Directory and Resource Administrator 6.x
Directory and Resource Administrator 7.x
ForeignSecurityPrincipals cannot be displayed or managed by Directory and Resource Administrator.
Group memberships display differently than Native Tools.
Customer migrated users accounts from a NT4 domain maintaining SID history during the migration. This was done using the DMA product. The NT4 domain has been dismantled and no longer exists. Using Native Tools, ADU&C, shows group memberships that may contain more members than when viewed with the DRA client. The missing members are determined to be ForeignSecurityPrincipal objects. Since DRA does not display ForeignSecurityPrincipals, they cannot be deleted from the group using the DRA clients.
DRA does not support ForeignSecurityPrincipal objects.
This behavior is by design. Directory and Resource Administrator (DRA) does not currently support ForeignSecurityPrincipal objects.
The next release of DRA (version 8.0) will support ForeignSecurityPrincipal objects.