Error: could not obtain information about Windows NT group/user

Without any doubt, at times there is a need to use extended stored procedures in SQL Server, for instance, the following error may be raised while using 'xp_logininfo' to get information about domain account 'MyDomainMyAccount' (the account you are logged within SQL Server). The error may also appear when a SQL job, whose owner is a windows account, tries to authenticate against the Active Directory(AD) and this validation fails because of internal security reasons between SQL Server and the AD.

Error: 15404, State: 19. Could not obtain information about Windows NT group/user ‘MyDomainMyAccount’, error code 0x5.

In order to solve this error your Network Administrator has to enable ‘Allowed to authenticate’ security setting on the domain controllers computer object for the account 'MyDomainMyAccount' in the domain 'MyDomain' by following these steps:

1. logon to the Domain Controller of domain 'MyDomain'
2. open Active Directory Users and Computers (dsa.msc)
3. enable the ‘Advanced Features’ under the menu ‘View’
4. navigate to the domain controllers computer object and open the property window
5. click on the security tab
6. add the SQL Service account 'MyDomainMyAccount' and enable the setting ‘Allowed to authenticate’
7. click OK to close the window
8. repeat steps 4-7 on each Domain Controller computer object

Having done that, 'xp_logininfo' will run successfully bringing the information from the Active Directory. That is all for now, let me know any remarks you may have. Thanks for reading. Stay tuned.