Resolution
fact
Directory and Resource Administrator 6.x
fact
Directory and Resource Administrator 7.x
symptom
Error: ''OnePoint://CN=X-X-X-XX-XXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-XXXX,CN=ForeignSecurityPrincipals,DC=XXXXXX,DC=XXXXX,DC=com' does not exist'.
symptom
Performing a GroupMemberRemove or GroupMemberAdd operation generates an error.
symptom
Adding user accounts from an external trusted domain to a group is successful. Trying to remove these members from the group generates an error.
cause
The issue is a known Microsoft issue and results when a Pre-Service Pack 4 hotfix is installed that does not contain the correct version of Ntdsa.dll file.
fix
note
To confirm that the issue is the issue detailed in the Microsoft article, try and remove the same user from the group via Active Directory Users and Computers.
Directory and Resource Administrator 6.x
fact
Directory and Resource Administrator 7.x
symptom
Error: ''OnePoint://CN=X-X-X-XX-XXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-XXXX,CN=ForeignSecurityPrincipals,DC=XXXXXX,DC=XXXXX,DC=com' does not exist'.
symptom
Performing a GroupMemberRemove or GroupMemberAdd operation generates an error.
symptom
Adding user accounts from an external trusted domain to a group is successful. Trying to remove these members from the group generates an error.
cause
The issue is a known Microsoft issue and results when a Pre-Service Pack 4 hotfix is installed that does not contain the correct version of Ntdsa.dll file.
fix
This issue is detailed in the following Microsoft KB article. This issue is addressed in Windows 2000 Service Pack 4.
Cannot Add a User or Group to a Trusted Domain
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B810070
note
To confirm that the issue is the issue detailed in the Microsoft article, try and remove the same user from the group via Active Directory Users and Computers.
Additional Information
Formerly known as NETIQKB25909