Joe13 Posted September 5, 2019 Report post Posted September 5, 2019 (edited) Good day everyone. I'm experiencing a weird issue lately, in my TS under network configuration I have domain join enabled, everything setup to the correct OU etc. If I do a test it completes successful, apply and ok. When I go back in the settings, like immediately after the apply close and do the test again it fails. It fails with incorrect credentials / login. It was working fine for a while, I think it started after I upgraded to 1906. Is there any log file I can look at? Edited September 5, 2019 by Joe13 Added information Quote Share this post Link to post Share on other sites More sharing options...
anyweb Posted September 6, 2019 Report post Posted September 6, 2019 what does the smsts.log file tell you ? and the netsetup.log in %windir%\debug Quote Share this post Link to post Share on other sites More sharing options...
Joe13 Posted September 6, 2019 Report post Posted September 6, 2019 This is what I get. I did two machine at the same time, one joined and other didn't 09/06/2019 13:09:54:216 unicodePwd = Account exists, resetting password: <SomePassword> 09/06/2019 13:09:54:216 NetpModifyComputerObjectInDs: Attribute values to set: 09/06/2019 13:09:54:216 unicodePwd = <SomePassword> 09/06/2019 13:09:54:216 NetpMapGetLdapExtendedError: Parsed [0x5] from server extended error string: 00000005: SecErr: DSID-031A1256, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0 09/06/2019 13:09:54:216 NetpModifyComputerObjectInDs: ldap_modify_s failed: 0x32 0x5 09/06/2019 13:09:54:216 NetpCreateComputerObjectInDs: NetpModifyComputerObjectInDs failed: 0x5 09/06/2019 13:09:54:216 NetpProvisionComputerAccount: LDAP creation failed: 0x5 Quote Share this post Link to post Share on other sites More sharing options...
Joe13 Posted September 6, 2019 Report post Posted September 6, 2019 Also found this: 09/06/2019 12:55:06:378 NetpGetComputerObjectDn: Passed OU doesn't match in size cracked DN: 120 106 09/06/2019 12:55:06:378 NetpCreateComputerObjectInDs: NetpGetComputerObjectDn failed: 0x50 09/06/2019 12:55:06:378 NetpProvisionComputerAccount: LDAP creation failed: 0x8b0 09/06/2019 12:55:06:378 NetpProvisionComputerAccount: Cannot retry downlevel, specifying OU is not supported Quote Share this post Link to post Share on other sites More sharing options...
Joe13 Posted September 6, 2019 Report post Posted September 6, 2019 I did do permissions on the specific OU. Will be trying this - https://eddiejackson.net/wp/?p=16416 Referring to this unanswered post - The computer already exists in AD, how can I handle this then. Quote Share this post Link to post Share on other sites More sharing options...
TrialandError Posted September 7, 2019 Report post Posted September 7, 2019 If I am understanding you right then you are having issues if the computer account already exists? Sounds like your DomainJoin account does not have permissions to reuse and existing account. I would check the account permissions. http://blog.coretech.dk/mip/creating-a-joindomain-account-for-use-with-sccm-osd/ 1 Quote Share this post Link to post Share on other sites More sharing options...
Joe13 Posted September 8, 2019 Report post Posted September 8, 2019 On 9/7/2019 at 3:53 AM, TrialandError said: If I am understanding you right then you are having issues if the computer account already exists? Sounds like your DomainJoin account does not have permissions to reuse and existing account. I would check the account permissions. http://blog.coretech.dk/mip/creating-a-joindomain-account-for-use-with-sccm-osd/ Exactly, thank you I will give this a go on Monday. Quote Share this post Link to post Share on other sites More sharing options...