Must be a member of : Domain Admins Enterprise Admins Schema Admins
Verify that the account you are running this with, is in those groups. Christopher Bodnar Enterprise Architect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459 3900 Burgess Place, Bethlehem, PA 18017 [email protected] The Guardian Life Insurance Company of America www.guardianlife.com From: John Cook <[email protected]> To: "[email protected]" <[email protected]> Date: 05/15/2014 03:59 PM Subject: [NTSysADM] Adding a 2012 R2 DC issue Sent by: [email protected] Hopefully someone can point me in the right direction as I’m finding nothing on the web. I’m trying to add a 2012 R2 domain controller and it fails at the ADPrep. Forest prep ran fine. The Domain is at 2008 R2 FFL and all other DC’s are 2008 R2. I’ve tried running it from the FSMO role holder as well with the same result. I’m running it with the Domain Admin account – there is none higher in our environment. I’ve set it to run against the FSMO DC as well as the soon to be retired DC in the local subnet. The error is ADPrep was unable to create the object CN=TPM Devices DC=ourdomain DC=local in Active Directory Domain Services. Adprep encountered an LDAP error. Error code: 0x32. Server extended error code: 0x5, Server error message: 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0 Any help is appreciated. John W. Cook Director of Network Operations Partnership For Strong Families 5950 NW 1st Place Gainesville, Fl 32607 Office (352) 244-1610 Cell (352) 215-6944 MCSE, MCP+I, MCTS, CompTIA A+, N+, Security + VSP4, VTSP4 CONFIDENTIALITY STATEMENT: The information transmitted, or contained or attached to or with this Notice is intended only for the person or entity to which it is addressed and may contain Protected Health Information (PHI), confidential and/or privileged material. Any review, transmission, dissemination, or other use of, and taking any action in reliance upon this information by persons or entities other than the intended recipient without the express written consent of the sender are prohibited. This information may be protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized use or disclosure of this information could result in civil and/or criminal penalties. Consider the environment. Please don't print this e-mail unless you really need to. ----------------------------------------- This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you.
