Can't add Windows AD users to local group on MySQL server
Posted on 2013-11-24
This is a strange one.
I have an App server, a DNS server, and a DB server. All are VMs. I built the App server with a clean install of Windows Server 2008 R2 Datacenter Edition, plus all Windows Updates. I did not join the server to a domain. I also installed Symantec Endpoint Protection 12. Windows Firewall was turned off.
I cloned the App server to create the DNS and DB servers. Then I installed MySQL 5.6.10 on the DB server. Everything worked perfectly.
Today I decided to join all three servers to a domain (acme.local). The App and DNS servers are fine. But the DB server is not communicating properly with the domain. When I look in the local Administrators group, ACME\Domain Admins is not listed, as it is on the other two servers.
If I attempt to add Domain Admins, it takes a long time to retrieve the AD object. And it displays as ACME\Domain Admins (S-1-5-21-332...). And when I click Apply I see "Domain Admins" is already a member of the group "Administrators", and it disappears from the list.
I have three other sets of servers (App, DNS, and DB) that I have also joined to acme.local, with the same odd behavior on the MySQL DB server only.
This problem is preventing me from accessing the DB servers remotely using a domain account. Any comments or suggestions are welcome.