none
Error 15401: Windows NT user or group not found. Check the name again

Answers

  • Hi DevXYZ,

    Have you checked the other possible reasons for this issue?

    The login does not exist

    1. Verify that the Windows login still exists in the domain. Your network administrator may have removed the Windows login for specific reasons, and you may not be able to grant that login access to the SQL Server.
    2. Verify that you are spelling the domain and login name correctly and that you are using the following format:

    Domain\User

    1. If the login exists, and it is correct, and you still receive the error, continue with the following sections in this article.

    Duplicate security identifiers

    In a Windows domain, unique Security Identifiers (SIDs) are automatically assigned to Windows logins in the domain. When you add a Windows login as a SQL Server login, the SID is stored in a system table in SQL Server. If you try to add a new login which has the same SID as an existing SQL Server login, the 15401 error occurs.

    Authentication failure

    You might receive error 15401 when the domain controller for the domain where the login resides (the same or a different domain) is not available for some reason. 

    1. If the login is in a different domain than the SQL Server, verify that the correct trusts exist between the domains.
    2. Verify that the domain controller of the login is accessible by using the ping command from the computer that is running SQL Server. Check both the IP address and the name of the domain controller.

    After you tried all the possible methods list above, you still receive the same error, please check the error log as Dean Savović mentioned above and share us the detailed error message here as we can analysis further.

    Thanks

    Candy Zhou

    Monday, September 23, 2013 6:14 AM

All replies

  • Did you try this? Courtesy of Swarndeep (http://talksql.blogspot.com/2009/10/windows-nt-user-or-group-domainuser-not.html):

    1. From the SQL Server running Windows 2008 R2, Click Start-> Run and type the command GPEDIT.MSC. This will open the Policy Editor.
    2. From Policy Editor Expand “Computer configuration” - > Windows Settings -> Security Setttings -> Local Policies -> Security Options.
    3. You will see all security policies on right hand side window. Make changes into the following two policies.
    4. Domain member: Digitally encrypt secure channel data (when possible) – Disable this policy
    5. Domain member: Digitally sign secure channel data (when possible) – Disable this policy
    6. After making these changes, close the policy editor and reboot the box. (Not SQL Server, but restart entire system).

    Also, did you go through event log and SQL Server error log to see if there is a problem with communication between SQL Server and Active Directory domain server.


    Regards, Dean Savović

    Friday, September 20, 2013 6:55 PM
  • Hi DevXYZ,

    Have you checked the other possible reasons for this issue?

    The login does not exist

    1. Verify that the Windows login still exists in the domain. Your network administrator may have removed the Windows login for specific reasons, and you may not be able to grant that login access to the SQL Server.
    2. Verify that you are spelling the domain and login name correctly and that you are using the following format:

    Domain\User

    1. If the login exists, and it is correct, and you still receive the error, continue with the following sections in this article.

    Duplicate security identifiers

    In a Windows domain, unique Security Identifiers (SIDs) are automatically assigned to Windows logins in the domain. When you add a Windows login as a SQL Server login, the SID is stored in a system table in SQL Server. If you try to add a new login which has the same SID as an existing SQL Server login, the 15401 error occurs.

    Authentication failure

    You might receive error 15401 when the domain controller for the domain where the login resides (the same or a different domain) is not available for some reason. 

    1. If the login is in a different domain than the SQL Server, verify that the correct trusts exist between the domains.
    2. Verify that the domain controller of the login is accessible by using the ping command from the computer that is running SQL Server. Check both the IP address and the name of the domain controller.

    After you tried all the possible methods list above, you still receive the same error, please check the error log as Dean Savović mentioned above and share us the detailed error message here as we can analysis further.

    Thanks

    Candy Zhou

    Monday, September 23, 2013 6:14 AM