15.x clean install (not upgrade) - Username and Password has been entered for the Service User, and "next" button has been clicked, at the "Create a New Service User" step.
LsaLookupName2 error when creating new SymantecDLP service user, on a new Enforce Server install
Article ID: 172382
Updated On:
Products
Data Loss Prevention Enforce
Data Loss Prevention
Data Loss Prevention Enterprise Suite
Data Loss Prevention Plus Suite
Issue/Introduction
When installing a new Enforce Server via the MSI from command line, the wizard fails at the point of creating a new service account for Enforce - called "SymantecDLP" by default.
Error calling LsaLookupNames2: The trust relationship between the primary domain and the trusted domain failed. (HRESULT: 0x6fc)
Environment
Cause
Not completely known, but there are indications from customer environment that a Domain Controller was recently deleted while still remaining listed in Active Directory forest.
For additional details indicating this issue, this Microsoft Technet may prove useful:
Resolution
If the customer cannot confirm the above solution in their Active Directory environment, try creating the DLP Enforce Service User in advance of the installation - making sure it has been given "Logon As A Service" rights.
Then choose the option for "Existing User" when prompted with the Service User option during the wizard.
Feedback
Yes
No
Powered by
