The SCOM run as profiles is a collection of run as accounts and objects that they are targeted to.
You select to add a run as account and distribute it to either a Class, Group or Object.
This all works fine and well until you choose to make the distribution for the account more secure and do not select the computers where you want this account to be distributed.
I have seen customers choosing to distribute the account to all targeted objects and then not adding those in the distribution to the run as account.
This the runas profile configuration which you see when you click on the runas profiles.
This is the runas account distribution you see when you click on the run as accounts.
This particular alert will give you the account ssid which is causing the alerts.
If you do not want this account do be distributed you can close the alert and it wont appear until there is restart for the health service on the agent.
But if you don't want this, use the following script to find the account and then add the computer to it for distribution.
$SSID = "Enter the ssid from the alert here"
Get-RunAsAccount | Sort Name | % {$string = $null;$_.SecureStorageId | % { $string = $string + "{0:X2}" -f $_}
$RunAsAccountName = $_.Name
[string]$RunAsAccountSSID = $string
if ($SSID -match $RunAsAccountSSID) {write-host "The Run As Account is .. $RunAsAccountName"}
}
