Adding Windows User with the snapin

Topics: MMC SnapIn
May 10, 2012 at 7:00 PM

I'm having some issues adding users using the NetSqlAzMan snapin.

I'm attempting to add users to a role. I right click on the role and click on Manage Authorizations. I then select the Add Windows Users and Groups button and in the edit box add a valid network user id. If I click on the Check Names button the edit box is updated with the users information for example:

I enter BJones and click check names

The data is updated to Bob Jones (bjones@mydomain.com).

Good so far...when I click on the OK button I get an Item Authorizations Error, The trust relationship between this workstation and the primary domain failed.

Any idea what could be causing this?

Thanx

Coordinator
May 11, 2012 at 12:17 PM

I think that you have some problems between your Workstation and Domain.

This is not a NetSqlAzMan issue (usually).

Try to ask a Domain Administrator for same strange domain policies.

__________________________________
Andrea Ferendeles
NetSqlAzMan Project Coordinator
E-mail aferende@hotmail.com Web http://netsqlazman.codeplex.com

May 11, 2012 at 3:23 PM

OK...after a bunch of messing around with the our Network Admin we figured this out.

The error means exactly what it says...the cause is that the secure channel, the security channel, between the machine and the domain controller is out of sync. It appears the the encryption keys got out of sync. To reset the the security channel use Netdom.exe

netdom reset <machinename> /domain:<domainname>

Where:

<machinename>, is the name of the machine experiencing the issue.

<domainname>, is the name of the domain on which the machine resides.

This resolved the issue. We found the Check Access tool, on the store context menu in the snapin to be very helpful.

 


Developer
May 11, 2012 at 3:25 PM

VERY NICE FIND!  Someone will appreciate the detailed post in the future, for sure.