I would suggest looking at the Event Log on that domain controller immediately after trying those credentials in SAM to see if there are an Windows Event Log Messages that might explain the denial. The error you are receiving back is fairly generic and can be applicable to both a bad username/password, or insufficient privileges.It may be that your DCOM permissions, or some other group policy setting is preventing some component within the template from being applied. We may be able to narrow down the the cause if you manually assigned the template to the node. This will allow you to see which component(s) in the template are failing. If they are Performance Counters or Windows Service Monitors, etc.
↧