This may be related to Q_24382549 but our DC is throwing up an error when we try to look at the member list for the Administrators Group. The message is "Some of the object names cannot be shown in their user-friendly form. This can happen if the object is from an external domain and that domain is not available to translate the object's name"
Clicking on ok lets you view the members but there is an unresolved SID with a CN=ForeignSecurityPrincipals
Now - this is a closed domain - no inter-domain trusts / relationships with other domains. There is a primary DC with most of the master roles and a secondary backup DC - virtual server on ESXi.
The administrators security group is not accessible by other servers, for example when trying to add the group in security permissions it just doesn't show up in the list of available names / groups etc. If you do an advanced search on names starts with "admin" it comes back with just the Administrator user account.
However - if you search on the DC itself or from a client pc using the ADToolsPack then it can at least find the Administrators group.
Profile folders have stopped working and when client pcs log on to the domain they get a message warning that the user profile cannot be loaded because there are insufficient security rights to the folder. You can't add the domain administrators group to the security permissions for the respective profile folder because it can't be found !
Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.
You may have a need to setup a group of users to allow local administrative access on workstations. In a domain environment this can easily be achieved with Restricted Groups and Group Policies.
This article will demonstrate how to…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller.
Log onto the new domain controller with a user account t…