Jump to content

Add Domain user to local group from local accout

heinda

By heinda
in AutoIt General Help and Support

 Share

Recommended Posts

heinda Seeker

heinda

Posted
Posted

Hi,

I want to add a domain user to the local group administrators. The problem is, that I want to execute this script with a local accout on the client machine (software distribution account).

If I use for example "net localgroup Administrators /add DOMAIN\USERNAME" I get the error = System error 1789 has occurred. The trust relationship between this workstation and the primary domain failed.

Because the local account is not member of the domain.

Any ideas?

99ojo Universalist

99ojo

Posted
Posted

Hi,

I want to add a domain user to the local group administrators. The problem is, that I want to execute this script with a local accout on the client machine (software distribution account).

If I use for example "net localgroup Administrators /add DOMAIN\USERNAME" I get the error = System error 1789 has occurred. The trust relationship between this workstation and the primary domain failed.

Because the local account is not member of the domain.

Any ideas?

Hi,

you have a problem with your machine account. Reassign Domain membership.

See also http://support.microsoft.com/kb/162797

;-))

Stefan

Juvigy Universalist

Juvigy

Posted
Posted

I am not 100% sure but:

This is not possible - when you add a domain account from a local account the domain would ask for domain credentials.

Your local account doesnt have it. If you do it from a domain account that have admin rights it would work.

99ojo Universalist

99ojo

Posted
Posted

I am not 100% sure but:

This is not possible - when you add a domain account from a local account the domain would ask for domain credentials.

Your local account doesnt have it. If you do it from a domain account that have admin rights it would work.

Hi,

@heinda want's to add a domain account to a localgroup.

If you are local administrator, you can add every domain account into localgroups without problems.

Some Exceptions:

1) The trust relationship of workstation is broken (see @heinda)

2) The group everyone has no read access on AD. By default Everyone has read access

3) The account does not exist

4) Networkproblems

..........

;-))

Stefan

Juvigy Universalist

Juvigy

Posted
Posted

I guess it is this :

2) The group everyone has no read access on AD. By default Everyone has read access

On our domain only domain accounts have read access.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...