Share via

Why active directory objects appears as SID instead of names on local groups?

Josep M. Gorro 0 Reputation points
2024-06-14T19:07:11.05+00:00

Dear all.

I'm installing a W2022 server as a member domain. It appears as enrolled without any issue. Also, when I log in as an AD user, I get proper rights, file access, login scripts are execuded and all seems to run fine.

But when I add some ad object (like a user) into a local group (like remote desktop allowed users) is added but it appears as a SID instead of object name.

I'm still running a 2012R2 and this behavior does not appear.

Any idea why is this happening?

Thanks.

Windows for business Windows Client for IT Pros User experience Other
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Marcin Policht 49,640 Reputation points MVP Volunteer Moderator
    2024-06-14T20:00:06.2066667+00:00

    Two potential reasons:

    • the object is a foreign security principal (it originates from a trusted forest)
    • the object resides in another domain in the same forest and the Infrastructure Master FSMO role in the local domain is not functional

    If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.

    hth

    Marcin

  2. Yanhong Liu 14,195 Reputation points Microsoft External Staff
    2024-06-17T07:07:56.3+00:00

    Hello,

    Thank you for posting in Q&A forum.

    Based on your description, here are some suggestions:

    1. Verify FSMO roles: Check whether the infrastructure master FSMO role in the domain is normal. If it is not normal, it may cause problems. You can use the "netdom query fsmo" command to check the status of the FSMO role.
    2. Check DNS resolution: Make sure that the Windows Server 2022 computer uses the correct DNS servers that can correctly resolve the DC's IP and other domain resources. Incorrect DNS settings may cause problems resolving SIDs to names.
    3. Check trust relationships: If the object is an external security principal, it means that it originates from a trusted forest. You may need to check the trust relationship between forests.
    4. Update Windows Server 2022: Make sure your Windows Server 2022 has the latest updates and patches installed. Sometimes Microsoft fixes problems in a specific version of the operating system through updates.
    5. If the above solution does not work, you can try to remove the server from the domain and then add it again.

    Best Regards,

    Yanhong Liu

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.