System.Security.AccessControl.PrivilegeNotHeldException error during SharePoint Products Configuration Wizard on MOSS 2007 or SharePoint 2010
|« Batch File to Slipstream Service Pack (SP) and Cumulative Updates (CU) for MOSS 2007 or SharePoint 2010||sp_SDS Stored Procedure updated to work with SQL Server 2008 R2 & SQL Server 2012 »|
When reviewing the event log you will see the following error and you get the error in the screen shot below.
Failed to create the configuration database.
An exception of type System.Security.AccessControl.PrivilegeNotHeldException was thrown. Additional exception information: The process does not possess the ‘SeSecurityPrivilege’ privilege which is required for this operation. System.Security.AccessControl.PrivilegeNotHeldException: The process does not possess the ‘SeSecurityPrivilege’ privilege which is required for this operation
In this particular case the problem came down to the account running the configuration wizard not having “Manage auditing and security log” rights in Group Policy. This setting was modified by a GPO in Active Directory.
We can see that this GPO was modified, in this case, probably for Exchange because “Exchange Enterprise Servers” was explicitly added.
You have two options to correct this issue:
- Add MOSS 2007 or SharePoint 2010 Service Accounts to this GPO – This is not recommended because we do not know what else is configured in this GPO that can cause issues.
- Move the computer account to an OU that is blocking inheritance. – This is the preferred method because we don’t know what else is configured in the GPO that can cause other issues.