Ask Your Question

Newbie - Failing to create a local group on windows server because user exists.

asked 2017-03-02 02:47:08 -0600

MarekSarad gravatar image

I am newbie with Puppet so I might be missing something obvious. I am trying to create a group in my lab (one puppet master PE 2016.5, one controlled node Win2012 R2).

I am trying to create a group on server 'Test3' but the process fails because there is already user with that name.

Code is as follows: class sharepoint_localgroups {

group {'Test3':
    ensure => present,
    name => 'Test3',
    members => ['DEV\\NotTest3User'],
    auth_membership => false


and I am receiving this message:

Error: Cannot create group if user 'Test3' exists. Error: /Stage[main]/Sharepoint_localgroups/Group[Test3]/ensure: change from absent to present failed: Cannot create grou p if user 'Test3' exists.

Group is created correctly if the user indeed doesn't exists (ie. Group Test1234 is created correctly)

edit retag flag offensive close merge delete

2 Answers

Sort by ยป oldest newest most voted

answered 2017-03-07 12:49:23 -0600

michal.lukowicz gravatar image

Hi Marek

Try to create group at first then in the next statement add used to group(add require group creation in that part).


edit flag offensive delete link more

answered 2017-03-07 01:58:18 -0600

joshc gravatar image

Windows requires local user and group accounts to be unique:

C:\Users\Administrator>net localgroup foobar /add
The command completed successfully.

C:\Users\Administrator>net user foobar /add
System error 1379 has occurred.

The specified local group already exists.

Puppet is just reporting the error that Windows generates.

edit flag offensive delete link more


Thanks for comment. I have checked with net command and I can create the 'Test3' group without issue. The Test3 isn't local account but domain account. To clarify in my case group Test3 is not created because user DEV\Test3 exists. DEV is not the name of the machine but domain.

MarekSarad gravatar imageMarekSarad ( 2017-03-07 09:37:12 -0600 )edit

So on target machine where PE fails to create Test3 group the net command completes successfully. PS C:\> net localgroup Test3 /add The command completed successfully.

MarekSarad gravatar imageMarekSarad ( 2017-03-07 09:38:52 -0600 )edit

This may be caused by puppet using ADSI to create the group account. Can you run puppet with `--debug --trace` and submit a PUP ticket at

joshc gravatar imagejoshc ( 2017-03-09 10:55:07 -0600 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2017-03-02 02:47:08 -0600

Seen: 193 times

Last updated: Mar 07 '17