Hello,
I am having a few issues promoting a brand new 2012 Std server to a domain controller. The OS is freshly installed with (almost) nothing else installed or added.
I have installed AD DS from roles and features, and it installed successfully. When I run the deployment configuration I am experiencing two issues. The first, is I get a warning that says "DNS cannot be installed on this domain controller because this domain does not host DNS." There are two other domain controllers, both running AD integrated DNS. After some searching, I found threads where people added the DNS zone afterwards and it worked fine. ALso of note, when I first started the wizard, it said it was not able to install DNS, so I manually added the role. Hence the almost from above.
The second error I am experiencing is more critical. I am getting the error message "Verification of prerequisites for Active Directory preperation failed. The specified user does not have SeSecurityPrivilegeEnabled." It will not let me continue.
The account I am using is my domain account which is a member of Domain, Enterprise and Schema admins. Our domain domain and forest functional level is 2008 R2.
When I searched on this error, it said to ensure the account had Manage Auditing and Security Log privileges. The account is a member of the local admin group which is listed in the local policy. Of note, the policy was defined by a GPO with domain admins (and a service account) added in. While my account still should have had permission, I moved the server to an OU that blocks policy inheritance, ran gpupdate, and restarted. Still no luck. I also created a new user, added to the enterprise and schema admins, and am still experiencing this problem.
I seem to have exhausted all efforts, short of scrapping this server and starting over. I also did not try through PowerShell as I don't think it will produce a different result.
Really stuck on this, any help is much appreciated.
Thanks,
Chris