none
Windows 7 Client Can't Join Server's Active Directory Domain RRS feed

  • Question

  • Hi all,

    I am currently helping my company prototype automated Windows installation via network. I am using Server 2008r2 and Windows Deployment Services with Windows 7 as the OS being installed on the client computer. Everything works fine EXCEPT joining the client PC to the domain. DNS is configured correctly, client computer is already prestaged in Active Directory Computers as the user "Client1" with a password of "password". I have posted my unattend xml file and the relevant section of the Panther/UnattendGC setupact.log and setuperr.log files. 

    Setupact.log:

    2017-06-29 09:25:04, Info                         [DJOIN.EXE] Unattended Join: Begin

    2017-06-29 09:25:04, Info                         [DJOIN.EXE] Unattended Join: Loading input parameters...

    2017-06-29 09:25:04, Info                         [DJOIN.EXE] Unattended Join: AccountData = [NULL]

    2017-06-29 09:25:04, Info                         [DJOIN.EXE] Unattended Join: UnsecureJoin = [NULL]

    2017-06-29 09:25:04, Info                         [DJOIN.EXE] Unattended Join: MachinePassword = [secret not logged]

    2017-06-29 09:25:04, Info                         [DJOIN.EXE] Unattended Join: JoinDomain = [master.local]

    2017-06-29 09:25:04, Info                         [DJOIN.EXE] Unattended Join: JoinWorkgroup = [NULL]

    2017-06-29 09:25:04, Info                         [DJOIN.EXE] Unattended Join: Domain = [master.local]

    2017-06-29 09:25:04, Info                         [DJOIN.EXE] Unattended Join: Username = [Client1]

    2017-06-29 09:25:04, Info                         [DJOIN.EXE] Unattended Join: Password = [secret not logged]

    2017-06-29 09:25:04, Info                         [DJOIN.EXE] Unattended Join: MachineObjectOU = [NULL]

    2017-06-29 09:25:04, Info                         [DJOIN.EXE] Unattended Join: DebugJoin = [false]

    2017-06-29 09:25:04, Info                         [DJOIN.EXE] Unattended Join: DebugJoinOnlyOnThisError = [NULL]

    2017-06-29 09:25:04, Info                         [DJOIN.EXE] Unattended Join: Checking that auto start services have started.

    2017-06-29 09:25:04, Info                         [DJOIN.EXE] Unattended Join: Joining domain [master.local]...

    2017-06-29 09:25:04, Info                         [DJOIN.EXE] Unattended Join: Calling DsGetDcName for master.local...

    2017-06-29 09:25:04, Warning                      [DJOIN.EXE] Unattended Join: DsGetDcName failed: 0x2746, last error is 0x0, will retry in 5 seconds...

    [[[My personal note: At this point it retries and displays the above error many more times before finally quitting]]]

    2017-06-29 09:32:04, Error                        [DJOIN.EXE] Unattended Join: NetJoinDomain failed error code is [10054]

    2017-06-29 09:32:04, Error                        [DJOIN.EXE] Unattended Join: Unable to join; gdwError = 0x2746

    2017-06-29 09:32:04, Info                         [DJOIN.EXE] Unattended Join: Exit, returning 0x0

    Setuperr.log:

    2017-06-29 09:32:04, Error                        [DJOIN.EXE] Unattended Join: NetJoinDomain failed error code is [10054]

    2017-06-29 09:32:04, Error                        [DJOIN.EXE] Unattended Join: Unable to join; gdwError = 0x2746

    Unattend.xml:

    <?xml version='1.0' encoding='utf-8'?>

    <unattend xmlns="urn:schemas-microsoft-com:unattend">

        <settings pass="specialize" wasPassProcessed="true">

            <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

                <AutoLogon>

                    <Password>*SENSITIVE*DATA*DELETED*</Password>

                    <Domain>master.local</Domain>

                    <Enabled>true</Enabled>

                    <LogonCount>5</LogonCount>

                    <Username>Client1</Username>

                </AutoLogon>

                <RegisteredOrganization>MyCompany</RegisteredOrganization>

                <RegisteredOwner>MyCompany</RegisteredOwner>

                <TimeZone>eastern standard time</TimeZone>

                <ComputerName></ComputerName>

                <ProductKey>*SENSITIVE*DATA*DELETED*</ProductKey>

            </component>

            <component name="Microsoft-Windows-DNS-Client" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

                <Interfaces>

                    <Interface wcm:action="add">

                        <DNSServerSearchOrder>

                            <IpAddress wcm:action="add" wcm:keyValue="1">122.45.36.1</IpAddress>

                        </DNSServerSearchOrder>

                        <DisableDynamicUpdate>false</DisableDynamicUpdate>

                        <DNSDomain>master.local</DNSDomain>

                        <EnableAdapterDomainNameRegistration>true</EnableAdapterDomainNameRegistration>

                        <Identifier>Local Area Connection</Identifier>

                    </Interface>

                </Interfaces>

                <DNSDomain>master.local</DNSDomain>

                <UseDomainNameDevolution>false</UseDomainNameDevolution>

                <DNSSuffixSearchOrder>

                    <DomainName wcm:action="add" wcm:keyValue="1">master.local</DomainName>

                </DNSSuffixSearchOrder>

            </component>

            <component name="Microsoft-Windows-UnattendedJoin" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

                <Identification>

                    <Credentials>

                        <Domain>master.local</Domain>

                        <Password>*SENSITIVE*DATA*DELETED*</Password>

                        <Username>Client1</Username>

                    </Credentials>

                    <JoinDomain>master.local</JoinDomain>

                    <DebugJoin>false</DebugJoin>

                </Identification>

            </component>

        </settings>

        <settings pass="oobeSystem" wasPassProcessed="true">

            <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

                <Display>

                    <ColorDepth>32</ColorDepth>

                    <DPI>96</DPI>

                    <HorizontalResolution>1280</HorizontalResolution>

                    <RefreshRate>60</RefreshRate>

                    <VerticalResolution>1024</VerticalResolution>

                </Display>

                <UserAccounts>

                    <AdministratorPassword>*SENSITIVE*DATA*DELETED*</AdministratorPassword>

                    <DomainAccounts>

                        <DomainAccountList wcm:action="add">

                            <Domain>master.local</Domain>

                            <DomainAccount wcm:action="add">

                                <Group>Domain Users</Group>

                                <Name>Client1</Name>

                            </DomainAccount>

                        </DomainAccountList>

                    </DomainAccounts>

                    <LocalAccounts>

                        <LocalAccount wcm:action="add">

                            <Password>*SENSITIVE*DATA*DELETED*</Password>

                            <Description>MyCompany</Description>

                            <DisplayName>MyCompany</DisplayName>

                            <Name>MyCompany</Name>

                            <Group>Administrators</Group>

                        </LocalAccount>

                    </LocalAccounts>

                </UserAccounts>

                <TimeZone>eastern standard time</TimeZone>

                <RegisteredOwner>MyCompany</RegisteredOwner>

                <RegisteredOrganization>MyCompany</RegisteredOrganization>

                <OOBE>

                    <HideEULAPage>true</HideEULAPage>

                    <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>

                    <NetworkLocation>Work</NetworkLocation>

                    <ProtectYourPC>1</ProtectYourPC>

                </OOBE>

            </component>

            <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

                <InputLocale>en-us</InputLocale>

                <SystemLocale>en-us</SystemLocale>

                <UILanguage>en-us</UILanguage>

                <UILanguageFallback>en-us</UILanguageFallback>

                <UserLocale>en-us</UserLocale>

            </component>

        </settings>

        <cpi:offlineImage cpi:source="catalog://51esm549353-6/reminst/wdsclientunattend/windows 7 professional_windows 7 professional.clg" xmlns:cpi="urn:schemas-microsoft-com:cpi"></cpi:offlineImage>

    </unattend>

    Can someone help me figure out why the client pc is not the domain at all? 


    • Edited by novaitguy Thursday, June 29, 2017 2:05 PM
    Thursday, June 29, 2017 1:58 PM

All replies

  • Hi,
    According to your setupact.log, I noticed you set Unsecurejoin=[null]. However as I know, if we want to use the unattend file to join a domain, we should set <UnsecureJoin>True</UnsecureJoin>. Further more, we should configure the following to unattend file:
    Specify the credentials for performing the domain join, and the domain that you want to join the computer to.
    Ensure that the Microsoft-Windows-Shell-Setup component exists for the specialize phase.
    Set the <ComputerName> value to %MACHINENAME%. During installation, Windows Deployment Services will retrieve the name of the prestaged computer from AD DS and replace the %MACHINENAME% string with the actual computer name.

    Here is a sample about setting unsecure domain join, you could take it as a reference:

    Sample Unattend Files (Example 1: Unsecure domain join)

    https://technet.microsoft.com/en-us/library/cc732280(v=ws.10).aspx#Image1

    Bests,
    Joy.

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, June 30, 2017 4:52 PM
    Moderator
  • Hi Joy,

    Last I have verified your recommended settings with ensuring the Shell-Setup exists during the specialize phase and also that the <ComputerName> is %MACHINENAME% and they are already set correctly in the xml I listed above. The reason UnsecureJoin=NULL is because I intentionally set <UnsecureJoin>false </UnsecureJoin>in the unattend xml file to test out joining via explicit credentials to an account that I prestaged in ADDS on the server.

    As to your recommendations, I have already tried turning <UnsecureJoin>true</UnsecureJoin> and it still didn’t work. Notably, I didn’t include credentials when I set UnsecureJoin to true because you are NOT supposed to include credentials when performing UnsecureJoin, at least if I am reading the website correctly (and by the way it STILL gave errors). Additionally, I tried variations of UnsecureJoin=true with MachinePassword set to that machine’s local admin account password and also with the MachinePassword field blank and it STILL did not work.

    So I ended up trying your recommendations where I set UnsecureJoin to true while ALSO including credentials and it still didn’t work. I got the error “[DJOIN.EXE] Unattended Join: Passing MachinePassword or setting UnsecureJoin requires Domain, Username, and Password must be NULL.” Later, it gave me gdwError=0x57 and “[DJOIN.EXE] Unattended Join: Failed to load all required input parameters, error occurred processing [Domain]: 0x57.”

    For completeness, I tried it yet again with UnsecureJoin to true while not having any credentials (which is the way it is supposed to be) and setting the MachinePassword to “password” which is the password I had set for the local administrator account “MyCompany”. I get the errors “[DJOIN.EXE] Unattended Join: DSGetDCName failed: 0x2746, last error is 0x0, will retry in 5 seconds….”, “[DJOIN.EXE] Unattended Join: NetJoinDomain failed error code is [10054].” And ““[DJOIN.EXE] Unattended Join: Unable to join; gdwError=0x2746.” These are the same exact errors as above when I set UnsecureJoin to false.

    So my problem still has not changed: The client computer is simply not joining ADDS on the server.

    -Regards

    Monday, July 3, 2017 1:28 PM