locked
MDT 2013 Update 2 - Will not join to the domain RRS feed

  • Question

  • We are using MDT 2013 Update 2, running a  Windows 10 Bitlocker Task Sequence.(We have the Feb 2016 Windows 10 iso)

    Recently my deployment has stopped joining machines to the domain with no changes to it. I want to check all avenues and understand what possible changes I could look at in our environment that could cause this, policy for example.

    The domain join is the 1st to last of the task sequence. The last is an MBAM Encryption script that also has stopped working since the domain join has stopped as well. I am not aware of any logs to check besides Event Viewer since the machine is no longer in WinPE but is actually logged into the desktop. There is no MINNIT folder. 


    Monday, April 11, 2016 2:34 PM

Answers

  • Sorry for the late response. This issue has been resolved, by a Microsoft PFE in like 30 minutes that we had on sight recently. You were right Ty Glander, something was changed. Our old Senior Engineering deleted the Joinworkgroup & joindomain from the unattend.xml for other reasons. Long story short "JoinWorkGroup" was being cached so we did a work around by adding a Task Sequence Variable "JoinWorkgroup" to zero that option out. Yay for our environment having custom scripts that were written decades ago.

    • Marked as answer by Ty Glander Wednesday, April 20, 2016 3:55 PM
    Wednesday, April 20, 2016 1:59 PM

All replies

  • Did you read our forum FAQ? The log information is there. There is a link in my signature.

    Many questions such as where do I find logs and what logs are interesting are found in: MDT TechNet Forum - FAQ & Getting Started Guide Please take the time to read it.

    Monday, April 11, 2016 2:51 PM
  • Hi

    The first step you need to check is c:\windows\debug\NetSetup.log to see why the device is not domain joining.

    Kind regards
    Per Larsen
    Twitter: @PerLarsen1975 | Blog: osddeployment.wordpress.com
    If this post is helpful please vote it as Helpful or click Mark for answer.

    Monday, April 11, 2016 3:04 PM
  • Oddly that log is not in the location.
    Monday, April 11, 2016 5:03 PM
  • Outside of the SMSTLogs there were no other logs. Also I want to mention that the deployment does not complete in order for a failure or success to appear. The machines just locks out and I have to log back in, it will state it was unable to run the LiteTouch script to continue.
    Monday, April 11, 2016 5:15 PM
  • Sounds an awful lot like your credentials are wrong. The account used probably has a different password than before.

    Many questions such as where do I find logs and what logs are interesting are found in: MDT TechNet Forum - FAQ & Getting Started Guide Please take the time to read it.

    Monday, April 11, 2016 9:58 PM
  • Ive had a total 4 different people use their credentials, since we do not store the domain join information in an ini or so. We use the Joinformation To Domain in our environment and have replicated this issue several times. I did find a log file in C:\Windows\Temp\Panther I think and I noticed that it appears that MDT is not even attempting to perform the join to domain option. This is really weird as it worked before and in MDT we've changed nothing....
    Monday, April 11, 2016 10:12 PM
  • Something had to change. Check the task sequence to see if the domain join is still enabled. Check that JoinDomain is set. Make sure the OU that you expect to join to hasn't changed. Also the logs must be somewhere. Do you have SLShare set?

    Many questions such as where do I find logs and what logs are interesting are found in: MDT TechNet Forum - FAQ & Getting Started Guide Please take the time to read it.

    Monday, April 11, 2016 11:02 PM
  • Sorry for the late response. This issue has been resolved, by a Microsoft PFE in like 30 minutes that we had on sight recently. You were right Ty Glander, something was changed. Our old Senior Engineering deleted the Joinworkgroup & joindomain from the unattend.xml for other reasons. Long story short "JoinWorkGroup" was being cached so we did a work around by adding a Task Sequence Variable "JoinWorkgroup" to zero that option out. Yay for our environment having custom scripts that were written decades ago.

    • Marked as answer by Ty Glander Wednesday, April 20, 2016 3:55 PM
    Wednesday, April 20, 2016 1:59 PM