Why can I not add a new domain to the Repository in Group Policy Administrator after configuring a user in the Remote User Settings?
What permissions do I need to add a new domain to the Group Policy Administrator (GPA) repository?
How do I add Create New Domain permissions to the remote user account?
NetIQ Group Policy Administrator 3.0
NetIQ Group Policy Administrator 4.x
NetIQ Group Policy Administrator 5.0
Cannot add a domain to the repository.
The specified remote user account does not have sufficient permissions.
By default, the remote user account is only given Manage GPR Security permissions. To add a new domain to the Group Policy Administrator (GPA) repository, the remote user account specified from a non-trusted domain must have Create New Domain permissions.
To add Create New Domain permissions to the remote user account, complete the following steps:
- Log in to the NetIQ GPA Console with an account that has Full control of the Repository.
- Right-click the GPA Repository node and select Connect to Database.
- Select the SQL server name where the repository database resides.
- Select the desired authentication and click OK.
- Select the Repository Server [repository server_name]node.
- Select Manage GPR Security from the task bar (the icon is similar to a lock).
- Right-click the Repository Server [repository server_name]and select Properties.
- Select the GPR Security tab.
- Select the user account or SID referencing the user account from the non-trusted domain.
- Select the Create New Domain checkbox in the Allow column of the Permission section at the bottom of the dialog box.
- Click Apply and OK.