?
Solved

windows 2008 R2 Active Directory Object could not be displayed or deleted.

Posted on 2013-01-21
1
Medium Priority
?
297 Views
Last Modified: 2013-01-22
Dear All,

I found some users which one I click on them I got the following error:

1

Could you please help to:
1-      List all users have the same problem using command or anything else.
2-      Delete those users, I’m not able to delete them, I got the following error.

1

Thanks
0
Comment
Question by:Rhala
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 42

Accepted Solution

by:
sedgwick earned 2000 total points
ID: 38801094

This behavior occurs if the account that you are logged on with has only "list contents" permissions on the parent object.
http://support.microsoft.com/kb/305104
Under this scenario, you are unable to read any attributes of the object, even though you can see the object. This prevents Windows from providing information about the object based on the objectClass attribute, such as the icon attribute. You also do not have permissions to perform any operations on the object, such as a Delete command, that requires access to the objectGUID.

RESOLUTION
If you are a member of the local Administrators group on the domain controller, you may take ownership of the object and then grant yourself whatever access rights that you require.


Try this;
Logon on the DC with an account that is member of the 'Domain Admins' group
(the 'Domain Admins' group is by default a member of the Administrators group on the DC. To check this, on the DC, click Start / Run and type: CMD /k net localgroup Administrators)

- Open active directory users and computers
- Click View on the menubar
- check "Advanced Features"
- Goto the UNKNOWN object and open the properties
- on tab "Security" click on the 'Advanced' button.
- Goto tab 'Owner'
- Change Owner to the the administrator account that you are currently logged on with.
- In the Security dialog box, assign Full Control permissions to your account.
Active Directory Object could not be displayed
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
Suggested Courses
Course of the Month13 days, 17 hours left to enroll

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question