Yes you need to be EA to add DC in ad as there are some object writtn to
configuration section of AD that needs EA permissions for this to be
possible.
--
Regards
Matjaz Ladava, MCSA, MCSE, MCT, MVP
Microsoft MVP Windows Server - Active Directory
(E-Mail Removed),
(E-Mail Removed)
"Nwtest" <(E-Mail Removed)> wrote in message
news:187e301c41aeb$94822390$(E-Mail Removed)...
>
> I tried your feedback but no luck.Can at least abybody
> give me another workaround.
>
> Do I need an Enterprise admins to add a DC i'm on a child
> domain model.
>
>
>>-----Original Message-----
>>http://support.microsoft.com/?kbid=232070 and
>>http://support.microsoft.com/?kbid=250874
>>
>>always do the trick
>>
>>--
>>
>>Regards
>>
>>Matjaz Ladava, MCSA, MCSE, MCT, MVP
>>Microsoft MVP Windows Server - Active Directory
>>(E-Mail Removed), (E-Mail Removed)
>>
>>
>>
>>"nwtest" <(E-Mail Removed)> wrote in
> message
>>news:175f401c418c5$db9cd950$(E-Mail Removed)...
>>>
>>> I'm running out of idea on this issue can somebody
>>> assist.I'm kinda of Stuck on this problem now!
>>>
>>>
>>> I'm trying to add a DC in my AD child domain setup. I
> have
>>> already 3 DCs and all working fine. When I promote and
> run
>>> DCpromo in a member server I got this error
>>> "The Operation Failed: Failed to modify the necessary
>>> properties for the machine account my.computer$
>>> Access Denied."
>>>
>>> I tried all work arounds like:
>>> - rename server put it in Workgroup run DCpromo again
>>> same!
>>> - Ensure that my DNS and Zone copy is installed in the
>>> server to be promoted
>>> - Check all TCP/IP settings connectivity, comunications
>>> channel etc no luck!
>>> -Verify Default Domain controllers Policy and ensure
>>> Administrators are in access to this computer; Esnure
>>> Admins are member of Enable trusted this computer for
>>> delegation(according to Microsoft), Ensures all
>>> replicated NO LUCK Still.
>>>
>>> Can somebody provide an Idea to fix this problem.
>>> thanks
>>>
>>
>>
>>.
>>
Similar Threads
