Cannot create KDS Root Key - "Request is not supported"

active-directory windows-server-2012

FYI for anyone finding this question in the future. I was able to resolve it like this:

  • (1) Log on to another non-DC in the domain
  • (2) Log on as a domain admin
  • (3) Install/add the RSAT tools (the AD ones in particular)
  • (4) Launch the PowerShell AD tool
  • (5) Run the Add-KDSRootKey from the new machine.

Hope this helps someone


Try right click on the powershell icon and run as administrator and rerun the command.

Also be attentive to privileges. Creating a KDS Root Key requires Domain Administrator (in the root top-level domain) or Enterprise Administrator privileges.

Related

How to post logs to Cloudwatch with CLI?
Does a M.2 2280 SSD fit in a MacBook Pro (Retina, 15-inch, Mid 2014)?
Photos Having Trouble Accessing Files
'mdls' and 'mdimport' interaction: good practice question
What happens when the kernel_task is killed?
App is greyed out
Is it possible to have only one notification for a text message until the message is read?
Copy extended attributes to new file (ffmpeg)
How do I stop iTunes from automatically opening when I browse an app on apple.com?
May I register with ©copyright my songs made mixed with just apple loops or must be copyleft, creative commons, royalty free, etc...?
Is there a terminal emulator for Mac OS X that supports binding Ctrl+(Shift)+Tab?
Cookies in Safari private browsing with iframes