I've got an interesting problem that I'm hoping someone has seen before...
Mixed Domain Controller Environment: W2K3 & W2K8R2
Domain Functional Level: Windows Server 2003
Forest Functional Level: Windows Server 2003
I have a MDT Task Sequence in my SCCM 2012 Environment. When the deployed computer attempts to join the domain if it connects to a W2K8R2 DC it will join no problem, if it connects to a W2K3 DC I get the following error in the NetSetup.log:
07/25/2013 07:14:26:818 NetpMapGetLdapExtendedError: Parsed [0x5] from server extended error string: 00000005: SecErr: DSID-03151E04, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
I have created a Windows 7 OU and assigned the following permissions to the Service Accounts so I'm pretty sure it isn't a permissions issue:
Scope: This object and all descendant objects
- Create Computer objects
- Delete Computer objects
Scope: Descendant Computer objects
- Read All Properties
- Write All Properties
- Read Permissions
- Modify Permissions
- Change Password
- Reset Password
- Validated write to DNS host name
- Validated write to service principal name
Hoping someone has seen this before or has an idea of where to go from here.
Chris