CTX110059 - Message: Invalid Account Name: User name YourDomainName\UserName is invalid. The Domain YourDomainName is not in the current list of domains... This document was published at: http://support.citrix.com/article/CTX110059 Document ID: CTX110059, Created on: Jun 9, 2006, Updated: Jun 9, 2006 Products: Citrix MetaFrame XP 1.0 for Microsoft NT 4.0 Server Terminal Server Edition, Citrix MetaFrame XP 1.0 for Microsoft Windows 2000, Citrix MetaFrame XP 1.0 for Microsoft Windows 2003, Citrix MetaFrame Presentation Server 3.0 for Microsoft Windows 2000, Citrix MetaFrame Presentation Server 3.0 for Microsoft Windows 2003, Citrix Presentation Server 4.0 for Microsoft Windows 2000, Citrix Presentation Server 4.0 for Microsoft Windows 2003 Symptoms When using the Management Console to manually enter an account to a published application or MetaFrame administrator, the following message may be received: Invalid Account Name User name YourDomainName\UserName is invalid. The Domain ?YourDomainName? is not in the current list of domains. You can add names that belong only to the current list of domains. Causes 1. CTX881878 ? The Domain does not Enumerate Within the Citrix Management Console In this case, the Domain Name ?FTLRLAB? is not in the current list of available domains. 2. Invalid / Misconfigured Trusts or Network / DNS issues. Resolution Create and verify the necessary Trust Relationships: 1. From the server running the Management Console, ensure a Management Console logon to the same server is used. 2. From this same server, open the Microsoft Management Console and add the Snap-in for Active Directory Domains and Trusts. 3. Right-click the Properties of the domain and choose the Trusts tab. 4. In this case, no Trust had ever been created. Because the other domain was in another Forest, a new Trust was created. See Help on the New Trust Wizard Screen for more information. 5. Because the currently logged on account existed with the same user name and password in both domains, and the account was part of both domains? Administrator?s Groups, the option to create the corresponding Trust was selected. 6. Generally, validating the Trust through its Properties is successful. When the validation is unsuccessful, there is usually a NetBIOS or a DNS issues. ?The Local Security Authority is unable to obtain an RPC connection to the domain controller ftlrlabad1.ftlrlab.support.citrix.com. Please check that the name can be resolved and that the server is available.? Validation of the corresponding Trust on the FTLRLAB domain was also unsuccessful. ?Windows cannot find a domain controller for the Brazil.com Domain. Verify that a DC is available and try again.? 7. The IMA Service on the Presentation Server 3.0 was restarted and the Management Console reopened. Note: Even though the Trust was invalid, the FTLRLAB domain now appears in the list of available domains. 8. In this case DNS was intentionally misconfigured. Attempting to select the trusted domain gave the following error: Error: Could not enumerate the user accounts in this Domain. There might be communication problems on the network. Error Code:80000001. CTX104902 ? Error: Could not enumerate the user accounts in this domain. Error Code 80000001 CTX101864 ? Error: Could not enumerate the user accounts in this Domain. There might be communication problems on the network. Error Code:80000001. 9. Because NetBIOS was correctly configured, manually adding the accounts as in the Symptoms section was successful. The account was successfully added. Additional Troubleshooting: 1. You were unable to ping the FQDN?s of the domain controllers on the other side of either corresponding Trust. You could successfully ping the FQDN?s of the Domain Controllers within the respective domains. For example: From Brazil.com attempting to ping either of the domain controllers in the FTLRLAB domain. C:\Documents and Settings\davidr>ping ftlrlabad1.ftlrlab.support.citrix.com Ping request could not find host ftlrlabad1.ftlrlab.support.citrix.com. Please check the name and try again. C:\Documents and Settings\davidr>ping ftlrlabad2.ftlrlab.support.citrix.com Ping request could not find host ftlrlabad2.ftlrlab.support.citrix.com. Please check the name and try again. 2. After modifying the host file on the Presentation Server in Brazil.com, For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost 10.3.x.x ftlrlabad1.ftlrlab.support.citrix.com 10.3.x.x ftlrlabad2.ftlrlab.support.citrix.com the ping attempts were successful. C:\Documents and Settings\davidr>ping ftlrlabad1.ftlrlab.support.citrix.com Pinging ftlrlabad1.ftlrlab.support.citrix.com [10.3.x.x] with 32 bytes of data : Reply from 10.3.x.x: bytes=32 time<1ms TTL=128 Reply from 10.3.x.x: bytes=32 time<1ms TTL=128 Reply from 10.3.x.x: bytes=32 time<1ms TTL=128 Reply from 10.3.x.x: bytes=32 time<1ms TTL=128 Ping statistics for 10.3.x.x: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms C:\Documents and Settings\davidr>ping ftlrlabad2.ftlrlab.support.citrix.com Pinging ftlrlabad2.ftlrlab.support.citrix.com [10.3.x.x] with 32 bytes of data: Reply from 10.3.x.x: bytes=32 time<1ms TTL=128 Reply from 10.3.x.x: bytes=32 time<1ms TTL=128 Reply from 10.3.x.x: bytes=32 time<1ms TTL=128 Reply from 10.3.x.x: bytes=32 time<1ms TTL=128 Ping statistics for 10.3.254.3: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms 3. Validating the Trust using the Microsoft Management Console Active Directory Domains and Trusts Snap-in was successful. 4. The Management Console on the Presentation Server in the Brazil.com domain was able to enumerate the Domain Accounts. 5. Performing Steps 1-3 on both Domain Controllers in the FTLRLAB domain with respect to the single Domain Controller in the Brazil.com domain also resolved the FTLRLAB domains? ability to resolve its? corresponding part of the trust. This step was not needed to allow Step 4 to be possible. 6. Active Directory Domain and Trusts allows the selection of a specific domain controller, ensure all domain controllers are reporting the same information and validating the Trusts. Jim Kenzig CEO The Kenzig Group http://www.kenzig.com Sponsorships Available! Blog: http://www.techblink.com Terminal Services Downloads: http://www.thinhelp.com Windows Vista: http://www.VistaPop.com Virtualization: http://www.virtualize-it.com Games: http://www.stressedpuppy.com