Cannot Add Local Account to Local Group With NET LOCALGROUP
Article ID: 148162
Article Last Modified on 11/1/2006
APPLIES TO
- Microsoft Windows NT Server 3.5
- Microsoft Windows NT Server 3.51
- Microsoft Windows NT Server 4.0 Standard Edition
This article was previously published under Q148162
SYMPTOMS
When you use the NET LOCALGROUP command to add or delete a local account to
or from a local group on a Windows NT domain controller, the following
error message appears:
There is no such global user or group: <local account>
The command syntax is as follows:
net localgroup <local group> <local account> /<ADD or DELETE>
CAUSE
When you use the NET LOCALGROUP command, the domain controller looks for
accounts with the USER_NORMAL_ACCOUNT flag. Local accounts on a domain
controller have the USER_TEMP_DUPLICATE_ACCOUNT flag.
RESOLUTION
To work around this problem, use User Manager for Domains to add or delete
local accounts to local groups. Note that the local group and account must
exists prior to using the "net localgroup <local group> <local account>
/<ADD" command or the error above will be encountered. It is not necessary
to delete user accounts from local groups when using using the /delete
option
STATUS
Microsoft has confirmed this to be a problem in Windows NT Workstation and
Server versions 3.51 and 4.0. We are researching this problem and will post
new information here in
the Microsoft Knowledge Base as it becomes available.
Additional query words: prodnt acct grp security
Keywords: kbnetwork KB148162