"Failed to retrieve trustees in selected domain" when adding Domain users to a security role via NS Console
search cancel

"Failed to retrieve trustees in selected domain" when adding Domain users to a security role via NS Console

book

Article ID: 177048

calendar_today

Updated On:

Products

IT Management Suite

Issue/Introduction

The following error messages are seen when you attempt to add a user to a security role via the NS console:

Process: AeXSvc (8860)
Thread ID: 81
Module: AeXSVC.exe
Source: SecurityDirectoryWinNTProvider
Description: Unable to export security data from WinNT provider. Inner: System.Runtime.InteropServices.COMException (0x80070775): The referenced account is currently locked out and may not be logged on to.

   at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
   at System.DirectoryServices.DirectoryEntry.Bind()
   at System.DirectoryServices.DirectoryEntry.get_IsContainer()
   at System.DirectoryServices.DirectoryEntries.CheckIsContainer()
   at System.DirectoryServices.DirectoryEntries.get_SchemaFilter()
   at Altiris.NS.Security.SecurityDirectoryWinNTProvider.ExportDirectoryData(RecordData recordData, String domain, String searchString, Boolean wildCardSearching, Int32 pageSize, TimeSpan timeOut)

And

Process: w3wp (3048)
Thread ID: 10
Module: w3wp.exe
Source: Altiris.NS.UI.CoreWebService.EndSecurityTrusteeExport
Description: Error occurred in method EndSecurityTrusteeExport.

( Exception Details: System.Resources.MissingManifestResourceException: Could not find any resources appropriate for the specified culture or the neutral culture.  Make sure "System.Runtime.Remoting.Messaging.StackBuilderSink.resources" was correctly embedded or linked into assembly "mscorlib" at compile time, or that all the satellite assemblies required are loadable and fully signed.

Server stack trace:
   at System.Resources.ResourceManager.InternalGetResourceSet(CultureInfo culture, Boolean createIfNotExists, Boolean tryParents)
   at Altiris.NS.Utilities.AltirisResourceManager.InternalGetResourceSet(CultureInfo culture, Boolean createIfNotExists, Boolean tryParents)
   at System.Resources.ResourceManager.InternalGetResourceSet(CultureInfo culture, Boolean createIfNotExists, Boolean tryParents)
   at Altiris.NS.Utilities.AltirisResourceManager.InternalGetResourceSet(CultureInfo culture, Boolean createIfNotExists, Boolean tryParents)
   at System.Resources.ResourceManager.InternalGetResourceSet(CultureInfo culture, Boolean createIfNotExists, Boolean tryParents)
   at Altiris.NS.Utilities.AltirisResourceManager.InternalGetResourceSet(CultureInfo culture, Boolean createIfNotExists, Boolean tryParents)
   at System.Resources.ResourceManager.GetString(String name, CultureInfo culture)
   at Altiris.NS.Utilities.AltirisResourceManager.GetString(String name, CultureInfo ci)
   at Altiris.NS.Utilities.AltirisResourceManager.GetString(String name)
   at Altiris.NS.TaskManagement.TaskManagerService.Stop(String taskID)
   at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr md, Object[] args, Object server, Int32 methodPtr, Boolean fExecuteInContext, Object[]& outArgs)
   at System.Runtime.Remoting.Messaging.StackBuilderSink.PrivateProcessMessage(RuntimeMethodHandle md, Object[] args, Object server, Int32 methodPtr, Boolean fExecuteInContext, Object[]& outArgs)
   at System.Runtime.Remoting.Messaging.StackBuilderSink.SyncProcessMessage(IMessage msg, Int32 methodPtr, Boolean fExecuteInContext)

Exception rethrown at [0]:
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at Altiris.NS.TaskManagement.ITaskManager.Stop(String taskID)
   at Altiris.NS.TaskManagement.TaskManager.Stop(String taskID)
   at Altiris.NS.Security.SecurityDirectoryExporter.Finish(Boolean localMachine, String taskId)
   at Altiris.NS.UI.CoreWebService.EndSecurityTrusteeExport(Int32 localMachine, String taskID) )
( Exception logged from:
   at Altiris.Diagnostics.Logging.EventLog.ReportException(Int32 severity, String strMessage, String category, Exception exception)
   at Altiris.Diagnostics.Logging.EventLog.ReportException(String strMessage, String category, Exception exception)
   at Altiris.NS.Logging.EventLog.ReportException(String strMessage, Exception exception)
   at Altiris.NS.UI.CoreWebService.EndSecurityTrusteeExport(Int32 localMachine, String taskID)
   at System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[] arguments, SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
   at System.RuntimeMethodHandle.InvokeMethodFast(Object target, Object[] arguments, Signature sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
   at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)
   at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   at System.Web.Services.Protocols.LogicalMethodInfo.Invoke(Object target, Object[] values)
   at System.Web.Services.Protocols.WebServiceHandler.Invoke()
   at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
   at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
   at System.Web.Script.Services.ScriptHandlerFactory.HandlerWrapper.ProcessRequest(HttpContext context)
   at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
   at System.Web.HttpApplication.ApplicationStepManager.ResumeSteps(Exception error)
   at System.Web.HttpApplication.System.Web.IHttpAsyncHandler.BeginProcessRequest(HttpContext context, AsyncCallback cb, Object extraData)
   at System.Web.HttpRuntime.ProcessRequestInternal(HttpWorkerRequest wr)
   at System.Web.HttpRuntime.ProcessRequestNoDemand(HttpWorkerRequest wr)
   at System.Web.Hosting.ISAPIRuntime.ProcessRequest(IntPtr ecb, Int32 iWRType)
 )
( Extra Details:  Type=System.Resources.MissingManifestResourceException Src=mscorlib )

Or

Process: w3wp (3048)
Thread ID: 10
Module: w3wp.exe
Source: Altiris.NS.UI.CoreWebService.EndSecurityTrusteeExport
Description: Error occurred in method EndSecurityTrusteeExport.

( Exception Details: System.Resources.MissingManifestResourceException: Could not find any resources appropriate for the specified culture or the neutral culture.  Make sure "System.Runtime.Remoting.Messaging.StackBuilderSink.resources" was correctly embedded or linked into assembly "mscorlib" at compile time, or that all the satellite assemblies required are loadable and fully signed.

Server stack trace:
   at System.Resources.ResourceManager.InternalGetResourceSet(CultureInfo culture, Boolean createIfNotExists, Boolean tryParents)
   at Altiris.NS.Utilities.AltirisResourceManager.InternalGetResourceSet(CultureInfo culture, Boolean createIfNotExists, Boolean tryParents)
   at System.Resources.ResourceManager.InternalGetResourceSet(CultureInfo culture, Boolean createIfNotExists, Boolean tryParents)
   at Altiris.NS.Utilities.AltirisResourceManager.InternalGetResourceSet(CultureInfo culture, Boolean createIfNotExists, Boolean tryParents)
   at System.Resources.ResourceManager.InternalGetResourceSet(CultureInfo culture, Boolean createIfNotExists, Boolean tryParents)
   at Altiris.NS.Utilities.AltirisResourceManager.InternalGetResourceSet(CultureInfo culture, Boolean createIfNotExists, Boolean tryParents)
   at System.Resources.ResourceManager.GetString(String name, CultureInfo culture)
   at Altiris.NS.Utilities.AltirisResourceManager.GetString(String name, CultureInfo ci)
   at Altiris.NS.Utilities.AltirisResourceManager.GetString(String name)
   at Altiris.NS.TaskManagement.TaskManagerService.Stop(String taskID)
   at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr md, Object[] args, Object server, Int32 methodPtr, Boolean fExecuteInContext, Object[]& outArgs)
   at System.Runtime.Remoting.Messaging.StackBuilderSink.PrivateProcessMessage(RuntimeMethodHandle md, Object[] args, Object server, Int32 methodPtr, Boolean fExecuteInContext, Object[]& outArgs)
   at System.Runtime.Remoting.Messaging.StackBuilderSink.SyncProcessMessage(IMessage msg, Int32 methodPtr, Boolean fExecuteInContext)

Exception rethrown at [0]:
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at Altiris.NS.TaskManagement.ITaskManager.Stop(String taskID)
   at Altiris.NS.TaskManagement.TaskManager.Stop(String taskID)
   at Altiris.NS.Security.SecurityDirectoryExporter.Finish(Boolean localMachine, String taskId)
   at Altiris.NS.UI.CoreWebService.EndSecurityTrusteeExport(Int32 localMachine, String taskID) )
( Exception logged from:
   at Altiris.Diagnostics.Logging.EventLog.ReportException(Int32 severity, String strMessage, String category, Exception exception)
   at Altiris.Diagnostics.Logging.EventLog.ReportException(String strMessage, String category, Exception exception)
   at Altiris.NS.Logging.EventLog.ReportException(String strMessage, Exception exception)
   at Altiris.NS.UI.CoreWebService.EndSecurityTrusteeExport(Int32 localMachine, String taskID)
   at System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[] arguments, SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
   at System.RuntimeMethodHandle.InvokeMethodFast(Object target, Object[] arguments, Signature sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
   at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)
   at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   at System.Web.Services.Protocols.LogicalMethodInfo.Invoke(Object target, Object[] values)
   at System.Web.Services.Protocols.WebServiceHandler.Invoke()
   at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
   at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
   at System.Web.Script.Services.ScriptHandlerFactory.HandlerWrapper.ProcessRequest(HttpContext context)
   at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
   at System.Web.HttpApplication.ApplicationStepManager.ResumeSteps(Exception error)
   at System.Web.HttpApplication.System.Web.IHttpAsyncHandler.BeginProcessRequest(HttpContext context, AsyncCallback cb, Object extraData)
   at System.Web.HttpRuntime.ProcessRequestInternal(HttpWorkerRequest wr)
   at System.Web.HttpRuntime.ProcessRequestNoDemand(HttpWorkerRequest wr)
   at System.Web.Hosting.ISAPIRuntime.ProcessRequest(IntPtr ecb, Int32 iWRType)
 )
( Extra Details:  Type=System.Resources.MissingManifestResourceException Src=mscorlib )

Environment

ITMS 8.x

Cause

The Application Identity used by the Notification Server is set to a Local Admin account. Local administrators do not have domain READ rights.

Resolution

Ensure that the following criteria are met:

  1. The Notification Server Application Identity Account is set to a Domain user (Does not have to be a domain admin)
  2. Ensure that the App ID account is in the Local Administrators Group on the Notification Server

Once those 2 criteria are met, you should be able to select users to add to the security group. If your domain is locked down, you may need to grant more privileges if the above does not work.