locked
error 15401 when ADDING GROUP AS USER RRS feed

  • Question

  • I have a W2K domain with 2 W2K domain controllers. I added a new server running Windows 2008 server 64 bit. It is running SQL Server 2008 mixed authentication mode. The new server has joined the domain successfully. I can add an existing W2K domain user as a login to the new server just fine. Whenever I try to add an existing group as a login to the new server, I get error 15401. I can see the domain group using the find features. I know how to do all of this. The domain controllers are both available as I can ping them by name and by IP. Any help would be appreciated.
    Monday, February 22, 2010 1:56 AM

Answers

All replies

  • The most likely reason for such failure is  due to the fact that SQL Server cannot gather the information for this group from the domain controller. Please make sure that the service account used to run SQL Server has permission to query the domain controller (in most cases being a member of the domain is sufficient to query the domain controller).


    Did you try using sp_grantlogin 'ad\name_of_your_group' ?


    By the way make sure these is no mismatch in casing of alphabets in the group name.


    Thanks, Leks
    Monday, February 22, 2010 2:11 AM
  • I did try sp_grantlogin, same result. As I said, I can add a single user with either method, just not a group.
    I logged in to the server using a domain login.
    I checked the spelling and case of the user group.

    This leads me to believe that:

    1. I have connectivity to the domian

    2. The service account has the proper permissions

    Still looking for an answer
     
    Monday, February 22, 2010 12:42 PM
  • I found the solution. I applied the patch described in this link and it fixed our problem.

    http://support.microsoft.com/default.aspx/kb/976494



    • Proposed as answer by Lekss Monday, February 22, 2010 7:51 PM
    • Marked as answer by Alex Feng (SQL) Tuesday, February 23, 2010 7:43 AM
    Monday, February 22, 2010 7:00 PM