The account %1 from domain %2 is attempting to use S4USelf for the target client %3, but is not allowed to perform group expansion on this client's user object. It may be necessary to adjust the ACL on the TokenGroupsGlobalAndUniversal attribute on the target client's user object to allow S4USelf to function correctly. This can also be accomplished by adding %1 to the Windows Authorization Access Group.
The account %1 cannot be converted to be a domain controller account as its object class attribute in the directory is not ...
The account %1 could not be granted the 'Log On As A Service' right. The 'IPSEC services' service may not run correctly under ...
The account %1 could not be granted the Log On As A Service right. This service may not run correctly under the %1 account. ...
The account %1 did not have a suitable key for generating a Kerberos ticket. If the encryption type is supported, changing ...
The account %1 from domain %2 is attempting to use S4USelf for the target client %3, but is not allowed to perform group ...
The account can not read information about the IPSEC (Offline request) certificate template in the Active Directory. Please ...
The account cannot be granted a privilege to "log on as service" on the domain controller. The domain security administrator ...
The account information specified for accessing the Exchange 5.5 server cannot be used. Verify the account and password information. ...
The account must be a member of the local IIS_IUSRS group. If you have chosen Kerberos as the authentication type, the account ...