[RESOLVED] Adding a domain user to a local group when the domain is unreachable.

Questions about WAPT Packaging / Requests and help regarding Wapt packages.
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Locked
croquebert
Messages: 33
Registration: March 30, 2022 - 5:41 PM

September 8, 2022 - 5:18 PM

Hello everyone,

Context:
Working remotely without a VPN
WAPT version: 2.2 Enterprise
Server OS: Debian 11
OS administration console: Win10pro
OS package dev station: Win10pro

I want to add domain users who have already logged in to a given machine (cached credentials) to a local group. The machine is joined to the domain.
I use your add_user_to_group function for this.
When the station is able to reach the domain, there is no problem.

When the domain is unreachable, the addition fails with the Windows error code (same if I use call('net localgroup ...')):

Code: Select all

détail de l'erreur: (1355, 'NetUserGetLocalGroups', 'Le domaine spécifié n’existe pas ou n’a pas pu être contacté.')
This addition is a prerequisite for us before sending the VPN configuration to the workstation (and therefore no upstream VPN), precisely to allow remote access to domain resources.

Have you ever encountered this use case? If so, did you solve it (I haven't found much in the Microsoft documentation on this)?


Christophe.
High
User avatar
dcardon
WAPT Expert
Messages: 1932
Registration: June 18, 2014 - 09:58
Location: Saint Sébastien sur Loire
Contact :
Contact dcardon

September 9, 2022 - 11:18

Good morning,

is this something you could try with a

Code: Select all

net localgroup administrateurs NOM_DOMAIN_NETBIOS\nom_utilisateur /add


By correctly entering the NetBIOS name (not the DNS name) of the domain. It seems that if the NetBIOS name is used and the user is preloaded, it works.

Sincerely,

Denis
Denis Cardon - Tranquil IT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
High
User avatar
dcardon
WAPT Expert
Messages: 1932
Registration: June 18, 2014 - 09:58
Location: Saint Sébastien sur Loire
Contact :
Contact dcardon

September 19, 2022 - 4:16 PM

In the absence of further information, I am closing this topic.

Regards,

Denis
Denis Cardon - Tranquil IT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
High
Locked

Return to “WAPT Packages”


  • To go further with WAPT