Jump to content


Joe13

TS Domain Join Failing

Recommended Posts

Good day everyone.

I'm experiencing a weird issue lately, in my TS under network configuration I have domain join enabled, everything setup to the correct OU etc. If I do a test it completes successful, apply and ok. When I go back in the settings, like immediately after the apply close and do the test again it fails. It fails with incorrect credentials / login.

It was working fine for a while, I think it started after I upgraded to 1906.

Is there any log file I can look at?

Edited by Joe13
Added information

Share this post


Link to post
Share on other sites

This is what I get. I did two machine at the same time, one joined and other didn't

 

09/06/2019 13:09:54:216         unicodePwd  =  Account exists, resetting password: <SomePassword>
09/06/2019 13:09:54:216 NetpModifyComputerObjectInDs: Attribute values to set:
09/06/2019 13:09:54:216         unicodePwd  =  <SomePassword>
09/06/2019 13:09:54:216 NetpMapGetLdapExtendedError: Parsed [0x5] from server extended error string: 00000005: SecErr: DSID-031A1256, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0
09/06/2019 13:09:54:216 NetpModifyComputerObjectInDs: ldap_modify_s failed: 0x32 0x5
09/06/2019 13:09:54:216 NetpCreateComputerObjectInDs: NetpModifyComputerObjectInDs failed: 0x5
09/06/2019 13:09:54:216 NetpProvisionComputerAccount: LDAP creation failed: 0x5
 

Share this post


Link to post
Share on other sites

Also found this:

 

09/06/2019 12:55:06:378 NetpGetComputerObjectDn: Passed OU doesn't match in size cracked DN: 120 106
09/06/2019 12:55:06:378 NetpCreateComputerObjectInDs: NetpGetComputerObjectDn failed: 0x50
09/06/2019 12:55:06:378 NetpProvisionComputerAccount: LDAP creation failed: 0x8b0
09/06/2019 12:55:06:378 NetpProvisionComputerAccount: Cannot retry downlevel, specifying OU is not supported
 

Share this post


Link to post
Share on other sites

If I am understanding you right then you are having issues if the computer account already exists? Sounds like your DomainJoin account does not have permissions to reuse and existing account. I would check the account permissions.

 

http://blog.coretech.dk/mip/creating-a-joindomain-account-for-use-with-sccm-osd/

  • Like 1

Share this post


Link to post
Share on other sites

On 9/7/2019 at 3:53 AM, TrialandError said:

If I am understanding you right then you are having issues if the computer account already exists? Sounds like your DomainJoin account does not have permissions to reuse and existing account. I would check the account permissions.

 

http://blog.coretech.dk/mip/creating-a-joindomain-account-for-use-with-sccm-osd/

Exactly, thank you I will give this a go on Monday.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.