I was trying to add domain accounts to SharePoint, and although no specific errors, when submitting using the people picker, the name would either disappear, or it would default back to the local user with the same name (e.g. the local Administrator rather than the domain administrator).
I was getting this issue on a Windows Server 2008 in VMWare WorkStation 7.0.1. In addition I had a separate VM for the domain controller all set to use "Host-only" in VMWare. I had a further Windows Server 2003 VM that was working fine.
In the event log, I also notice:
Log Name: System
Source: Microsoft-Windows-DNS-Client
Date: 6/30/2010 9:51:06 AM
Event ID: 1014
Task Category: None
Level: Warning
Keywords:
User: NETWORK SERVICE
Computer: servername.domain.local
Description:
Name resolution for the name 168.192.in-addr.arpa timed out after none of the configured DNS servers responded.
Another symptom was when trying to add a user using STSADM I received the exception error 1387. the exact command I was running was:
stsadm -o adduser -url http://server:12345 -userlogin BUILTIN\Administrators -useremail admin@company.com -group “Farm Administrators” -username “Administrators”
To resolve this issue, I did the following:
Confirmed the DNS server setting was correct
Disabled IPv6
I then ran the cmd prompt with elevated permissions and ran:
netsh interface tcp set global rss=disabled
netsh interface tcp set global autotuninglevel=disabled
netsh int ip set global taskoffload=disabled
Restarted the server. However, still got the same issue, as well as:
Log Name: Application
Source: VSS
Date: 6/30/2010 10:15:08 AM
Event ID: 8230
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: servername.domain.local
Description:
Volume Shadow Copy Service error: Failed resolving account Administrator with status 1376. Check connection to domain controller and VssAccessControl registry key.
Operation:
Initializing Writer
Context:
Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
Writer Name: WMI Writer
Error-specific details:
Error: NetLocalGroupGetMemebers(Administrator), 0x80070560, The specified local group does not exist.
In VMWare, I then made a note of the IP settings, and went to the VM settings, and remove the Network adapter, and added it back in again (again to Host-only) and restarted the machine.
Then I noticed another issue in the logs:
Log Name: System
Source: NETLOGON
Date: 6/30/2010 10:20:33 AM
Event ID: 5719
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: servername.domain.local
Description:
This computer was not able to set up a secure session with a domain controller in domain servername due to the following:
There are currently no logon servers available to service the logon request.
This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.
and:
Log Name: System
Source: NETLOGON
Date: 6/30/2010 10:24:40 AM
Event ID: 5516
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: servername.domain.local
Description:
The computer or domain servername trusts domain domainname. (This may be an indirect trust.) However, servername and domainname have the same machine security identifier (SID). NT should be re-installed on either servername or domainname.
My guess is that one of the servers was a clone of the other. I therefore took a snapshot of the offending server, then ran NEWSID from:
http://www.brothersoft.com/newsid-156113.html
IMPORTANT to also read:
NewSID v4.10
http://technet.microsoft.com/en-us/sysinternals/bb897418.aspx
NB This is a development environment, so I'm quite happy to change the SID using 3rd party products (although bought by Microsoft and then retired) to change the servers SID to see if it worked, however, this would put you in an unsupported state with Microsoft. Especially with SharePoint installed on the box, I was concerned there may be the machine SID in the database that NewSID would not update.
However, this blue screened and failed to start up. I therefore restored it to the existing snap shot.
As the issue was a conflicting SID with the SP server and the AD server, I opted to create a new AD server, which I added to the domain using:
Installing an Additional Domain Controller by Using the Windows Interface
http://technet.microsoft.com/en-us/library/cc753720%28WS.10%29.aspx
I then decomissioned the existing domain controller using this guide:
Decommissioning a Domain Controller
http://technet.microsoft.com/en-us/library/cc816644%28WS.10%29.aspx
However, I was still having the same issues, so next on the new DC I removed the server from active Directory Users and Computers and readded it, then logged back on to the SP server, removed it from the domain, and re-added it. However, still no joy which was odd as the machine it clashed with had completely gone?! Must have been something to do with the fact that the domain I created in some way uses the SID of the initial domain controller.
The only solution it seemed was to rebuild a new fresh SharePoint 2007 server :-(
|
||||||
|
This Month
Month Archive
About Me
Login
|
Main Page
»
Application Servers
»
Microsoft SharePoint
»
Microsoft Office SharePoint Server (MOSS) 2007
Unable to Resolve Domain User Accounts
Comments
Re: Unable to Resolve Domain User Accounts
i yet not solve this problem please help me to solve that problem.
Re: Unable to Resolve Domain User Accounts
i yet not solve this problem please help me to solve that problem.send some more information regarding this problem please. <a title="Ink cartridges" href="http://www.fazteck.co.uk/"><em><strong>Ink cartridges</strong></em></a>
|
Search
Recent Articles
Favourite blogs
|
||||
|
||||||