If you are installing IBM Security Directory Server on Windows 2012 R2 then ensure you disable User Account Control (UAC) by doing the following:

1. Go to Control Panel -> User Accounts -> User Accounts, click Change User Account Control settings, then select Never notify.

2. Navigate to the following registry subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
set ‘EnableLUA’ to 0
and set ‘ConsentPromptBehaviorAdmin’ to 0.

It is also worth creating a local admin account (not a domain admin account), and doing all the installation work as that user.

I found that if you don’t disable UAC, after creating an LDAP instance, when I tried to start ibmslapd.exe from a command prompt (as a user which is a member of the Administrators group), I had the following error:

GLPSRV200I Initializing primary database and its connections.
Binding to config failed! rc = 91
Turn on ldtrc for detail errors

I also found that if you log in as Administrator (and don’t disable UAC) it is possible to run ibmslapd.exe from a command prompt, but it won’t run as a service.

Vaughan