locked
NetUserGetLocalGroups fails to return domain group (scope: domain local) which is a member of the local admin group. RRS feed

  • Question

  • We have the following scenario:
    A domain group named Group A (scope: domain local).
    Group A is added under the Local Administrator group of a machine which is in the same domain. We use NetUserGetLocalGroup to fetch all the local groups but Group A is not found. 

    If we change the group scope of group A from "domain local" to "global" and run the same function again, Group A is identifiable as a local group by NetUserGetLocalGroup.

    Is the above mentioned scenario not supported? Is there any other way to fetch domain local scope domain groups nested under local groups? 

    Tuesday, February 27, 2018 6:32 AM