AD "Unable to contact server"

by komarto at 2013-02-13 00:29:03


I have an Active directory script that uses Get-adgroupmember when I run the script from CMD it works.
But when I run it from the task scheduler the active directory part of the script Get-adgroupmember does not work.

I managed to send the eventlog the $error content which is :
Unable to contact the server. This may be because this server does not exist, it is currently down, or it does not have the Active Directory Web Services running.

The above message is weird because in command line the script works great it connects to the active directory with a parameter passed from outside the script and retrieves a user list to send mail and sms to.
How come that from cmd the script find the AD and from task scheduler it does not?

Please advise,
by Klaas at 2013-02-13 01:34:09
Does the scheduled task run with credentials of a domain administrator?
by komarto at 2013-02-13 03:58:52
I am running the task under a domain user.

Here is the piece of the problematic code, you can break down the $results line to get the error.

The first piece of Get-adgroupmember is not working for me.

import-module ActiveDirectory
$AdGroup = "test"
Write-EventLog -LogName "Messaging LOG" -Source "APP" -EventId 1 -EntryType Information -Message "going to pull ad"
$Results = Get-adgroupmember $AdGroup -Recursive | ForEach-Object {Get-ADuser $_.SID -properties mobile,EmailAddress}|select SamAccountName,mobile,EmailAddress
Write-EventLog -LogName "Messaging LOG" -Source "APP" -EventId 1 -EntryType Information -Message "$Results"
Write-EventLog -LogName "Messaging LOG" -Source "APP" -EventId 1 -EntryType Information -Message "$Error"

Try running this in cmd, and then in TaskScheduler

I also tried providing the –server switch in the Get-adgroupmember cmdlet, But it did not work.

Please advise,

Hey komarto,

I am facing same issue … Did you get solution ?

Plain domain users does not have access to group membership
account must have the “Read Group Membership” right

read about “RAS and IAS Servers” group - it’s the asiest way to get such access right