System Groups

Some of my machines (all XP sp2) are not allowing me to add AD accounts to
the Local PC Groups. In all cases, the Domain Admin is an Administrator on
the local PC. Now, a few machines don't show the Domain Admin but rather a
red question mark over the person for the icon, and instead of "Domain
Admin", it read what looks like a SID.

When I try to browse for a domain account, locations only shows the local PC
and does not have any drill down for Entire Network and so on. However, I do
have network resources and can get to the DC and other servers.

Any ideas why this may be happening?

In news:129E50DE-3DD1-4579-AD1A-5B5B7C1941BB@microsoft.com,
John <John@discussions.microsoft.com> typed:
> Some of my machines (all XP sp2) are not allowing me to add AD
> accounts to the Local PC Groups. In all cases, the Domain Admin is
> an Administrator on the local PC. Now, a few machines don't show the
> Domain Admin but rather a red question mark over the person for the
> icon, and instead of "Domain Admin", it read what looks like a SID.
>
> When I try to browse for a domain account, locations only shows the
> local PC and does not have any drill down for Entire Network and so
> on. However, I do have network resources and can get to the DC and
> other servers.
>
> Any ideas why this may be happening?

First thing, make sure all computers & servers are set up properly for AD
DNS. Meaning, they all point *only* to your AD-integrated DNS server
(presuming you use that) IP and not to any external/public IPs for DNS.
Can you manage the PCs remotely in ADUC and add the groups you wish therein?

I found that the PC DNS was incorrect. Corrected and works fine.

"Lanwench [MVP - Exchange]" wrote:

>
>
> In news:129E50DE-3DD1-4579-AD1A-5B5B7C1941BB@microsoft.com,
> John <John@discussions.microsoft.com> typed:
> > Some of my machines (all XP sp2) are not allowing me to add AD
> > accounts to the Local PC Groups. In all cases, the Domain Admin is
> > an Administrator on the local PC. Now, a few machines don't show the
> > Domain Admin but rather a red question mark over the person for the
> > icon, and instead of "Domain Admin", it read what looks like a SID.
> >
> > When I try to browse for a domain account, locations only shows the
> > local PC and does not have any drill down for Entire Network and so
> > on. However, I do have network resources and can get to the DC and
> > other servers.
> >
> > Any ideas why this may be happening?
>
> First thing, make sure all computers & servers are set up properly for AD
> DNS. Meaning, they all point *only* to your AD-integrated DNS server
> (presuming you use that) IP and not to any external/public IPs for DNS.
> Can you manage the PCs remotely in ADUC and add the groups you wish therein?
>
>
>

In news:8C2D16CF-059C-4137-8598-141FA9B3878E@microsoft.com,
John <John@discussions.microsoft.com> typed:
> I found that the PC DNS was incorrect. Corrected and works fine.

Glad it's working.

>
> "Lanwench [MVP - Exchange]" wrote:
>
>>
>>
>> In news:129E50DE-3DD1-4579-AD1A-5B5B7C1941BB@microsoft.com,
>> John <John@discussions.microsoft.com> typed:
>>> Some of my machines (all XP sp2) are not allowing me to add AD
>>> accounts to the Local PC Groups. In all cases, the Domain Admin is
>>> an Administrator on the local PC. Now, a few machines don't show
>>> the Domain Admin but rather a red question mark over the person for
>>> the icon, and instead of "Domain Admin", it read what looks like a
>>> SID.
>>>
>>> When I try to browse for a domain account, locations only shows the
>>> local PC and does not have any drill down for Entire Network and so
>>> on. However, I do have network resources and can get to the DC and
>>> other servers.
>>>
>>> Any ideas why this may be happening?
>>
>> First thing, make sure all computers & servers are set up properly
>> for AD DNS. Meaning, they all point *only* to your AD-integrated DNS
>> server (presuming you use that) IP and not to any external/public
>> IPs for DNS.
>> Can you manage the PCs remotely in ADUC and add the groups you wish
>> therein?