I cannot register IAS server in AD

AforeverAforever Member Posts: 13 ■□□□□□□□□□
Hi everyone.
I have configure an IAS server. However, when I tried to register this IAS server in active directory, I'm getting the following error:

The task was not completed.You may not have sufficient priviledges to perform this task....check with your network administrator.

I logged on the IAS server as Administrator, of course.
Can someone help me please!!!
Thanks in advance.

Comments

  • UncleCidUncleCid Member Posts: 66 ■■□□□□□□□□
    Aforever wrote: »
    Hi everyone.
    I have configure an IAS server. However, when I tried to register this IAS server in active directory, I'm getting the following error:

    The task was not completed.You may not have sufficient priviledges to perform this task....check with your network administrator.

    I logged on the IAS server as Administrator, of course.
    Can someone help me please!!!
    Thanks in advance.

    Are you logged in as a Domain Admin or the Enterprise Admin?
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    Is your IAS server a DC, a member server, or a stand-alone server? As UncleCid said, what is the group membership of the account you're logging in as? I believe you have to be at least a domain admin.
  • AforeverAforever Member Posts: 13 ■□□□□□□□□□
    My account is member of the Domain and Enterprise Administrators. My IAS Server is a member server of my DC.
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    Anything in the event logs of the IAS server or the DC?
  • AforeverAforever Member Posts: 13 ■□□□□□□□□□
    This particular error was not recorded in the Event Viewer of neither the IAS server nor the DC.
  • UncleCidUncleCid Member Posts: 66 ■■□□□□□□□□
    I hate to be the noob about this, but by registering are we saying that we are activating the server to start services? I'm not keen on what exactly is meant.
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    UncleCid wrote: »
    I hate to be the noob about this, but by registering are we saying that we are activating the server to start services? I'm not keen on what exactly is meant.

    Enable the IAS server to read user accounts in Active Directory: Internet Authentication Service (IAS)



    Try running dcdiag to see if there are any problems with your DC. This is a pretty straight forward process. Also, try the command line equivalent from that link to see if you get any other information.
  • AforeverAforever Member Posts: 13 ■□□□□□□□□□
    I used the dcdiag command on the DC and no error was found. I tried to register the the IAS server by using the "netsh ras add registeredserver" command and I got the following message:
    Registration Failed. The specific domain either does not exist or could not be contacted.
    However, I can ping my DC from my IAS server which is a member server of my domain.
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    Have you configured IAS to point to your DC for DNS? Can you do other things that require communication with the DC, such as "run as"?

    Try netdiag and dcdiag on the IAS server as well.
  • motogpmanmotogpman Member Posts: 412
    Maybe there are some stale DNS entries causing this, naming issues with this particular server in AD. Is this on a VM? Is this being installed on a demoted DC? Sites and services records?

    We had a similar issue, same exact error that you wrote. We had to dcpromo (demote to a FP server), remove AD entries from domain, rejoin...voila. IIS was installed on the server as well. Our DNS is real laggy....don't ask ( design is horrible, trying to fix), but it took awhile for the server to recognize due to replication issues/joining the doamin.
    -WIP- (70-294 and 297)

    Once MCSE 2k3 completed:

    WGU: BS in IT, Design/Management

    Finish MCITP:EA, CCNA, PMP by end of 2012

    After that, take a much needed vacation!!!!!
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    Yea, I googled this a bit, and the solution I found was to demote and repromote. There should be a better way around that though.
  • AforeverAforever Member Posts: 13 ■□□□□□□□□□
    I should point out that I'm working on VMs. My DNS is correctly configured and I also flushed the cache. I have also demote and repromote my DC. The problem is still unsolved!!!!!
  • AforeverAforever Member Posts: 13 ■□□□□□□□□□
    Yes, I got it. I logged on the IAS server locally. INDEED, I SHOULD HAVE LOGGED ON THE DOMAIN!!!!! That's why I could not register in AD.
    When you join a server to the Domain, at "log on windows", don't forget to click on "options". By default, this member server will log on the local server itself. You should select the domain and then log on. icon_cheers.gif
  • AforeverAforever Member Posts: 13 ■□□□□□□□□□
    Thanks everyone for your help, especially DYNAMIK.
Sign In or Register to comment.