Powershell: Credential Failure on Off-Domain Boxes using New-PSDrive

In my environment, we have created a custom Powershell script that runs on a scheduled interval. The task does the following:

• Uses an on-domain service account to run as a scheduled task on the destination server (file server)
• Uses an off-domain account on a remote DMZ server that has access to a particular custom log repository, with modify rights
• Copies all files created in the past 14 days to a local folder, and deletes anything in the source directory older than 21 days
• Logs how many files were moved to what directories in a custom log in the destination directory

When setting up the script, we are consistently able to run it as designed, however we do encounter a strange set of errors on the source server. First, here is the code:

$UserName = 'Service-Account'
$Password = Get-Content 'C:\CredFile' | ConvertTo-SecureString
$ServiceCred = New-Object System.Management.Automation.PSCredential($UserName, $Password)
$SourceIP = 'x.x.x.x'
$SourceShare1 = 'SourceShare1'
$SourceShare2 = 'SourceShare2'
$DestPath1 = 'D:\Path1\'
$DestPath2 = 'D:\Path2\
$Log = 'D:\Log.log'
$LogDate = Get-Date
$DaysBack = "-21"
$DateToDelete = $LogDate.AddDays($Daysback)
    Try
    {
    New-PSDrive -Name "AppLogs" -PSProvider "FileSystem" -Root \\$SourceIP\$SourceShare1 -Credential $ServiceCred
    $Files1 = Get-ChildItem AppLogs:\* | Where-Object {$_.LastWriteTime -gt (Get-Date).AddDays(-14)} -Verbose
    Copy-Item $Files1 -Destination $DestPath1 -ErrorAction Stop -Force -Verbose
    Get-ChildItem -Path \\$SourceIP\$SourceShare1\* | Where-Object {$_.LastWriteTime -lt $DateToDelete } | Remove-Item -Recurse -Verbose
    $Files1Count = $Files1.Count
    "$Files1Count files were written to $DestPath1 on $LogDate." | Out-File -FilePath $Log -Append
    }
    Catch
    {
    "No files were written to $DestPath1 on $LogDate." | Out-File -FilePath $Log -Append
    }
    Try
    {
    New-PSDrive -Name "IISLogs" -PSProvider "FileSystem" -Root \\$SourceIP\$SourceShare2 -Credential $ServiceCred
    $Files2 = Get-ChildItem IISLogs:\* | Where-Object {$_.LastWriteTime -gt (Get-Date).AddDays(-14)}
    Copy-Item $Files2 -Destination $DestPath2 -ErrorAction Stop -Force -Verbose
    Get-ChildItem -Path \\$SourceIP\$SourceShare2\* | Where-Object {$_.LastWriteTime -lt $DateToDelete } | Remove-Item -Recurse -Verbose
    $Files2Count = $Files2.Count
    "$Files2Count files were written to $DestPath2 on $LogDate." | Out-File -FilePath $Log -Append
    }
    Catch
    {
    "No files were written to $DestPath2 on $LogDate." | Out-File -FilePath $Log -Append
    }

    Remove-PSDrive -Name AppLogs -Verbose
    Remove-PSDrive -Name IISLogs -Verbose

As you can see, we use New-PSDrive to perform the drive mounting. For some reason, on the off-domain machine (source) we get two errors consistently in the application logs, 4776 and 4625, indicating a NULL SID. We have tested this and it only occurs at the New-PSDrive command, indicating to me that despite calling the off-domain credentials specifically to execute this task, Powershell is still passing the credentials of the account running the task first, failing, then using the correct credentials and executing as expected. The strange thing about this error is that the error logging is returning a "Unknown user name or bad password" for the on-domain account we use to run the scheduled task, yet in the script we run New-PSDrive using the off-domain account only. We do not understand why, despite the script expressly using separate credentials, that the destination machine still attempts to use credentials it is running the task as. Despite these errors, the script executes successfully, as intended, despite these errors.

For the time being, we decided to create a mirrored local account on the destination server, which the task now runs as. This has alleviated these errors completely, however we would rather not have mirrored local accounts. Has anyone else encountered this situation, and if so is there a better way to approach it?