There may be a problem with the delegation of the infrastructure master role. The machine with the infrastructure master role updates the group-to-user reference whenever group memberships change and replicates these changes across the domain. At any time, the infrastructure master role can be assigned to only one domain controller in each domain, so there's a chance that identity may have become corrupted. You can identify the computer holding the infrastructure master role by using the command netdom query fsmo and repair or replace the computer holding the infrastructure master role. It may be necessary to seize the infrastructure master role using the AD server in question.
Dig Deeper on Enterprise infrastructure management
Related Q&A from Serdar Yegulalp
This week, our expert answers the question of how to get DVD data off a disc, even if the user's PC doesn't have an optical drive.continue reading
This week, our expert answers a question on how to connect a phone or tablet to a USB drive with a micro-USB connector.continue reading
Open source and free suites such as LibreOffice and OpenOffice could save organizations money, but not effort in comparison with Microsoft Office.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.