Solved

windows 2008 R2 Active Directory Object could not be displayed or deleted.

Posted on 2013-01-21
1
296 Views
Last Modified: 2013-01-22
Dear All,

I found some users which one I click on them I got the following error:

1

Could you please help to:
1-      List all users have the same problem using command or anything else.
2-      Delete those users, I’m not able to delete them, I got the following error.

1

Thanks
0
Comment
Question by:Rhala
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 42

Accepted Solution

by:
sedgwick earned 500 total points
ID: 38801094

This behavior occurs if the account that you are logged on with has only "list contents" permissions on the parent object.
http://support.microsoft.com/kb/305104
Under this scenario, you are unable to read any attributes of the object, even though you can see the object. This prevents Windows from providing information about the object based on the objectClass attribute, such as the icon attribute. You also do not have permissions to perform any operations on the object, such as a Delete command, that requires access to the objectGUID.

RESOLUTION
If you are a member of the local Administrators group on the domain controller, you may take ownership of the object and then grant yourself whatever access rights that you require.


Try this;
Logon on the DC with an account that is member of the 'Domain Admins' group
(the 'Domain Admins' group is by default a member of the Administrators group on the DC. To check this, on the DC, click Start / Run and type: CMD /k net localgroup Administrators)

- Open active directory users and computers
- Click View on the menubar
- check "Advanced Features"
- Goto the UNKNOWN object and open the properties
- on tab "Security" click on the 'Advanced' button.
- Goto tab 'Owner'
- Change Owner to the the administrator account that you are currently logged on with.
- In the Security dialog box, assign Full Control permissions to your account.
Active Directory Object could not be displayed
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question