DRA does not recognize the group specified for ADAM (NETIQKB72076)

DRA does not recognize the group specified for ADAM.

Unable to configure ADAM group management.

Install/upgrade fails when configuring the ADAM group.
Popup Error:

The specified group is invalid.
Verify the following information:

The group name is correct.
The group type is Local Security Group.
The group is not a builtin group.
The DRA service account is a member of this group.

To resolve this issue verify the following:

1. The group is a Domain Local Security Group and the DRA Service Account is a member of this group prior to install/upgrade.
2. The Domain Functional Level is in Native mode.  DRA will not recognize the group name provided if the functional level is Mixed mode.
3. Log on to the machine using the DRA Service Account credentials to perform the install/upgrade.
4. The AD domain is not a "single label" domain (ie: Company instead of Company.com).  While it is possible to create single label domains natively, Microsoft discourages this practice.  DRA may be able to manage single label domains once configured, but it is unable to resolve some group types in single label domains.  To work around this scenario, use the DRA Service Account name instead of the Domain Local Security Group name for the credentials.
5. In some environments, name resolution can also be a factor in being able to identify the group.  In these situations, host file entries can be created for all domain controllers in the domain the service account and ADAM group is created in.  Checking that the domain is present in the search order in DNS can also ensure name resolution.

There are a number of different scenarios that may cause DRA to fail to recognize the group being specified for ADAM management during install or upgrade.

Formerly known as NETIQKB72076