Windows – PowerShell DSC Group Resource – “Could not find a principal with the provided name”

I am trying to use PowerShell DSC to add a domain group to the local administrators group. Here is the code:

Configuration TestSetup {
    Node localhost {
        Group Administrators {
            GroupName = "Administrators"
            MembersToInclude = "MYDOMAIN\TheAdministratorsGroup"
        }
    }
}

This is resulting in the following error when I run it:

PowerShell provider MSFT_GroupResource  failed to execute Test-TargetResource functionality with error message: Could not find a principal with the provided name [mydomain\theadministratorsgroup]
    + CategoryInfo          : InvalidOperation: (:) [], CimException
    + FullyQualifiedErrorId : ProviderOperationExecutionFailure
    + PSComputerName        : localhost

The principal does exist and I can add it manually through the GUI and using net localgroup.

I know that DSC configurations get executed under the SYSTEM account so I thought it might be a permissions issue with the SYSTEM account wanting to query Active Directory. However I've run a cmd as the SYSTEM account using PsExec and I was able to add a domain group to the local administrators group without any trouble.

$ConfigurationData = @{ AllNodes = @( @{ NodeName="*" PSDscAllowPlainTextPassword=$true } @{ NodeName="SRV2-WS2012R2" } @{ NodeName="SRV3-WS2012R2" } ) } Node $AllNodes.NodeName { LocalConfigurationManager { RebootNodeIfNeeded = $false } Group $group.Name { GroupName = $group.Name Ensure = $group.Ensure Members = $group.Members Credential = $cred } }

Windows – PowerShell DSC Group Resource – “Could not find a principal with the provided name”

Best Answer

Related Topic

Best Answer

Related Solutions

Powershell – Running a script as administrator without login as administrator

Powershell – Exchange 2010 PowerShell: Value.ToMB() Method Fails Remotely but Works Locally

Related Topic