none
Error Occurred When Join Domain By Domain User

    Question

  • Hi 

    I got error below when join domain by domain users:

    The following occurred attempting to join the domain "abc.def.com":

    An internal error occurred.

    I tried to delegate control in ADUC or grant user by using GPO but same error displayed. Am I using a wrong method?

    Hugo

    Friday, June 21, 2013 6:53 AM

All replies

  • Jayawardhane

    No Hope, same error display when I tried

    Hugo

    Friday, June 21, 2013 9:32 AM
  • Hello,

    lets start with some basics, please post an unedited ipconfig /all from the DC/DNS servers and a client with the error.

    Are the machines created from an image that is NOT prepared with sysprep?


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Monday, June 24, 2013 10:01 AM
  • Hi,

    By default, domain users could add 10 computers to domain. I would like to suggest you use another account to try to add the computer to domain.

    Please also try to add another computer to narrow down the issue.

    Regards,

    Yan Li


    Cataleya Li
    TechNet Community Support

    Tuesday, June 25, 2013 6:22 AM
  • 07/22 14:34:54 NetpDoDomainJoin
    07/22 14:34:54 NetpMachineValidToJoin: 'HPPLAN005'
    07/22 14:34:54 NetpGetLsaPrimaryDomain: status: 0x0
    07/22 14:34:54 NetpMachineValidToJoin: status: 0x0
    07/22 14:34:54 NetpJoinDomain
    07/22 14:34:54 Machine: HPPLAN005
    07/22 14:34:54 Domain: corp.abc.com
    07/22 14:34:54 MachineAccountOU: (NULL)
    07/22 14:34:54 Account: corp\ellan
    07/22 14:34:54 Options: 0x3
    07/22 14:34:54 OS Version: 5.1
    07/22 14:34:54 Build number: 2600
    07/22 14:34:54 ServicePack: Service Pack 3
    07/22 14:34:54 NetpValidateName: checking to see if 'corp.abc.com' is valid as type 3 name
    07/22 14:34:54 NetpValidateName: 'corp.abc.com' is not a valid NetBIOS domain name: 0x7b
    07/22 14:34:54 NetpCheckDomainNameIsValid [ Exists ] for 'corp.abc.com' returned 0x0
    07/22 14:34:54 NetpValidateName: name 'corp.abc.com' is valid for type 3
    07/22 14:34:54 NetpDsGetDcName: trying to find DC in domain 'corp.abc.com', flags: 0x1020
    07/22 14:35:09 NetpDsGetDcName: failed to find a DC having account 'HPPLAN005$': 0x525
    07/22 14:35:09 NetpDsGetDcName: found DC '\\hktpdc2.corp.abc.com' in the specified domain
    07/22 14:35:09 NetpJoinDomain: status of connecting to dc '\\hktpdc2.corp.abc.com': 0x0
    07/22 14:35:09 NetpGetLsaPrimaryDomain: status: 0x0
    07/22 14:35:09 NetpGetDnsHostName: Read NV Hostname: HPPLAN005
    07/22 14:35:09 NetpGetDnsHostName: PrimaryDnsSuffix defaulted to DNS domain name: corp.abc.com
    07/22 14:35:09 NetpLsaOpenSecret: status: 0xc0000034
    07/22 14:35:10 NetpManageMachineAccountWithSid: NetUserAdd on '\\hktpdc2.corp.abc.com' for 'HPPLAN005$' failed: 0x54f
    07/22 14:35:10 NetpJoinDomain: status of creating account: 0x54f
    07/22 14:35:10 NetpJoinDomain: initiaing a rollback due to earlier errors
    07/22 14:35:10 NetpLsaOpenSecret: status: 0x0
    07/22 14:35:10 NetpJoinDomain: rollback: status of deleting secret: 0x0
    07/22 14:35:10 NetpJoinDomain: status of disconnecting from '\\hktpdc2.corp.abc.com': 0x0
    07/22 14:35:10 NetpDoDomainJoin: status: 0x54f

    How to fix it?

    • Edited by Hugo Cheng Monday, July 22, 2013 6:59 AM add sth
    Monday, July 22, 2013 6:58 AM
  • 07/22 17:21:55 NetpDoDomainJoin
    07/22 17:21:55 NetpMachineValidToJoin: 'HPPLAN005'
    07/22 17:21:55 NetpGetLsaPrimaryDomain: status: 0x0
    07/22 17:21:55 NetpMachineValidToJoin: status: 0x0
    07/22 17:21:55 NetpJoinDomain
    07/22 17:21:55 Machine: HPPLAN005
    07/22 17:21:55 Domain: corp.abc.com
    07/22 17:21:55 MachineAccountOU: (NULL)
    07/22 17:21:55 Account: corp\ellan
    07/22 17:21:55 Options: 0x3
    07/22 17:21:55 OS Version: 5.1
    07/22 17:21:55 Build number: 2600
    07/22 17:21:55 ServicePack: Service Pack 3
    07/22 17:21:55 NetpValidateName: checking to see if 'corp.abc.com' is valid as type 3 name
    07/22 17:21:55 NetpValidateName: 'corp.abc.com' is not a valid NetBIOS domain name: 0x7b
    07/22 17:21:56 NetpCheckDomainNameIsValid [ Exists ] for 'corp.abc.com' returned 0x0
    07/22 17:21:56 NetpValidateName: name 'corp.abc.com' is valid for type 3
    07/22 17:21:56 NetpDsGetDcName: trying to find DC in domain 'corp.abc.com', flags: 0x1020
    07/22 17:22:11 NetpDsGetDcName: failed to find a DC having account 'HPPLAN005$': 0x525
    07/22 17:22:11 NetpDsGetDcName: found DC '\\CNKSDC2.corp.abc.com' in the specified domain
    07/22 17:22:12 NetpJoinDomain: status of connecting to dc '\\CNKSDC2.corp.abc.com': 0x0
    07/22 17:22:12 NetpGetLsaPrimaryDomain: status: 0x0
    07/22 17:22:12 NetpGetDnsHostName: Read NV Hostname: HPPLAN005
    07/22 17:22:12 NetpGetDnsHostName: PrimaryDnsSuffix defaulted to DNS domain name: corp.abc.com
    07/22 17:22:12 NetpLsaOpenSecret: status: 0xc0000034
    07/22 17:22:13 NetpManageMachineAccountWithSid: NetUserAdd on '\\CNKSDC2.corp.abc.com' for 'HPPLAN005$' failed: 0x8b0
    07/22 17:22:13 SamOpenUser on 8601 failed with 0xc0000022
    07/22 17:22:13 NetpManageMachineAccountWithSid: status of attempting to set password on '\\CNKSDC2.corp.abc.com' for 'HPPLAN005$': 0x5
    07/22 17:22:13 NetpJoinDomain: status of creating account: 0x5
    07/22 17:22:13 NetpJoinDomain: initiaing a rollback due to earlier errors
    07/22 17:22:13 NetpLsaOpenSecret: status: 0x0
    07/22 17:22:13 NetpJoinDomain: rollback: status of deleting secret: 0x0
    07/22 17:22:14 NetpJoinDomain: status of disconnecting from '\\CNKSDC2.corp.abc.com': 0x0
    07/22 17:22:14 NetpDoDomainJoin: status: 0x5

    Another Log for reference, any help?

    Monday, July 22, 2013 9:28 AM
  • As suggested, double-check your DNS settings on the client and use a privileged user (ie: Domain Admin) account. You can limit the amount of times a domain user can add clients to a domain.

    • Edited by 'sm Monday, July 22, 2013 1:18 PM update
    Monday, July 22, 2013 1:16 PM
  • Can you teach me how i can grant domain user to join domain?

    Tuesday, July 23, 2013 12:47 AM
  • Hello,

    would be nice if you can answer open questions so we are able to help you further with the error. If you don't provide requested informations how should we help you????

    Join coomputer to domain, see point 1 in http://jorgequestforknowledge.wordpress.com/2006/01/05/creating-a-taskpad-and-delegating-several-admin-tasks/ and also check  with http://support.microsoft.com/kb/243327/en-us http://support.microsoft.com/kb/932455


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Tuesday, July 23, 2013 7:28 AM