Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1776
  • Last Modified:

Not able to search additional locations

I have a windows 2003 server with users logging onto the domain, this works fine. But I want to add a roaming profile user to the local power user group so that they can use a program that requires this.

When I go to the local computer, to user accounts and go to the power user group then add a user, it either comes up with there are no locations, or it comes up with the box to select a location from and there is nothing in there apart from the local computer. I suspect it should show the domain and the active directory users in it, but nothing is there.

Any ideas?
1 Solution
What OS is the local computer running?  You are logging in with administrator privileges when trying to make these changes?  And are you logging onto the machine locally or onto the domain?
local computer is for local accounts ony if you have a domain go to the domain controller and under all programs in the start menu go to administrative tools and choose active directory users and groups

You’ve to login as Domain ID which is member of domain Admin group, because, When you are joining a computer to a domain, by default, (Your Domain Name)\Domain Admins Groups will be added to you local administrator Group. If you login as local ID, you may not get access to domain accounts( User IDs) information. Repeat you previous steps to add domain ID into local Power user group.

Still if u r not getting it on the system,  remove the computer  from domain and rejoin.

Hope This should work.

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

guy-allworkAuthor Commented:
Thanks for all you answers, but,
OS is win XP

Yes everyone has Admin rights, as I can’t downgrade them to much less as AutoCAD needs to alter the registry from time to time especially when a new user jumps on a different computer in the office.

I am logging on to the computer using the roaming profile, which come up fine. Profiles are applied network server is accessible.

I have been told that AutoCAD has to have power user right, and as the only place power users exist is on the client computer I suspect I have to add the user to the local power user group, but I can’t add any users from the domain as I can’t browse or search for them on the server.

The route I have been taking is:
Control panel,
User accounts,
If I go ADD then Browse the info box comes up saying "The program cannot open the dialogue box because no locations can be found. Close this message, and try again".

Or go to advanced tab in users,
Advanced user management, click advanced
Go to groups
Double click on power users,
Then add
Then click on locations button,
Only the local computer is displayed.

any more ideas?
guy-allworkAuthor Commented:
(Also i have set up several new computers on the network and it doesent work on them either)
Thanks for the clarification.  I'm not too sure why the domain list is not showing up in the locations if the PC is logged into the domain.

But here's a question for you: if all your users already have admin rights to the local PC, then they already posess all of the rights of the Power Users group and more.  So I don't know that it would even be necessary for you to add them in to this group.

This could be a problem with DNS because XP relies heavily on this service and if it can't contact the PDC then you may not get the list.

Check this thread out:
http://www.tek-tips.com/viewthread.cfm?qid=768007 .  There is no solution here but the user is having the same problem as you experience.

If you got to Start, Run and type in
\\domain_controller_name does it bring up the various shares on the PDC including the netlogon share?  This will verify that DNS is functioning properly on the PC.

Let me know how it goes.
guy-allworkAuthor Commented:
Yes typing the \\servername in does bring up all the shares including the netlogon.
Are you sure that is a good way of telling if the DNS is working?

The fact that everyone had admin right is just a stop gap until I can fix this problem, I don’t want everyone to have full rights but until I can solve this problem then I have to do it that way.

Cheers for the help though,

Gotcha, sorry didn't realize that you had just temporarily given admin rights to the users.

Are you able to remotely manage the local PC using the Active Directory from the Windows 2003 server?  If you open up the Users and computers and find the computer that is giving you troubles you should be able to browse to the local user groups on that PC and try adding them to Power users from there.

As far as I know your dns is working properly.  Do you have the network adapter set to enable NetBIOS over TCP/IP?

Do you have a WINS server at your location?  Have you tried removing the computer from the domain and then rejoining it to see if it fixes the problem?
Here's a link to a post that might help you out.  It might be that your SRV records for the machines are not properly registered in DNS.

guy-allworkAuthor Commented:
Have a wins server running with the winns server specified on the client computers, they are all listed in there. Net bios is not over tcp/ip
I have in the past removed and recreated the computer accounts for the computers with no change.

But i cant access the computers from active directory way, by right clicking on the computer and choosing manage,

computer \\IT-DESK.wlsl.local cannot be managed. The network path was not found.
Chose 'Connect to another computer' from the Action menu to manage a different computer.

The only two computers that will allow me to connect are the two last remaining windows NT machines in the company!

So from the server can you enter in \\computername and connect to the PC this way?  Are there any strange error messages showing up in the PC event viewer related to problems contacting the domain controller?  I know that when I've experienced this problem before it has been because the records for the domain were not properly showing up in the DNS records for the domain.  Did you have a look at the SRV records on the DNS server?  Are your computers showing up in WINS as expected?
guy-allworkAuthor Commented:
yes now i look event viewer does come up with 3 errors,

Windows cannot determine the user or computer name. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.

Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b).  The specified domain either does not exist or could not be contacted.
  Enrollment will not be performed.

Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.
guy-allworkAuthor Commented:
It was as everyone says, a problem with the DNS. I had somewhere along the line created a single host name instead of domainname.local, i had a dns entry of just domainname. This resulted in the dns not being registered correctly even though i had checked the setting over and over again and they all seemed fine. using netdiag /fix to see the main problems, re-run the dnswiz.exe go through the process and set up the full domain name again, then when this was all happy typed ipconfig /registerdns to make the server appear in the dns forward folder.

This also was the reason why the logons to people computers was so slow, as the computers on login were trying to apply group policy settings but couldn’t find the server in the dns to connect up with then failed after a while resorting to local computer group policy instead.
Cool, glad to hear everything is running smoothly!

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now