When creating a new PVS farm by running configuration wizard, and selecting option to register the PVS server with a CVAD farm, configuration wizard returns an error:

The current user needs to be a Machine catalog Administrator or higher on the Citrix Virtual Desktops Controller at "servername". Error fetching current user's permissions.

Troubleshooting:

1. The first action when encountering this message about "Insufficient Privileges" should be to execute the CVAD PowerShell command "Get-AdminEffectiveRight" on the PVS server where PVS Configuration Wizard is failing, against the DDC specified when running Configuration Wizard. 
   • This tests that communication is open between PVS server and the DDC and ensures the account running Configuration Wizard has required permissions on the CVAD farm.
2. In this case running the command "Get-AdminEffectiveRight" on the pvs server the effective rights were successfully returned, showing communication between PVS server and DDC was working correctly, and showing the user had sufficient privileges on the CVAD farm.
3. PVS Configuration Wizard logging was then retrieved from the PVS server, location "C:\ProgramData\Citrix\Provisioning Services\ConfigWizard.log"), and reviewed. This logging showed an issue when running Import-Module Citrix.DelegatedAdmin.Commands.
4. Manually running this command directly in PowerShell showed the failure occurred due to PowerShell execution policies preventing execution of unsigned scripts.
5. PowerShell execution policy was checked on the customers PVS server by running the command "Get-ExecutionPolicy", this returned "AllSigned"
   • The customer checked confirmed their environment set this PowerShell execution policy of "AllSigned" via Group Policy.

• Workaround 1: Temporarily disable policy on the PVS servers which requires all PowerShell files to be digitally signed. This only needs to be completed the first time Configuration Wizard is run when selecting the option to register the PVS server with a CVAD farm.
• Workaround 2: Do not register the PVS server with a CVAD farm. However CVAD farm registration currently is required for CVAD WebStudio creation of PVS targets. Workaround 2 is only valid if you do not intend to use CVAD WebStudio creation of PVS targets (for example if using CVAD Setup Wizard only for PVS target device creation). 

Problem Cause

• PVS 2402 and all versions above when running running Configuration Wizard, and selecting the option to register the PVS server with a CVAD farm, will execute Import-Module Citrix.DelegatedAdmin.Commands. 
• The customers environment has GPOs configured which sets PowerShell execution policy to "AllSigned". This prevented Import-Module Citrix.DelegatedAdmin.Commands executing correctly as it attempted to run an unsigned PowerShell command.
• Citrix engineering will address this issue in a future release.