instead of storing the Instance Names in a table somewhere I decided to hook into the Central Managment Server.
So I logged into the server that is currently running the SQL Server Agent job that was doing all this using a ServerList.txt file. I changed the PowerShell Script to point to my CMS server instead and ran the .ps1 directly on the server using “sqlps F:\PBM\EvaluatePolicies.ps1”. The script ran as expected, used my CMS server, and everything was tickidyboo. Or so I thought….
I decided to do my final check and run the SQL Server Agent job itself… and it failed.
Hmmmm that’s weird… so I confirmed that the SQL Server Agent account had access to the CMS server and even granted it explicit sysadmin rights (just for my troubleshooting).
I started tweeting about the problem and got some immediate advice from @afernandez, @russjohnson, @wendy_dance, and @SQLChicken. While none of the advice solved my problem it was great to have some other “eyes” reading my problem and confirming the stuff that I had already thought of and tested.
The SQL Server Agent Service Account is a secure account that I don’t even have access or the password for so I asked for some help from one of our Server Admins for my troubleshooting… he logged into the server for me and I tried to run the ps1 file….
So I opened up SSMS and checked if I could connect to the CMS directly….
SOLUTION: In order to use a PowerShell script to connect to the Central Management Server using the SQL Server Agent the service account that SQL Server Agent is running under must REGISTER the CMS Server through SSMS on the Server that is running the job.
Did you get all that…. because I had never Remote Desktopped onto the Server using the SQL Server Agent service account and Registered the CMS Server in SSMS using that account when I tried to access the CMS Server through my PowerShell script it failed.
I registered the CMS Server using the SQL Server Agent Service Account and everything started sizzling like bacon on a hot pan.