Article ID: 130202, created on Jan 23, 2017, last review on Jan 23, 2017

  • Applies to:
  • Operations Automation

Symptoms

"Prepare node to PA agent installation" task fails:

Failed to execute command '/usr/local/pem/roles//AD_Domain/deploy_dc.cmd'. Check logs in 'c:\POA_Deploy' at host '192.0.2.2' for more details about the reasons of failure.

C:\POA_Deploy\sdc.txt contains the following message:

Check the log file ADPrep.log in the C:\Windows\debug\adprep\logs\20170117195019-test directory for possible cause of failure.
Adprep encountered an LDAP error.
Error code: 0x32. Server extended error code: 0x2098, Server error message: 00002098: SecErr: DSID-03151D7D, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

Cause

pem_admin domain user is not a member of Exchange Admins and Schema Admins AD groups.

Resolution

Add pem_admin user to Exchange Admins and Schema Admins groups on the primary domain controller.

Search Words

Adprep encountered an LDAP error.

INSUFF_ACCESS_RIGHTS

migrate domain controler

5356b422f65bdad1c3e9edca5d74a1ae caea8340e2d186a540518d08602aa065 e12cea1d47a3125d335d68e6d4e15e07

Email subscription for changes to this article
Save as PDF