I am attempting to run some powershell scripts that update membership of groups based on role attribute on users, then also grabs members of some groups and updates other groups with these members.
I've delegated access through "security" to give this service account write:member and write:memberof for the Groups OU and write:memberof for the OUs containing the user accounts.
I've updated my Default Domain Policy to give this service account Log On As Batch Job permissions.
The scheduled task is running from a Domain Controller.
When I attempt to run the task as the service account I receive the following:
Task Scheduler failed to start "\SITE Role Membership" task for user "DOMAIN\GroupScripts$". Additional Data: Error Value: 2147943785.
What am I missing here?