Can’t add domain users to local groups on a server

active-directorywindows-server-2003

I'm trying to add a user to a local group on one of my servers. I keep getting the following error once I've selected the user I want to add:

Windows cannot process the object with the name 'Domain Account' because of the following error:

The specified domain either does not exist or could not be contacted.

I'm also seeing a lot of EventID 1053 errors which give pretty much the same error and then say Group Policy processing aborted.

The strange thing is that I'm logging in to this server with my domain account, the domain controller is running fine, and I can even get a listing of domain accounts to add to the group. It only fails once I select which user I want to add from the list. Any ideas as to what might be going on here?

Best Answer

I assume the server in question isn't a domain controller, in which case, have you checked its DNS settings?

They should be configured to use the same DNS server that your AD is using.

Can you perform an nslookup on your domain name from the server?

For example (assuming your DNS domain name is example.local)

h:\> nslookup example.local
Server dc1.example.local
Addresss: 1.2.3.4

Name:    example.local
Addresses:  1.2.3.4, 1.2.3.5, 1.2.3.6

It's worth checking, as in my experience, this type of error usually is down to DNS configuration being wrong somewhere along the line.

Best Answer

Related Solutions

Give Domain Local groups access permissions to a profile (Windows 2003 R2 SP2/XP)

Can’t add sharepoint users from trusted domain

Related Topic