Solved

You do not have administrative privileges on the server 'servername' ?

Posted on 2014-01-15
9
3,726 Views
Last Modified: 2014-01-23
Good morning EE's,

I would like to post a question which i really expecting a solution.

I got 2 domain in one single forest.

Domain 1: hg.corp
Domain 2: iac.corp (iac.corp is a tree domain under hg.corp forest)
Trust : Transitive trust between hg.corp and iac.corp

Domain controller 1: dc.hg.corp (for hg.corp)
Domain controller 2: iacdc.iac.corp (for iac.corp)

I want to make a Fail-over cluster between this 2 domain controllers ( But both are in different domain literally, but in same forest )

Process Validate cluster in dc.hg.corp
dc.hg.corp can added, but iacdc.iac.corp failed (Error: You do not have administrative privilages on the server 'iacdc')

Process Validate cluster in iacdc.iac.corp
iacdc.iac.corp can added, but dc.hg.corp failed (Error: You do not have administrative privilages on the server 'dc.hg.corp')

EE's please provide me a solution for this issue, So i can reduce server box counts.

Thank you
Shamil
hg.jpg
iac.jpg
0
Comment
Question by:Shamil Mohamed
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 37

Expert Comment

by:Mahesh
ID: 39784680
In reality domain controllers high availability shouldn't be build with failover cluster.

You can have each domain ADC each within every site to get redundency and clients must be having preferred and alternate DNS servers set in tcp/ip so that if primary server gone down, secondary will take care of that.

Mahesh
0
 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39784923
I tried this scenario with with ad joined nodes also as a test.. Scenarios as below.

Cluster node 1: member01.hg.corp
Cluster node 2: member01.iac.corp

But it ends up with same isssue as "You do not have administrative privileges on the server".

I look forward to a solution. Kindly provide some ideas please.
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39784958
Ok
Does your domain account you used to logon on member servers is member of local administrator on both servers ?
The requirement is that whatever user is logged on to the cluster nodes to run validation must be a local admin on each node in that cluster.

Does remote registry and server service is running on both servers ?
If not please start it
Also disable firewll completely on both servers by running below command in elevated command prompt
netsh advfirewall set allprofiles state off

Mahesh
0
Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39785042
I logged in with domain administrators only.
0
 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39785114
Bro i rectified this my adding parent domain administrator to tree domain controller local administrator group with below mentioned command:

net localgroup administrators hg.corp\administrator /add

Once after the cluster validation will update... thank youuuuu.....

-
Shamil
0
 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39785138
Hi,

I came up with an error once after adding the nodes from different domains as attached picture.

Please help me in this.

Thank you.
Shamil
TestSvr-01-2014-01-16-20-40-26.png
0
 
LVL 37

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39785931
It seems from screen shots that you are trying to add servers from different domains to a cluster which is just not supported
I can see you are trying to build cluster with domain controllers in different domains which is simply not required and not supported.
You must add member servers from same domain to cluster

This will not achieve any high availability since both domain controllers domain directory partition is different and this is not the way to achieve domain controllers HA

Please check my 1st comment for possible HA scenario

Mahesh
0
 
LVL 1

Author Comment

by:Shamil Mohamed
ID: 39803942
Thank you Mahesh.. thanks alot for your support..
Mahesh if you don't mind may I have your Skype ID. Thanks again.
-shamil
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39804022
Hi Shamil,

I am not using Skype

I am here on this forum to help.

Mahesh
0

Featured Post

How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This is an issue that we can get adding / removing permissions in the vCSA 6.0. We can also have issues searching for users / groups in the AD (using your identify sources). This is how one of the ways to handle this issues and fix it.
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question