Error Adding Domain User

This topic provides troubleshooting steps for addressing errors encountered while adding domain users. These errors include:

Issue Error Message
When attempting to add a user via Server Configuration > Users, you receive an "Error Adding User" message. Error creating user domain\username: Access Denied (16) - Unable to check for user domain\username's existence. Access denied? Missing Domain?
When attempting to switch the Aspera service account via asuser-services.bat, you receive a "User set up error" message. username@domain.com may not be an existing domain account. Please create the domain account and re-run. (Windows error: 1722)
During the MSI product installation, you attempt to define the Aspera service account as a domain user account and you receive an error message. username@domain.com may not be an existing domain account. Please create the domain account then re-run.

If you have encountered any of the preceding issues, follow the troubleshooting steps below.

  1. Confirm that you are using a Domain Admin account to perform the actions listed in the table above.
  2. Confirm that the Domain Admin account used to perform the actions listed in the table above has Local Administrator privileges.
    If it does not, add the account to the local Administrators group.
  3. In addition to Local Administrator privileges, grant the account GenericRead access to the target user account in Active Directory. To do so, follow the sub-steps below.
    Windows 2008 R2
    Step Description
    A From a computer and user account that has access to Active Directory, go to Administrative Tools > Active Directory Administrative Center.

    Note: The Active Directory Administrative Center is installed when you add the Active Directory Domain Services (AD DS) server role through the Windows 2008 R2 Server Manager.
    B Select Users, right-click the user account, and then click Properties.
    C Select Extensions > Security.
    D Add the user account performing the actions listed in the table above, and mark Allow for Read permissions.
    E Click Apply and then OK.
    Important: You may need to reboot the server to ensure that the Active Directory changes have been propagated to the server.
  4. Re-attempt the original action(s).