Can't Promote Server to Secondary Domain Controller

We have a server running Server 2008 R2 as our primary DC. We currently don't have a secondary DC, but are trying to add one. The secondary DC we are trying to use is running Server 2012 R2 Standard.

The Issue:

When we try to promote the second server to a domain controller we run into an error:

The Active Directory Domain Services Installation Wizard was unable to
convert the computer account SERVERNAME$ to an Active Directory 
Domain Controller Account.

You can see a screencap here:

What We Have Tried:

We have tried modifying the Default Domain Controller Policy to give Delegation rights to Domain Admins. This part works, but doesn't appear when we run whoami /all. Instead we get this result: SeEnableDelegationPrivilege Disabled

We have also tried going into the AD Users And Computers > Computers > SERVERTOBEPROMOED. We went to Properties>Delegation and selected Trust this computer for delegation to any service (Kerberos Only).

After setting both of those, running gpupdate /force on both servers, and waiting 90 minutes, the whoami /all still shows SeEnableDelegationPrivilege Disabled

Note: The whoami /all was run on multiple computers including the AD and the computer to be promoted, and showed the same result.

We are at a loss for what is going on here. Rebuilding the entire AD is out of the question, but rebuilding the Default Domain Controller Policy could be on the cards, although we'd prefer not to do that.

Verify that that the policy Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Enable computer and users accounts to be trusted for delegation is set on the default domain controllers OU. Verify that the account you are using to promote the computer has this policy applied. You can use gpresult /h report.html to verify.