Hi. I can install PCNS on two of the DCs (both are GC), but not on the primary DC. When I try to install it there, I get the following error:
Error 25006. The Forefront Identity Manager Password Change Notification Service Setup Wizard cannot write to the discretionary access control lists (DACLs) CN=Password Notification Service,CN=System,DC=local,DC=myorg. Ensure you have the correct permissions for this operation, and then try running this wizard again. A directory service error ocurred.
The account I am using is domain admin and schema admin and do have full write access on the CN object
The schema is also updated (this was done some years ago with a MIIS installation and confirmed when I tried running with the SCHEMAONLY parameter). I'm now trying to use PCNS with FIM 2010 R2.
Any ideas?
Pål A