Link to home
Start Free TrialLog in
Avatar of sfagundes
sfagundes

asked on

Can't copy users in 2008 AD

Environmnet: Single Forest/Single Domain, 2 Domain Controllers on the same subnet, both global catalogs, domain 2008 functional level. One DC is 2008 R2, one is 2008. There is no exchange server in the environment.

I get the error: Windows cannot create the object because the name reference is invalid when trying to copy users on either dc. This happens on any user, any OU. I have tried multiple domain admin accounts and all of them have the issue.  I searched and found this link:

http://info.izzy.org/Technical/Lists/Issues%20%20Tips/DispForm.aspx?ID=182

however since I do not have exchange it does not apply.
Avatar of Manpreet SIngh Khatra
Manpreet SIngh Khatra
Flag of India image

Are both the DC's in the same domain if so it wouldnt work as All DC's will have the same information in the domain :)

- Rancy
Avatar of sfagundes
sfagundes

ASKER

yes both dc's are the same domain.

I also tried resetting the security settings to default at the domain/ou/user level. This did not work
SOLUTION
Avatar of achaldave
achaldave
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Are you trying to copy a user from one DC to another ?
Can you manually create a Object ?

Can you tell me what are you trying to achieve to assist you with the issue.

- Rancy
I am trying to create a new user by copying an existing user to avoid having to manually recreate all the group memberships. I can create new users in the same ou without issue.

I found that article as well, however I do not have any trusts since it is only one domain and forest and both of the DC's are global catalogs already.
Are these server's VM ?
What if you go to Windows and run DSA with "Run as Administrator" and then try the same task ?

- Rancy
physical boxes.

Run As Administrator gives the same error.

Ran DCdiag an everything passed except netsec which is expected because we do not run any rodc's.

Opening a case with microsoft tomorrow. thanks for the suggestions
Did you ever have another DC in the Domain ?

- Rancy
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
RSAT tools had nothing to do with it, however it was related to an attribute so this got me going in the right direction.