locked
Can't Join Domain -Windows 10 Enterprise RRS feed

  • Question

  • Anybody else having issues joining a domain? It seem's to be with this one particular laptop that I have. It's fairly new one, but so is the other one that does work. The one that doesn't work is a Dell Latitude E6540. The one that does work a Dell Latitude E7440. 

    I put the hard drive of the E6540 into the E7440 and joined the domain that way, but then when I put it back into the E6540 I get trust relationship errors. 

    The error I get when trying to join is Invalid Flags Specified. Weird thing is even though it doesn't join, the machine gets added into the default Computers container in AD.

    Thursday, October 2, 2014 3:24 PM

Answers

  • Update... This is apparently related to TPM.  After disabling TPM in the BIOS I was able to join successfully.  Re-enabling afterwards seems to work fine.

    Currently running BIOS A08, upgrading to A10 and performing a fresh install to see if there is any change in behavior.

    Second update...  Upgrading to A10 has no impact.  Looks like the only way is to disable TPM temporarily for the domain join.  I'll be enabling Bitlocker on this later, if I run into any more TPM issues I'll update this post...
    • Edited by stefan_tech Monday, October 6, 2014 7:26 PM
    • Marked as answer by Cody2198 Wednesday, October 8, 2014 2:40 PM
    Monday, October 6, 2014 6:48 PM

All replies

  • Hi

    It is most likely a bug in windows 10 as it is still very new and in technical preview or that the hardware does work well with the new OS.


    Hope this helps. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Thursday, October 2, 2014 5:06 PM
  • Good evening,

    I having the same problem, in my case it said 'invalid handle';

    The machine Lenovo-T60 attempted to join the domain mydomain.nl but failed. The error code was 2148073510.

    And the pop-up states;

    ---------------------------
    Computer Name/Domain Changes
    ---------------------------
    The following error occurred attempting to join the domain "mydomain.nl":

    The supplied handle is invalid.
    ---------------------------
    OK   
    ---------------------------

    I'm also presuming this is because it's all new, most of the times I'm not even prompted for the domain administrator account. It seems to be unable to detect the DC intermittendly.


    Friday, October 3, 2014 9:14 PM
  • If the same drive works in another machine, then I'd be looking at networking issues. the machines probably use different network adapters and the one in the E6540 just may not be working that well.

    Ed

    Friday, October 3, 2014 9:34 PM
  • I have the same issue.

    If I attempt to join with the gui I get invalid flags specified.

    If I use powershell add-computer I get "Add-Computer : Value was either too large or too small for an Int32."

    In the event viewer I get:

    The machine mikeswin attempted to join the domain bluebunny.com but failed. The error code was 2148073481.

    Fully updated as of this morning

    Hardware

    Dell e6440

    DC's are server 2008r2 with a 2008 functional level

    Intel i217-lm

    Workaround

    If you install windows 8.1, join domain, then upgrade it stays on the domain

    Monday, October 6, 2014 2:51 PM
  • Just confirming, I also cannot join our domain (mixed 2003/2008R2 DCs).  Also trying to use a Latitude E6540, via wired and wireless NICs. --Using out of WIM drivers, and again with drivers from Windows update.

    Relevant bits from NetSetup.log:

    10/06/2014 11:23:29:898 NetpModifyComputerObjectInDs: Toggled UserAccountControl successfully
    10/06/2014 11:23:30:414 Successfully stored machine authentication certificate with key.
    10/06/2014 11:23:30:477 NetpGenerateMachineAuthKey: Error finalizing key: -2146893779
    10/06/2014 11:23:30:477 Successfully generated machine authentication key.
    10/06/2014 11:23:30:477 NetpProvisionAuthKey: Error creating machine auth cert. Giving up on machine auth key.
    10/06/2014 11:23:30:477 ldap_unbind status: 0x0
    10/06/2014 11:23:30:477 NetpJoinCreatePackagePart: status:0x80090009.
    10/06/2014 11:23:30:477 NetpJoinDomainOnDs: Function exits with status of: 0x80090009

    Attempted join from Powershell using Add-Computer, received:  "Add-Computer : Value was either too large or too small for an Int32."

    Also installed Windows 10 RSAT to try and use NETDOM, returned with some nonsense about password complexity...

    Any help would be greatly appreciated.

    Monday, October 6, 2014 4:04 PM
  • Update... This is apparently related to TPM.  After disabling TPM in the BIOS I was able to join successfully.  Re-enabling afterwards seems to work fine.

    Currently running BIOS A08, upgrading to A10 and performing a fresh install to see if there is any change in behavior.

    Second update...  Upgrading to A10 has no impact.  Looks like the only way is to disable TPM temporarily for the domain join.  I'll be enabling Bitlocker on this later, if I run into any more TPM issues I'll update this post...
    • Edited by stefan_tech Monday, October 6, 2014 7:26 PM
    • Marked as answer by Cody2198 Wednesday, October 8, 2014 2:40 PM
    Monday, October 6, 2014 6:48 PM
  • "Update... This is apparently related to TPM.  After disabling TPM in the BIOS I was able to join successfully.  Re-enabling afterwards seems to work fine."


    This also worked for me on a HP Elitebook 840 and Dell Latitude E7440.  I actually was able to join the domain but it failed to apply group policy.  Disabled the TPM and computer and user policy applied with no problems.  

    Monday, October 6, 2014 7:40 PM
  • Hi,

    Thanks for sharing this.  Can you tell me if you were using the TPMs on the machines with another operating system prior to loading Windows 10 Enterprise?  What was the configuration of the machine prior to installing Windows 10 Enterprise?

    Thank you,

    Paul Hutmacher


    Monday, October 6, 2014 9:53 PM
  • Hey!

    have same problem but have no TPM what i can see.

    Hope is coming soon an fix to that.

    Windows 10 Technical Preview Enterprise is looks good runing fine here

    Tuesday, October 7, 2014 9:58 AM
  • The E6540 I was using previously had Windows 7 Enterprise with Bitlocker enabled. I swapped out the drive to test 10 Enterprise.

    I did attempt to clear/reset the TPM in the BIOS and join afterwards but it did not help.

    Tuesday, October 7, 2014 4:56 PM
  • Hi,

    Now that build 9860 has been released, is this still an issue?

    Thanks,
    David Everett

    Thursday, October 23, 2014 10:49 PM
  • For the tpm Issues. Try going to tpm.msc and clear the tpm. Just make sure you disable bitlocker first if you have it enabled or you may find that you cannot access the drive.. had to do this earlier today myself because the update failed to install. 

    Did an image backup of my work computer and then followed the upgrade path to 10 from 8.1. Noticed event id 1026 "The Trusted Platform Module hardware on this computer cannot be provisioned for use automatically" When I was going through the logs to figure out why the update was failing and not getting past the The access history in hive \??\C:\Users\dfeifer\AppData\Local\Temp\tmpDC53.tmp\SOFTWARE was cleared updating 177482 keys and creating 10286 modified pages. Followed by:"Installation Failure: Windows failed to install the following update with error 0x800700EA: fbl_release 9860 Enterprise." I believe the installation failure was caused by the Backup exec 2014 agent I had installed for P2V conversions for my test lab. 

    After the installation None of the apps would load to include Pc Settings. ie.

    "Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: The application cannot be started. Try reinstalling the application to fix the problem. See the Microsoft-Windows-TWinUI/Operational log for additional information."

    Clearing the TPM and saving a new key fixed this issue for me though it did take it a couple of minutes to take effect. Since this there were no other issues noted in the event viewer.

    Friday, October 24, 2014 3:03 AM
  • This worked on my 6440. Thank you. 
    Wednesday, November 19, 2014 3:52 PM
  • Seems to be still an issue. As per Tec Preview, if you have to disable/enable TPM I prefer to do this on a new device besides a device in use...

    Thomas Stensitzki - MCPD, MCITP, MCTS, MCSA, MCSA:Messaging

    Tuesday, December 2, 2014 4:23 PM
  • Your computer  running Windows 10 could not be Joined to the Domain , because it was already joined to a Cloud Domain and cannot be subsequently joined to an Active Directory Domain.
    Friday, May 15, 2015 4:42 PM
  • @aaiyedun,

    You probably joined the Azure AD domain, which is basically a lite version of your company's organizational domain.  I had this happen too - you'll need to go into Settings - System - About, and select Leave the organization.  Then you'll need to reboot, and log back in and join the domain via the normal System Properties menu, which joins you to the real AD domain.

    It is confusing - especially since the directions on this process are not clear in the OOBE setup.

    Hope that helps! 

    Friday, May 15, 2015 7:40 PM
  • Would anyone have any other solutions for this problem?  Or will we just have to wait for RTM and assume it will be fixed?

     I am trying to use SCCM 2012 R2 SP1 to deploy Win10 10074 test build but it will not join the domain as long as I have the TPM/Bitlocker steps enabled in the task sequence.  Turn off these steps and it images and joins the domain with no problems.

    I tried these steps on both a Dell E6320 and a Dell 6430u and saw the same results.  

    Thanks

    ~Tom


    • Edited by Tom__P Monday, June 1, 2015 2:45 PM
    Monday, June 1, 2015 2:44 PM