locked
Second site not adding to CAS Server RRS feed

  • Question

  • Hi All

    I am trying to add a Secondary Server in our 2nd Datacentre to the Main CAS Server but i am getting the following error message

    the setup login user does not have sufficient permission to configure replication with specified central administration site


    Below is my current environment

    2 Datacentrers

    1 AD Domain

    1st Datacentre has CAS and a Primary Site Installed all working and replicating fine.

    2nd Datacentre - i am trying to install a another Primary Site which would connect to the CAS Server.

    CAS 

    PL1 - 1st Primary Site Server for DC1

    PL2 - 2nd Primary Site Server for DC2

    But for some reason i can not get the PL2 Server to connect. 

    I noticed our ADSS was only configured with the default site, so i added another site and connected the 2nd Domian Controller to this..However this as not resolved anything.

    All installation has been done using the AD Admin account.

    Many thanks for all help


    Kabir Hussein

    Friday, December 14, 2012 5:26 PM

All replies

  • Is the account you are using a local admin *and* and sysadmin in the SQL Server instance hosting the CAS's DB? Just because you are a ConfigMgr full admin does not imply either of these.

    Jason | http://blog.configmgrftw.com

    Friday, December 14, 2012 6:02 PM
  • Hi Jason

    the user is a Domain admin user and also has sysadmin permission to the CAS DB as it was the account used to install all my SCCM applications.


    Kabir Hussein

    Monday, December 17, 2012 11:39 AM
  • Just because it did have permissions, doesn't mean that it still does. DBAs love to change things. Also note, that domain admin does not necessarily imply local admin or SQL sysadmin either.

    Have you reviewed the setup log file for more detailed information?


    Jason | http://blog.configmgrftw.com

    Monday, December 17, 2012 3:59 PM
  • Hi Jason what log file can i review to see if the error is related to something else.

    I have checked the user i am using is domain admin, i have added it as local admin and also the user is part of the sysadmin for SQL.

    Many thanks for all your help on this by the way much appreciated, i am a bit baffled at present to where the issue could lie :-(

    Kabir


    Kabir Hussein

    Monday, December 17, 2012 6:09 PM
  • The actual setup log file should be sufficient. It'll be in the root of the C drive on the system and called configmgrsetup.log (I think).

    Jason | http://blog.configmgrftw.com

    Monday, December 17, 2012 6:24 PM
  • The actual setup log file should be sufficient. It'll be in the root of the C drive on the system and called configmgrsetup.log (I think).

    Jason | http://blog.configmgrftw.com

    Monday, December 17, 2012 6:25 PM
  • Also make sure the installation account is part of the "Full Administrator" in Administration-> Security-> Administrative Users
    Tuesday, December 18, 2012 6:54 AM
  • Hi All

    I am getting the below error on the configmgrsetup.log

    20/12/2012 15:27:33: ConfigMgrSetupWizard Error: 1 : Received COMException while connecting to the SMS provider on PL2VMWIN0013.adds.accenture.thirdparty.nhs.uk. Exception message: [The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)].

    20/12/2012 15:27:33: ConfigMgrSetupWizard Error: 1 : Failed to get provider location from %s


    Kabir Hussein

    Thursday, December 20, 2012 3:42 PM
  • Kabir, could you please confirm whether the installation account is part of the Full Administrator Group on CAS
    Friday, December 21, 2012 5:45 AM
  • Hi Rajul

    The installation account is the same account that was used to create the CAS and the Primary Site Server on the other DC, it should have permissions all over the domain so im not sure if this could be the issue.

    Also just double checked for my sanity and the user is present as the full administrator.

    Im thinking possibly a port issue... i tried the Wbemtest and couldnt not connect to the CAS Server from the Server which i can not join from.


    Kabir Hussein

    Friday, December 21, 2012 10:23 AM
  • try with portqry.exe to check whether the firewall is allowed to pass through.

    from CAS server

    Portqry.exe -n "SecondPrimary SQL server" -e 1433

    Portqry.exe -n "SecondPrimary SQL server" -e 4022

    If it says "listening" then we can make sure the firewall is not blocking. Otherwise you need to open the ports on firewall.



    Regards, Rajul

    Friday, December 21, 2012 12:18 PM
  • Hi Rajul

    Apologies for the late reply, i ran the portqry and port 4022 was not listening. Getting this changed and will let you know how it goes.

    Thanks for the help.


    Kabir Hussein

    Thursday, January 10, 2013 5:07 PM