Forum Discussion
SP 2019 - no longer able to add AD security group to Sharepoint Group for permissions
We have SP 2019 on premise. Recently, we attempted to add an AD local security group to a SP group to give permission to a collection. The name resolves but when I hit the share the group does not show up in the permission list. No indication of any action at all nor any errors that I could see. We were able to last Tuesday as I see a group in there with that date added by our developer. If we attempt to add an AD user to the permission group it works just fine. This would be painful if we have to add users this way. I believe there was an update ran over the weekend but need to confirm. We checked other collections and seems to the same case throughout the entire site. Is there anything I can check or verify as to why an AD sec group can no longer be added?
7 Replies
- Can you check the ULS logs and see what log activity there is? You may need to set the log to verbose, Set-SPLogLevel -TraceSeverity Verbose.
Trevor Seward Hey Trevor, thanks for the response. I looked at those logs and it looks like the user profile sync service account is not working. The account is not locked so I'm not sure if its a different issue as the error indicates a failure to decrypt the connection password. I have not seen this error before. I rather not change the password yet as I think my old sharepoint admin used it elsewhere which we are identifying. Would this be related to my inability to add AD security groups to sharepoint permission.
General 7200 Critical Failed to decrypt connection password for ConnectionForectName 'domain.local', ConnectionSynchronizationOU 'DC=SOG,DC=Local', ConnectionUserName 'domain\account'. Please refresh connection credentials. a77c6a9f-4b17-a0cf-6cd8-e9f87678dff3
- Essentially that is saying you need to re-enter the credentials for the Sync account in the AD Import configuration screen.
