Still can't create an AAG listener

I just built a test cluster with 2 MS SQL Server 2014 machines, 1 domain controller, an 1 file share witness. (All of them are Windows2016-based.) The 2 MS SQL Server machines are a WSFC members. When I created the Always On Availability Group, all steps succeeded except creating a listener. If I try to repeat adding a listener to this AAG, I receive a message: > **Cluster network name resource 'myaag_mylistener'** failed to create its > associated computer object in domain 'mydomain.lan' during: Resource > online. > > The text for the associated error code is: Access is denied. > > > Please work with your domain administrator to ensure that: > - The cluster identity 'MYWSFC$' has Create Computer Objects permissions. By default all computer objects are created in the same > container as the cluster identity 'MYWSFC$'. > - The quota for computer objects has not been reached. > - If there is an existing computer object, verify the Cluster Identity 'MYWSFC$' has 'Full Control' permission to that computer object using > the Active Directory Users and Computers tool. What I tried: 1. Create a computer object: mydomain.lan/Computers/mylistener and give the mydomain\MYWSFC$ "Full control" on it; 2. Remove the object mydomain.lan/Computers/mylistener and grant the mydomain\MYWSFC$ account permissions to create computer objects within mydomain.lan/Computers (List contents, Read all properties, Read permissions, Create computer objects); 3. In ADSI Edit, DC=mydomain,DC=lan: ms-DS-MachineAccountQuota raised from 10 to 15 (although there are only 5 machine accounts including mylistener$). What could still be wrong?