Cannot change system time - Windows Server 2008 R2

P.S: The option to Add User/Group is greyed out.

try it in local admin

domain admin should be used by anything on a domain

please login with local admin account and test. not the domain admin account.

If you go to the users computer, open user manager for the local machine. Open policies>user rights . There will be an option listed as change system time (add domain-admins). or deploy with gpo.

Since when have you ever been able to logon to a DC with a local administrator account!?!?!

Is this the only domain controller in the domain? it sounds like the local security policy on the DC computer did not get configured correctly during the promotion. What I would recommend is if possible, get another computer (a decent PC Box w/2GB RAM and 80GB HDD should be fine), install server OS on it, dcpromo it, verify that all the rights are set correctly, migrate the FISMO and GC to it, demote the original DC, check the security policy, you may need to remove/rejoin the domain, then reverse the process. If you have another DC, ignore the second box bit :-). I've had times when dcpromo did not run correctly, especially when upgrading from 2k3 to 2k8 domain.

This isn't the only DC. We have 2.