Solved

You do not have administrative privileges on the server 'servername' ?

Posted on 2014-01-15
9
3,987 Views
Last Modified: 2014-01-23
Good morning EE's,

I would like to post a question which i really expecting a solution.

I got 2 domain in one single forest.

Domain 1: hg.corp
Domain 2: iac.corp (iac.corp is a tree domain under hg.corp forest)
Trust : Transitive trust between hg.corp and iac.corp

Domain controller 1: dc.hg.corp (for hg.corp)
Domain controller 2: iacdc.iac.corp (for iac.corp)

I want to make a Fail-over cluster between this 2 domain controllers ( But both are in different domain literally, but in same forest )

Process Validate cluster in dc.hg.corp
dc.hg.corp can added, but iacdc.iac.corp failed (Error: You do not have administrative privilages on the server 'iacdc')

Process Validate cluster in iacdc.iac.corp
iacdc.iac.corp can added, but dc.hg.corp failed (Error: You do not have administrative privilages on the server 'dc.hg.corp')

EE's please provide me a solution for this issue, So i can reduce server box counts.

Thank you
Shamil
hg.jpg
iac.jpg
0
Comment
Question by:Shamil Mohamed
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 37

Expert Comment

by:Mahesh
ID: 39784680
In reality domain controllers high availability shouldn't be build with failover cluster.

You can have each domain ADC each within every site to get redundency and clients must be having preferred and alternate DNS servers set in tcp/ip so that if primary server gone down, secondary will take care of that.

Mahesh
0
 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39784923
I tried this scenario with with ad joined nodes also as a test.. Scenarios as below.

Cluster node 1: member01.hg.corp
Cluster node 2: member01.iac.corp

But it ends up with same isssue as "You do not have administrative privileges on the server".

I look forward to a solution. Kindly provide some ideas please.
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39784958
Ok
Does your domain account you used to logon on member servers is member of local administrator on both servers ?
The requirement is that whatever user is logged on to the cluster nodes to run validation must be a local admin on each node in that cluster.

Does remote registry and server service is running on both servers ?
If not please start it
Also disable firewll completely on both servers by running below command in elevated command prompt
netsh advfirewall set allprofiles state off

Mahesh
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39785042
I logged in with domain administrators only.
0
 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39785114
Bro i rectified this my adding parent domain administrator to tree domain controller local administrator group with below mentioned command:

net localgroup administrators hg.corp\administrator /add

Once after the cluster validation will update... thank youuuuu.....

-
Shamil
0
 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39785138
Hi,

I came up with an error once after adding the nodes from different domains as attached picture.

Please help me in this.

Thank you.
Shamil
TestSvr-01-2014-01-16-20-40-26.png
0
 
LVL 37

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39785931
It seems from screen shots that you are trying to add servers from different domains to a cluster which is just not supported
I can see you are trying to build cluster with domain controllers in different domains which is simply not required and not supported.
You must add member servers from same domain to cluster

This will not achieve any high availability since both domain controllers domain directory partition is different and this is not the way to achieve domain controllers HA

Please check my 1st comment for possible HA scenario

Mahesh
0
 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39803942
Thank you Mahesh.. thanks alot for your support..
Mahesh if you don't mind may I have your Skype ID. Thanks again.
-shamil
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39804022
Hi Shamil,

I am not using Skype

I am here on this forum to help.

Mahesh
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last article we focus in how to VMware: How to create and use VMs TAGs – Part 1 so before follow this article and perform the next tasks, you should read the first article how to create the TAG before using them in Veeam Backup Jobs.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question