AD "Unable to contact server"

This topic contains 2 replies, has 3 voices, and was last updated by Profile photo of Max Kozlov Max Kozlov 1 year, 7 months ago.

  • Author
    Posts
  • #6273

    by komarto at 2013-02-13 00:29:03

    Hi,

    I have an Active directory script that uses Get-adgroupmember when I run the script from CMD it works.
    But when I run it from the task scheduler the active directory part of the script Get-adgroupmember does not work.

    I managed to send the eventlog the $error content which is :
    Unable to contact the server. This may be because this server does not exist, it is currently down, or it does not have the Active Directory Web Services running.

    The above message is weird because in command line the script works great it connects to the active directory with a parameter passed from outside the script and retrieves a user list to send mail and sms to.
    How come that from cmd the script find the AD and from task scheduler it does not?

    Please advise,
    Komar

    by Klaas at 2013-02-13 01:34:09

    Does the scheduled task run with credentials of a domain administrator?

    by komarto at 2013-02-13 03:58:52

    I am running the task under a domain user.

    Here is the piece of the problematic code, you can break down the $results line to get the error.

    The first piece of Get-adgroupmember is not working for me.

    import-module ActiveDirectory
    $AdGroup = "test"
    Write-EventLog -LogName "Messaging LOG" -Source "APP" -EventId 1 -EntryType Information -Message "going to pull ad"
    $Results = Get-adgroupmember $AdGroup -Recursive | ForEach-Object {Get-ADuser $_.SID -properties mobile,EmailAddress}|select SamAccountName,mobile,EmailAddress
    Write-EventLog -LogName "Messaging LOG" -Source "APP" -EventId 1 -EntryType Information -Message "$Results"
    Write-EventLog -LogName "Messaging LOG" -Source "APP" -EventId 1 -EntryType Information -Message "$Error"

    Try running this in cmd, and then in TaskScheduler

    I also tried providing the –server switch in the Get-adgroupmember cmdlet, But it did not work.

    Please advise,
    komar

  • #29273
    Profile photo of Windows LiveUser51
    Windows LiveUser51
    Participant

    Hey komarto,

    I am facing same issue ... Did you get solution ?

  • #29274
    Profile photo of Max Kozlov
    Max Kozlov
    Participant

    Plain domain users does not have access to group membership
    account must have the "Read Group Membership" right

    read about "RAS and IAS Servers" group – it's the asiest way to get such access right

You must be logged in to reply to this topic.