Link to home
Start Free TrialLog in
Avatar of patrickst
patrickstFlag for United States of America

asked on

active directory user and computers windows 2008 R2

unable to see user in active directory users and computers. When I try to add the user account back into active directory it will not let me getting arror that the user has an  active directory  account already. But when searching for then userI don't see the user at all. Using  windows 2008 R2active directory.
Avatar of Nick Rhode
Nick Rhode
Flag of United States of America image

Are you searching under the entire directory when doing the find now?  Was this a previous user at one point and time?  Is the name associated with a security group or distribution group?
Avatar of patrickst

ASKER

searching under the local domain and under the"users" folders. The user can logon into the domain, but does not show up in AD.  The user in question has been signing on to the domain for the last 6 months.  Just today I notices that the user is not showing up in active directory.  The user is in a distribution group.
Under find go to Users,Contacts, and Groups, Under IN: choose entire directory and then do a find now and see if he shows up.
I did find the user account out in the Root of the domain.  I'm trying to move the user account back under the "users" OU, but getting access denied.  Do you know a way to move the user back into the "users" OU?

thanks

Pat
Avatar of Pramod Ubhe
find the user, right click on it and select move, then select target ou and click ok.
You can also drag and drop that user in target ou
I try moving the object ( see attach file) but getting error on move access denied. Not sure why

thanks
activedirectory-error-move-error.png
That simply means what it says, you do not have rights.
With domain admin account go to properties > security of that account and either take ownership or configure sufficient permissions so that it will allow you to do move operation.
Avatar of w_richard
w_richard

Did you install the admin tools? - http://www.microsoft.com/download/en/details.aspx?id=7887

Or you can run dsa.msc command.

The maximum account identifier allocated to this domain controller has been assigned. The domain controller has failed to obtain a new identifier pool. A possible reason for this is that the domain controller has been unable to contact the RID master domain controller.
I have try moving the object on the AD server itself ( server has all 5 rolles install including RID roll),  using the command dsa.msc ( with no luck). I'm unable to move this object. I'm looking for a powershell cammand to try and move user object,  do you know a command that I can try?

thanks
ASKER CERTIFIED SOLUTION
Avatar of patrickst
patrickst
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
once I uncheck the " Protect from accidental delection"tap I could move the user object back to the USER OU with no problem