This article describes the issue of service not being able to read Active Directory properties for group SID(s).
Service was unable to read Active Directory properties
While loading a SharePoint farm the following error message was displayed in the event log:
The service was unable to read Active Directory properties for Group SID(s):’Group Name’. Check Service permissions.
The user running the application needs to be added to the Account Operators Group in order to be able to load the Group properties.
- Run your Domain Controller server.
- Navigate to Start > Administrative Tools > Active Directory Users and Groups.
- Find the user that is running SPDocKit on the user list.
- Right-click on it and select Properties.
- Find the Member of tab and click on the Add button.
- Type in Account Operators and click Apply/OK.