I have the following situation: my security groups of the active directory I'm belonging to are not shown anymore in a "friendly name", but I have just the SID.
When I run whoami /groups I see a list of groups, plus a custom group I'm belonging to, which is shown without a name:
Group name Type SID
================================================= ==================== =============================================
Unknown SID type S-1-5-21-31XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
(I just removed the full SID)
By the way, access to services inthe domain that requires me to be part of that group works fine, indicating that I'm currently part of that group, anyhow (correctly).
So, online I'm finding only solutions on how to remove these "orphaned" SIDs, but I'd like to update it with the original name (MYDOMAIN\GroupName), not to delete it.
Is there any tool to achieve this?
Edit: to better explain my problem, I started having these problems when I "disconnected" my PC from the domain, and then I restored a previous point to get back the situation.
Best Answer
Please ask an admin to rejoin your PC to the domain to reset the trust relationship, this will most likely resolve the issue.
Your computer account password from the restore point and the one in the AD does not match. See that blog post for furter reading on that process; http://blogs.technet.com/b/askds/archive/2009/02/15/test2.aspx