Install Network Device Enrollment Service on 2012 Domain Controller

Hi All. I have a 2012 server that is a domain controller in my environment. It is also the Certificate Authority for my domain as well. All of the CA components are installed and working except for NDES. When I go to configure it and specify the service account I want to use for the NDES service, it tells me: "Logon failure: the user has not been granted the requested logon type at this computer". I have added the account in question to the IIS_IUSRS group located under Builtin (I am not sure if that is where it is supposed to go. It says to add it to the local group of that name but as it is a DC, this is the one I think its supposed to be. Am I right?). Also, the SPN has been created for this account as well and that completed successfully. Can anyone tell me what else I should try? Thanks.
fwpioAsked:
Who is Participating?
 
Meir RivkinConnect With a Mentor Full stack Software EngineerCommented:
0
 
fwpioAuthor Commented:
Awesome!  Yep, thats what I needed.  Thanks much!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.