If you know you attend within a many Active Directory Groups then its possible to receive an error if you try to add additional users into e.g. administration group on a certain server. Not enough storage / memory - well then then try to add the following:
Registry: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters
new DWORD Value
name: MaxTokenSize
value (Decimal): 65535
after adding this registry key you have to reboot the server and then it works. Why exactly that happens I don't know but it happens if an active directory account attends to much active directory groups.
since this have to be done on every single machine it should be covered in a company rule which is distributed to every machine then this cause eventually also other problems.
Wednesday, September 30, 2009
Not enough storage available to add a user into Admin group
Subscribe to:
Post Comments (Atom)
Posts
No comments:
Post a Comment