I had seen a forum post and was not able reply on it. Below is a blog from my old blog which has the answer for the forum topic. Just moving this to SSG Blogs. The blog specifically talks about 2005 but the same applies for later versions.
SQL Server 2005 upgrade or patching checks for the SQL Server Cluster Domain groups in the Active Directory based on the SIDs in the registry keys for the Domain groups available at HKLM\Software\Microsoft\Microsoft SQL Server\MSSQL.X\Setup.
When you are trying to patch a stand alone instance it may fail with the error message as below.
GetServiceUserGroup failed for , 5
Error Code: 0x80070534 (1332)
Windows Error Text: No mapping between account names and security IDs was done.
Source File Name: sqlca\sqlcax.cpp
Compiler Timestamp: Sat Nov 22 04:53:51 2008
Function Name: SetInstanceProperty
Source Line Number: 1224
MSI (s) (AC!E0) [13:59:04:122]: Product: Microsoft SQL Server 2005 (64-bit) — Error 29528. The setup has encountered an unexpected error while Setting Internal Properties. The error is: Fatal error during installation.
Error 29528. The setup has encountered an unexpected error while Setting Internal Properties. The error is: Fatal error during installation.
CustomAction SetInstanceProperty.3EA9D9BF_D9D2_4023_B2A7_9E2137B2FB1B returned actual error code 1603
Action ended 13:59:04: SetInstanceProperty.3EA9D9BF_D9D2_4023_B2A7_9E2137B2FB1B. Return value 3.
Action ended 13:59:04: INSTALL. Return value 3
In case of stand alone instance you can empty the registry keys specific to local groups and retry the installation to re-populate the SIDs of the wrongly entered keys for the local groups. (Please see the KB article http://support.microsoft.com/kb/925976).
But in the case of Cluster this workaround does not work. In the case of a cluster installation, you have to find out the SID associated with that group on the Active Directory and update the keys with the right SIDs. (You can use the psgetsid.exe to get the SID associated with a Group/User or vice versa). The possible keys for the Domain groups (in case of stand alone instance they are called Local Groups) are as below.
HKLM\Software\Microsoft\Microsoft SQL Server\MSSQL.X\Setup\SQLGroup
HKLM\Software\Microsoft\Microsoft SQL Server\MSSQL.X\Setup\AGTGroup
HKLM\Software\Microsoft\Microsoft SQL Server\MSSQL.X\Setup\FTSGroup
HKLM\Software\Microsoft\Microsoft SQL Server\MSSQL.X\Setup\ASGroup
In some cases the active directory groups are deleted and we cannot find what SID to be put in the above registry keys. In such cases, create the groups with the naming convention as “MSSQLUser$ComputerName$InstanceName“.
Get the SID by using psgetsid.exe and update the keys in the registry with the respective SIDs.
Add the user accounts which should have access to the particular groups in the AD.