Logo

A required privilege is not held by the client – AD machineBuilding error

Problem 

Attempting to provision a Windows VM to Microsoft Active Directory 2016 Domain Controller (Microsoft Endpoint). vRO may display the following in the error log.

A required privilege is not held by the client – AD machineBuilding error

Affected Versions:

  • vRealize Automation 7.x


Cause

Microsoft User Account Control has a specific Security Policy that needs to be disabled on the Microsoft Active Directory 2016 Server(s).


Affected Versions

  • Create a list of versions/items affected by this problem


Workaround or Solution

Overview

Adjust the Local Security Policy on the Domain Controller and set the policy (User Account Control: Run all administrators in Admin Approval Mode) to DISABLED

To change the policy, follow the steps below.

  1. Open Local Security Policy, on the Start screen, type secpol.msc, and then press ENTER.
  2. Navigate to Security Settings>Local Policies>Security Options
  3. Scroll to find the User Account Control: Run all administrators in Admin Approval Mode policy
  4. Right-Click and select Properties
  5. Change the Local Security Setting to DISABLED




Bolty McBoltFace -
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.