Oct 172012
 

In an existing environment with a few Domain controllers we installed a new SCCM 2007 server. From the start we had problems with the domain join function in the Apply Network Settings Task. The domain join did not join the domain consequently. There was a 50% change that the device in the deployment joint the domain.

We found several errors in the following log files on the client:

Netsetip.log (C:\Windows\Debug)

  • 10/11/2012 08:45:57:249 NetUseAdd to \\xxxxxxxx.xxx.local\IPC$ returned 1326
  • 10/11/2012 08:51:13:196 NetpJoinDomain: status of connecting to dc ‘\\xxxxxxxx.xxx.local’: 0x52e
  • 10/11/2012 08:51:13:196 NetpDoDomainJoin: status: 0x52e
  • 10/11/2012 09:06:02:968 NetpDsGetDcName: failed to find a DC having account ‘PA82YMZ4J$’: 0x525, last error is 0x0

setupact.log (C:\Windows\Panther\UnattendedGC)

  • 2011-12-05 09:24:58, Info [DJOIN.EXE] Unattended Join: DebugJoinOnlyOnThisError = [NULL]
  • 2012-10-11 08:52:48, Error [DJOIN.EXE] Unattended Join: NetJoinDomain failed error code is [1326]
  • 2012-10-11 08:52:48, Error [DJOIN.EXE] Unattended Join: Unable to join; gdwError = 0x52e

Setuperr.log (C:\Windows\Panther\UnattendedGC)

  • 2012-10-11 08:52:48, Error [DJOIN.EXE] Unattended Join: NetJoinDomain failed error code is [1326]
  • 2012-10-11 08:52:48, Error [DJOIN.EXE] Unattended Join: Unable to join; gdwError = 0x52e

Error 1326 = Logon failure: unknown user name or bad password
Error 0x52e = ERROR_LOGON_FAILURE

The Security logs on the domain controller showed that the logins of our service account account svcsccjd where successful. Meaning the username/password were correct.
Due to a naming policy on the domain the OU where this computer should be registered is a few Ou’s deep which properly causes the problem:

LDAP://OU=XXXX,OU=P01,OU=Desktop,OU=Devices,OU=Clients,DC=xxx,DC=local

There is a knowledgebase article with a patch for SCCM 2007 from Microsoft which solved our problem, KB978757: “The second Search paths may not discovered when you enable any Active Directory discovery method that runs on a System Center Configuration Manager 2007 SP2 site server

Although this fix is targeted to solve a problem with the Active Directory User Discovery method, this also solved our domain join problem. Download the SCCM2007-SP2-KB978757-X86-ENU.msi to fix this problem.

  2 Responses to “Join Domain does not work in the task sequence in SCCM 2007”

  1. Interesting! I will try it myself.

  2. you are the gun!

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)