none
Waik + WDS not joining the domain due to trust relationship RRS feed

  • Pergunta

  • Hi,

    I'm having issues getting my Win7 image to join the domain via the unattend.xml from my WDS server.  It either will not join the domain at all or when it decides to join the domain, i get the trust relationship issue.  Any ideas, I've tried just about every combination I could search for.  Below is my current unattend file, which does not join the domain.  Btw, I've been testing this on a Hyper-V VM if that is any help and please dont say try MDT, I only need it to join the domain, everything else work fine.

     

    thanks in advance,

     

      <?xml version="1.0" encoding="utf-8" ?>
    - <unattend xmlns="urn:schemas-microsoft-com:unattend">
      <servicing />
    - <settings pass="specialize">
    - <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <RegisteredOrganization>Bob</RegisteredOrganization>
      <RegisteredOwner>Bob</RegisteredOwner>
      <ShowWindowsLive>false</ShowWindowsLive>
      <TimeZone>Eastern Standard Time</TimeZone>
      <ComputerName>*</ComputerName>
      </component>
    - <component name="Microsoft-Windows-UnattendedJoin" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    - <Identification>
    - <Credentials>
      <Password>!Deleted!</Password>
      <Username>sysprep</Username>
      <Domain>bob.local</Domain>
      </Credentials>
      <UnsecureJoin>true</UnsecureJoin>
      <JoinDomain>bob.local</JoinDomain>
      <MachineObjectOU>Computers</MachineObjectOU>
      </Identification>
      </component>
    - <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <RegisteredOrganization>bob</RegisteredOrganization>
      <RegisteredOwner>bob</RegisteredOwner>
      <ShowWindowsLive>false</ShowWindowsLive>
      <TimeZone>Eastern Standard Time</TimeZone>
      <ComputerName>*</ComputerName>
      </component>
    - <component name="Microsoft-Windows-Security-Licensing-SLC-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <SkipAutoActivation>true</SkipAutoActivation>
      </component>
    - <component name="Microsoft-Windows-Security-Licensing-SLC-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <SkipAutoActivation>true</SkipAutoActivation>
      </component>
      </settings>
    - <settings pass="oobeSystem">
    - <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <InputLocale wcm:action="modify">en-US</InputLocale>
      <SystemLocale>en-US</SystemLocale>
      <UserLocale>en-US</UserLocale>
      <UILanguage>en-US</UILanguage>
      <UILanguageFallback />
      </component>
    - <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    - <OOBE>
      <HideEULAPage>true</HideEULAPage>
      <NetworkLocation>Work</NetworkLocation>
      <SkipMachineOOBE>true</SkipMachineOOBE>
      <SkipUserOOBE>true</SkipUserOOBE>
      <ProtectYourPC>3</ProtectYourPC>
      <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
      </OOBE>
    - <UserAccounts>
    - <AdministratorPassword>
      <Value>QQBMAHEAcABAADAAegBtAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAUABhAHMAcwB3AG8AcgBkAA==</Value>
      <PlainText>false</PlainText>
      </AdministratorPassword>
    - <DomainAccounts>
    - <DomainAccountList wcm:action="add">
    - <DomainAccount wcm:action="add">
      <Group>Administrators</Group>
      <Name>Domain Admins</Name>
      </DomainAccount>
      <Domain>bob.local</Domain>
    - <DomainAccount wcm:action="add">
      <Group>Administrators</Group>
      <Name>bob</Name>
      </DomainAccount>
      </DomainAccountList>
      </DomainAccounts>
    - <LocalAccounts>
    - <LocalAccount wcm:action="add">
    - <Password>
      <Value>QQBMAHEAcABAADAAegBtAFAAYQBzAHMAdwBvAHIAZAA=</Value>
      <PlainText>false</PlainText>
      </Password>
      <Group>Administrators</Group>
      <Name>bob</Name>
      </LocalAccount>
      </LocalAccounts>
      </UserAccounts>
      <RegisteredOrganization>bob</RegisteredOrganization>
      <RegisteredOwner>bob</RegisteredOwner>
      <TimeZone>Eastern Standard Time</TimeZone>
      <BluetoothTaskbarIconEnabled>false</BluetoothTaskbarIconEnabled>
      </component>
    - <component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <InputLocale>en-US</InputLocale>
      <SystemLocale>en-US</SystemLocale>
      <UILanguage />
      <UserLocale>en-US</UserLocale>
      <UILanguageFallback>en-US</UILanguageFallback>
      </component>
    - <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    - <OOBE>
      <HideEULAPage>true</HideEULAPage>
      <ProtectYourPC>3</ProtectYourPC>
      <NetworkLocation>Work</NetworkLocation>
      <SkipMachineOOBE>true</SkipMachineOOBE>
      <SkipUserOOBE>true</SkipUserOOBE>
      <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
      </OOBE>
    - <UserAccounts>
    - <AdministratorPassword>
      <Value>QQBMAHEAcABAADAAegBtAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAUABhAHMAcwB3AG8AcgBkAA==</Value>
      <PlainText>false</PlainText>
      </AdministratorPassword>
    - <LocalAccounts>
    - <LocalAccount wcm:action="add">
    - <Password>
      <Value>QQBMAHEAcABAADAAegBtAFAAYQBzAHMAdwBvAHIAZAA=</Value>
      <PlainText>false</PlainText>
      </Password>
      <DisplayName>bob</DisplayName>
      <Group>Administrators</Group>
      <Name>bob</Name>
      </LocalAccount>
      </LocalAccounts>
    - <DomainAccounts>
    - <DomainAccountList wcm:action="add">
      <Domain>bob.local</Domain>
    - <DomainAccount wcm:action="add">
      <Name>Domain Admins</Name>
      <Group>Administrators</Group>
      </DomainAccount>
    - <DomainAccount wcm:action="add">
      <Group>Administrators</Group>
      <Name>Integration</Name>
      </DomainAccount>
      </DomainAccountList>
      </DomainAccounts>
      </UserAccounts>
      <RegisteredOrganization>BOB</RegisteredOrganization>
      <RegisteredOwner>Environments</RegisteredOwner>
      <TimeZone>Eastern Standard Time</TimeZone>
      <BluetoothTaskbarIconEnabled>false</BluetoothTaskbarIconEnabled>
      </component>
      </settings>
    - <settings pass="generalize">
    - <component name="Microsoft-Windows-Security-Licensing-SLC" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <SkipRearm>1</SkipRearm>
      </component>
    - <component name="Microsoft-Windows-Security-Licensing-SLC" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
      <SkipRearm>1</SkipRearm>
      </component>
      </settings>
    - <settings pass="windowsPE">
    - <component name="Microsoft-Windows-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    - <UserData>
      <AcceptEula>true</AcceptEula>
      <FullName>bob</FullName>
      <Organization>bob</Organization>
      </UserData>
      <EnableFirewall>false</EnableFirewall>
      </component>
    - <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    - <UserData>
      <AcceptEula>true</AcceptEula>
      <FullName>E-Space</FullName>
      <Organization>BAH-Systems</Organization>
      </UserData>
      <EnableFirewall>false</EnableFirewall>
      </component>
      </settings>
      <cpi:offlineImage cpi:source="wim:d:/sources/install.wim#Windows 7 PROFESSIONAL" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
      </unattend>

    terça-feira, 30 de agosto de 2011 21:55

Todas as Respostas

  • You have  UnsecureJoin specified.  That might not be what you are trying to do.  If you specify UnsecureJoin you must also specify MachinePassword, and not specify Domain, Username, or Password.  Your MachineObjectOU would need to be specified in distinguished name format.  If you want your machine account to end up in the default Computers container, you do not need to specify it with MachineObjectOU.

    By removing <UnsecureJoin>true</UnsecureJoin> and <MachineObjectOU>Computers</MachineObjectOU> you may have more success.

    Hope that helps!

    Thanks,

    Allen

    SmartDeploy




    quarta-feira, 31 de agosto de 2011 21:22
  • Thanks Deploy7,

    I made the change and now i get the trust relationship error again......

     

    Any other ideas?

    quinta-feira, 1 de setembro de 2011 16:09
  • I'll assume you are deploying a 64-bit OS, since your answer file only has a Microsoft-Windows-UnattendedJoin section for processorArchitecture="amd64".

    The only other thing I see is that you shouldn't have to add Domain Admins to the local Administrators group, that should happen automatically when the domain join is successful.

    Based on the random computer name, I'd assume the machine accounts are not pre-existing...  Also, the bob.local\sysprep account has the required permissions to be able to join a machine to the domain?  Can you successfully join the machine to the domain form within Windows using the bob.local\sysprep account?

    Could you post the contents of c:\windows\debug\netsetup.log from the machine where you had this issue?

    Thanks,

    Allen

    SmartDeploy
    quinta-feira, 1 de setembro de 2011 18:18
  • Thanks again Deploy7,

    I took out the domain users and I still get the trust relationship error.  And yes, the bob.local\sysprep account has permissions to add computers to the domain.  The account works perfectly for XP installs via wds

     

     Below is the netsetup.log

     

    09/02/2011 11:49:47:030 -----------------------------------------------------------------

    09/02/2011 11:49:47:030 NetpDoDomainJoin

    09/02/2011 11:49:47:030 NetpMachineValidToJoin: 'BOB-2SE2AGKP1L'

    09/02/2011 11:49:47:030 OS Version: 6.1

    09/02/2011 11:49:47:030 Build number: 7601 (7601.win7sp1_gdr.110408-1631)

    09/02/2011 11:49:47:030 ServicePack: Service Pack 1

    09/02/2011 11:49:47:155 SKU: Windows 7 Professional

    09/02/2011 11:49:47:155 NetpDomainJoinLicensingCheck: ulLicenseValue=1, Status: 0x0

    09/02/2011 11:49:47:155 NetpGetLsaPrimaryDomain: status: 0x0

    09/02/2011 11:49:47:155 NetpMachineValidToJoin: status: 0x0

    09/02/2011 11:49:47:155 NetpJoinDomain

    09/02/2011 11:49:47:155 Machine: BOB-2SE2AGKP1L

    09/02/2011 11:49:47:155 Domain: bob.local\dns.boblocal

    09/02/2011 11:49:47:155 MachineAccountOU: (NULL)

    09/02/2011 11:49:47:155 Account: bob.local\sysprep

    09/02/2011 11:49:47:155 Options: 0x23

    09/02/2011 11:49:47:171 NetpLoadParameters: loading registry parameters...

    09/02/2011 11:49:47:171 NetpLoadParameters: DNSNameResolutionRequired not found, defaulting to '1' 0x2

    09/02/2011 11:49:47:171 NetpLoadParameters: DomainCompatibilityMode not found, defaulting to '0' 0x2

    09/02/2011 11:49:47:171 NetpLoadParameters: status: 0x2

    09/02/2011 11:49:47:171 NetpValidateName: checking to see if 'bob.local' is valid as type 3 name

    09/02/2011 11:49:47:296 NetpCheckDomainNameIsValid [ Exists ] for 'bob.local' returned 0x0

    09/02/2011 11:49:47:296 NetpValidateName: name 'bob.local' is valid for type 3

    09/02/2011 11:49:47:827 NetpJoinDomain: status of connecting to dc '\\dns.bob.local': 0x0

    09/02/2011 11:49:47:827 NetpJoinDomainOnDs: Passed DC 'dns.bob.local' verified as DNS name '\\dns.bob.local'

    09/02/2011 11:49:47:827 NetpLoadParameters: loading registry parameters...

    09/02/2011 11:49:47:827 NetpLoadParameters: DNSNameResolutionRequired not found, defaulting to '1' 0x2

    09/02/2011 11:49:47:827 NetpLoadParameters: DomainCompatibilityMode not found, defaulting to '0' 0x2

    09/02/2011 11:49:47:827 NetpLoadParameters: status: 0x2

    09/02/2011 11:49:47:843 NetpDsGetDcName: status of verifying DNS A record name resolution for 'dns.bob.local': 0x0

    09/02/2011 11:49:47:843 NetpProvisionComputerAccount:

    09/02/2011 11:49:47:843 lpDomain: bob.local

    09/02/2011 11:49:47:843 lpMachineName: BOB-2SE2AGKP1L

    09/02/2011 11:49:47:843 lpMachineAccountOU: (NULL)

    09/02/2011 11:49:47:843 lpDcName: dns.bob.local

    09/02/2011 11:49:47:843 lpDnsHostName: (NULL)

    09/02/2011 11:49:47:843 lpMachinePassword: (null)

    09/02/2011 11:49:47:843 lpAccount: bob.local\sysprep

    09/02/2011 11:49:47:843 lpPassword: (non-null)

    09/02/2011 11:49:47:843 dwJoinOptions: 0x23

    09/02/2011 11:49:47:843 dwOptions: 0x40000003

    09/02/2011 11:49:48:202 NetpLdapBind: Verified minimum encryption strength on dns.bob.local: 0x0

    09/02/2011 11:49:48:202 NetpLdapGetLsaPrimaryDomain: reading domain data

    09/02/2011 11:49:48:202 NetpGetNCData: Reading NC data

    09/02/2011 11:49:48:218 NetpGetDomainData: Lookup domain data for: DC=bob,DC=local

    09/02/2011 11:49:48:218 NetpGetDomainData: Lookup crossref data for: CN=Partitions,CN=Configuration,DC=bob,DC=local

    09/02/2011 11:49:48:296 NetpLdapGetLsaPrimaryDomain: result of retrieving domain data: 0x0

    09/02/2011 11:49:48:374 NetpGetComputerObjectDn: Cracking DNS domain name bob.local/ into Netbios on \\dns.bob.local

    09/02/2011 11:49:48:374 NetpGetComputerObjectDn: Crack results: name = bob\

    09/02/2011 11:49:48:374 NetpGetComputerObjectDn: Cracking account name bob\BOB-2SE2AGKP1L$ on \\dns.bob.local

    09/02/2011 11:49:48:374 NetpGetComputerObjectDn: Crack results: Account does not exist

    09/02/2011 11:49:48:374 NetpGetComputerObjectDn: Cracking Netbios domain name bob\ into root DN on \\dns.bob.local

    09/02/2011 11:49:48:374 NetpGetComputerObjectDn: Crack results: name = DC=bob,DC=local

    09/02/2011 11:49:48:405 NetpGetComputerObjectDn: Got DN CN=BOB-2SE2AGKP1L,CN=Computers,DC=bob,DC=local from the default computer container

    09/02/2011 11:49:48:421 NetpModifyComputerObjectInDs: Initial attribute values:

    09/02/2011 11:49:48:421 objectClass  =  Computer

    09/02/2011 11:49:48:437 SamAccountName  =  BOB-2SE2AGKP1L$

    09/02/2011 11:49:48:437 userAccountControl  =  0x1000

    09/02/2011 11:49:48:437 DnsHostName  =  BOB-2SE2AGKP1L.bob.local

    09/02/2011 11:49:48:437 ServicePrincipalName  =  HOST/BOB-2SE2AGKP1L.bob.local  RestrictedKrbHost/BOB-2SE2AGKP1L.bob.local  HOST/BOB-2SE2AGKP1L  RestrictedKrbHost/BOB-2SE2AGKP1L

    09/02/2011 11:49:48:437 unicodePwd  =  <SomePassword>

    09/02/2011 11:49:48:437 NetpModifyComputerObjectInDs: Computer Object does not exist in OU

    09/02/2011 11:49:48:437 NetpModifyComputerObjectInDs: Attribute values to set:

    09/02/2011 11:49:48:437 objectClass  =  Computer

    09/02/2011 11:49:48:437 SamAccountName  =  BOB-2SE2AGKP1L$

    09/02/2011 11:49:48:437 userAccountControl  =  0x1000

    09/02/2011 11:49:48:437 DnsHostName  =  BOB-2SE2AGKP1L.bob.local

    09/02/2011 11:49:48:437 ServicePrincipalName  =  HOST/BOB-2SE2AGKP1L.bob.local  RestrictedKrbHost/BOB-2SE2AGKP1L.bob.local  HOST/BOB-2SE2AGKP1L  RestrictedKrbHost/BOB-2SE2AGKP1L

    09/02/2011 11:49:48:437 unicodePwd  =  <SomePassword>

    09/02/2011 11:49:49:187 NetpEncodeProvisioningBlob: Encoding provisioning data

    09/02/2011 11:49:49:187 NetpInitBlobWin7: Constructing blob...

    09/02/2011 11:49:49:187 Blob version: 1

    09/02/2011 11:49:49:187 lpDomain: bob.local

    09/02/2011 11:49:49:187 lpMachineName: BOB-2SE2AGKP1L

    09/02/2011 11:49:49:187 lpMachinePassword: <omitted from log>

    09/02/2011 11:49:49:187    DomainDnsPolicy:

    09/02/2011 11:49:49:187     Name: bob

    09/02/2011 11:49:49:187     DnsDomainName: bob.local

    09/02/2011 11:49:49:187     DnsForestName: bob.local

    09/02/2011 11:49:49:187     DomainGuid: 883675b8-ee13-4390-aafc-58f627128ea6

    09/02/2011 11:49:49:187     Sid: S-1-5-21-57989841-527237240-725345543

    09/02/2011 11:49:49:187    DcInfo:

    09/02/2011 11:49:49:187     DomainControllerName: \\dns.bob.local

    09/02/2011 11:49:49:187     DomainControllerAddress: \\192.168.0.60

    09/02/2011 11:49:49:187     DomainControllerAddressType: 1

    09/02/2011 11:49:49:187     DomainGuid: 883675b8-ee13-4390-aafc-58f627128ea6

    09/02/2011 11:49:49:187     DomainName: bob.local

    09/02/2011 11:49:49:187     DnsForestName: bob.local

    09/02/2011 11:49:49:187     Flags: 0xe00031fd

    09/02/2011 11:49:49:187     DcSiteName: Default-First-Site

    09/02/2011 11:49:49:187     ClientSiteName: Default-First-Site

    09/02/2011 11:49:49:187 Options: 0x40000003

    09/02/2011 11:49:49:187 NetpInitBlobWin7: Blob pickling result: 0

    09/02/2011 11:49:49:187 NetpEncodeProvisioningBlob: result: 0x0

    09/02/2011 11:49:49:187 ldap_unbind status: 0x0

    09/02/2011 11:49:49:187 NetpRequestOfflineDomainJoin:

    09/02/2011 11:49:49:187 dwProvisionBinDataSize: 960

    09/02/2011 11:49:49:187 JoinOptions: 0x23

    09/02/2011 11:49:49:187 Options: 0x40000003

    09/02/2011 11:49:49:187 lpWindowsPath: C:\Windows

    09/02/2011 11:49:49:187 NetpDecodeProvisioningBlob: Unpickling provisioning blob with size 960 bytes

    09/02/2011 11:49:49:187 NetpDecodeProvisioningBlob: Searching 1 blobs for supported ODJ blob, highest supported version: 1

    09/02/2011 11:49:49:187 NetpDecodeProvisioningBlob: Found ODJ blob version: 1

    09/02/2011 11:49:49:187 NetpDecodeProvisioningBlob: Selected ODJ blob version: 1

    09/02/2011 11:49:49:187 Blob version: 1

    09/02/2011 11:49:49:187 lpDomain: bob.local

    09/02/2011 11:49:49:187 lpMachineName: BOB-2SE2AGKP1L

    09/02/2011 11:49:49:187 lpMachinePassword: <omitted from log>

    09/02/2011 11:49:49:187    DomainDnsPolicy:

    09/02/2011 11:49:49:187     Name: bob

    09/02/2011 11:49:49:187     DnsDomainName: bob.local

    09/02/2011 11:49:49:187     DnsForestName: bob.local

    09/02/2011 11:49:49:187     DomainGuid: 883675b8-ee13-4390-aafc-58f627128ea6

    09/02/2011 11:49:49:187     Sid: S-1-5-21-57989841-527237240-725345543

    09/02/2011 11:49:49:187    DcInfo:

    09/02/2011 11:49:49:187     DomainControllerName: \\dns.bob.local

    09/02/2011 11:49:49:187     DomainControllerAddress: \\192.168.0.60

    09/02/2011 11:49:49:187     DomainControllerAddressType: 1

    09/02/2011 11:49:49:187     DomainGuid: 883675b8-ee13-4390-aafc-58f627128ea6

    09/02/2011 11:49:49:187     DomainName: bob.local

    09/02/2011 11:49:49:187     DnsForestName: bob.local

    09/02/2011 11:49:49:187     Flags: 0xe00031fd

    09/02/2011 11:49:49:187     DcSiteName: Default-First-Site

    09/02/2011 11:49:49:187     ClientSiteName: Default-First-Site

    09/02/2011 11:49:49:187 Options: 0x40000003

    09/02/2011 11:49:49:187 NetpDoInitiateOfflineDomainJoin

    09/02/2011 11:49:49:187 NetpDoInitiateOfflineDomainJoin: Setting backup/restore privileges

    09/02/2011 11:49:49:202 NetpInitiateOfflineJoin

    09/02/2011 11:49:49:202 lpLocalRegistryPath: C:\Windows\system32\config\SYSTEM

    09/02/2011 11:49:49:202 dwOptions: 0x40000003

    09/02/2011 11:49:49:202 NetpConvertBlobToJoinState: Translating provisioning data to internal format

    09/02/2011 11:49:49:202 NetpConvertBlobToJoinState: Selecting version 1

    09/02/2011 11:49:49:202 NetpConvertBlobToJoinState: exiting: 0x0

    09/02/2011 11:49:49:202 NetpValidateFullJoinState: Validating provisioning data...

    09/02/2011 11:49:49:202 NetpValidateFullJoinState: exiting: 0x0

    09/02/2011 11:49:49:202 NetpClearFullJoinState:  Removing cached state from the registry...

    09/02/2011 11:49:49:202 NetpClearFullJoinState: Status of deleting join state key 0x2

    09/02/2011 11:49:49:202 NetpSaveFullJoinStateInternal: Injecting provisioning data into image...

    09/02/2011 11:49:49:202 NetpSaveFullJoinStateInternal: exiting: 0x0

    09/02/2011 11:49:49:202 NetpSetComputerNamesOffline: Checking for pending name changes...

    09/02/2011 11:49:49:202 SetHostName: TRUE

    09/02/2011 11:49:49:202 SetDnsDomain: TRUE

    09/02/2011 11:49:49:202 SetNetBiosName: TRUE

    09/02/2011 11:49:49:202 SetCurrentValues: TRUE

    09/02/2011 11:49:49:202 NetpSetComputerNamesOffline: Setting Hostname to BOB-2SE2AGKP1L

    09/02/2011 11:49:49:202 NetpSetComputerNamesOffline: Setting Domain name to bob.local

    09/02/2011 11:49:49:202 NetpSetComputerNamesOffline: Setting NetBios computer name to BOB-2SE2AGKP1L

    09/02/2011 11:49:49:218 NetpDoInitiateOfflineDomainJoin: status: 0x0

    09/02/2011 11:49:49:218 NetRequestOfflineDomainJoin: Successfully initiated the offline domain join

    09/02/2011 11:49:49:218 NetpJoinDomainOnDs: Setting netlogon cache.

    09/02/2011 11:49:49:249 NetpJoinDomainOnDs: status of setting netlogon cache: 0x0

    09/02/2011 11:49:49:249 NetpJoinDomainOnDs: Function exits with status of: 0x0

    09/02/2011 11:49:49:249 NetpJoinDomainOnDs: status of disconnecting from '\\dns.bob.local': 0x0

    09/02/2011 11:49:49:249 NetpCompleteOfflineDomainJoin

    09/02/2011 11:49:49:249 fBootTimeCaller: FALSE

    09/02/2011 11:49:49:249 fSetLocalGroups: TRUE

    09/02/2011 11:49:49:249 NetpLsaOpenSecret: status: 0xc0000034

    09/02/2011 11:49:49:249 NetpGetLsaPrimaryDomain: status: 0x0

    09/02/2011 11:49:49:249 NetpJoinDomainLocal: NetpHandleJoinedStateInfo returned: 0x0

    09/02/2011 11:49:49:249 NetpLsaOpenSecret: status: 0xc0000034

    09/02/2011 11:49:49:515 NetpJoinDomainLocal: NetpManageMachineSecret returned: 0x0.

    09/02/2011 11:49:49:515 Calling NetpQueryService to get Netlogon service state.

    09/02/2011 11:49:49:515 NetpJoinDomainLocal: NetpQueryService returned: 0x0.

    09/02/2011 11:49:49:546 NetpSetLsaPrimaryDomain: for 'bob' status: 0x0

    09/02/2011 11:49:49:546 NetpJoinDomainLocal: status of setting LSA pri. domain: 0x0

    09/02/2011 11:49:49:546 NetpManageLocalGroupsForJoin: Adding groups for new domain, removing groups from old domain, if any.

    09/02/2011 11:49:49:546 NetpManageLocalGroups: Populating list of account SIDs.

    09/02/2011 11:49:49:765 NetpManageLocalGroupsForJoin: status of modifying groups related to domain 'bob' to local groups: 0x0

    09/02/2011 11:49:49:765 NetpManageLocalGroupsForJoin: INFO: No old domain groups to process.

    09/02/2011 11:49:49:765 NetpJoinDomainLocal: Status of managing local groups: 0x0

    09/02/2011 11:49:49:905 NetpJoinDomainLocal: status of setting ComputerNamePhysicalDnsDomain to 'bob.local': 0x0

    09/02/2011 11:49:49:905 NetpJoinDomainLocal: Controlling services and setting service start type.

    09/02/2011 11:49:49:905 NetpJoinDomainLocal: Updating W32TimeConfig

    09/02/2011 11:49:49:983 [00000b00] NetpGetLsaPrimaryDomain: status: 0x0

    09/02/2011 11:49:49:999 NetpUpdateW32timeConfig: 0x0

    09/02/2011 11:49:49:999 NetpClearFullJoinState:  Removing cached state from the registry...

    09/02/2011 11:49:49:999 NetpClearFullJoinState: Status of deleting join state key 0x0

    09/02/2011 11:49:49:999 NetpCompleteOfflineDomainJoin: status: 0x0

    09/02/2011 11:49:49:999 NetpJoinDomain: NetpCompleteOfflineDomainJoin SUCCESS: Requested a reboot :0x0

    09/02/2011 11:49:49:999 NetpDoDomainJoin: status: 0x0

    sexta-feira, 2 de setembro de 2011 18:12
  • That netsetup.log is from an offline join.  Do you have the log from a failed join attempt where you are not using offline join in the answer file?
    quarta-feira, 7 de setembro de 2011 14:35
  • thanks for the incite Deploy7.  I didnt realize waik was preforming an offline join.  How do I set it up to perform an online join?

    sexta-feira, 9 de setembro de 2011 16:10
  • UnsecureJoin is an offline join.  The netsetup.log you posted must have been from an unattend.xml that had UnsecureJoin specified.

     

     

    segunda-feira, 12 de setembro de 2011 19:50
  • Thanks Deploy7,

    Sorry for the delay, with unsecurejoin set to false, the image does not join the domain at all and I receive the security database/trust relationship error. For some reason, its defaults to an unsecurejoin according to the log.   Attached is the log.

    thanks for your help so far

     

    09/23/2011 15:15:35:578 -----------------------------------------------------------------

    09/23/2011 15:15:35:578 NetpDoDomainJoin

    09/23/2011 15:15:35:578 NetpMachineValidToJoin: 'bob-8FN11KA3N3'

    09/23/2011 15:15:35:578  OS Version: 6.1

    09/23/2011 15:15:35:578  Build number: 7601 (7601.win7sp1_gdr.110408-1631)

    09/23/2011 15:15:35:578  ServicePack: Service Pack 1

    09/23/2011 15:15:35:734  SKU: Windows 7 Professional

    09/23/2011 15:15:35:734 NetpDomainJoinLicensingCheck: ulLicenseValue=1, Status: 0x0

    09/23/2011 15:15:35:734 NetpGetLsaPrimaryDomain: status: 0x0

    09/23/2011 15:15:35:734 NetpMachineValidToJoin: status: 0x0

    09/23/2011 15:15:35:734 NetpJoinDomain

    09/23/2011 15:15:35:734  Machine: bob-8FN11KA3N3

    09/23/2011 15:15:35:734  Domain: bob.local\dns1.bob.local

    09/23/2011 15:15:35:734  MachineAccountOU: (NULL)

    09/23/2011 15:15:35:734  Account: bob.local\sysprep

    09/23/2011 15:15:35:734  Options: 0x23

    09/23/2011 15:15:35:749 NetpLoadParameters: loading registry parameters...

    09/23/2011 15:15:35:749 NetpLoadParameters: DNSNameResolutionRequired not found, defaulting to '1' 0x2

    09/23/2011 15:15:35:749 NetpLoadParameters: DomainCompatibilityMode not found, defaulting to '0' 0x2

    09/23/2011 15:15:35:749 NetpLoadParameters: status: 0x2

    09/23/2011 15:15:35:765 NetpValidateName: checking to see if 'bob.local' is valid as type 3 name

    09/23/2011 15:15:35:874 NetpCheckDomainNameIsValid [ Exists ] for 'bob.local' returned 0x0

    09/23/2011 15:15:35:874 NetpValidateName: name 'bob.local' is valid for type 3

    09/23/2011 15:15:36:390 NetpJoinDomain: status of connecting to dc '\\dns1.bob.local': 0x0

    09/23/2011 15:15:36:390 NetpJoinDomainOnDs: Passed DC 'dns1.bob.local' verified as DNS name '\\dns1.bob.local'

    09/23/2011 15:15:36:390 NetpLoadParameters: loading registry parameters...

    09/23/2011 15:15:36:390 NetpLoadParameters: DNSNameResolutionRequired not found, defaulting to '1' 0x2

    09/23/2011 15:15:36:390 NetpLoadParameters: DomainCompatibilityMode not found, defaulting to '0' 0x2

    09/23/2011 15:15:36:390 NetpLoadParameters: status: 0x2

    09/23/2011 15:15:36:390 NetpDsGetDcName: status of verifying DNS A record name resolution for 'dns1.bob.local': 0x0

    09/23/2011 15:15:36:390 NetpProvisionComputerAccount:

    09/23/2011 15:15:36:390  lpDomain: bob.local

    09/23/2011 15:15:36:390  lpMachineName: bob-8FN11KA3N3

    09/23/2011 15:15:36:390  lpMachineAccountOU: (NULL)

    09/23/2011 15:15:36:390  lpDcName: dns1.bob.local

    09/23/2011 15:15:36:390  lpDnsHostName: (NULL)

    09/23/2011 15:15:36:390  lpMachinePassword: (null)

    09/23/2011 15:15:36:390  lpAccount: bob.local\sysprep

    09/23/2011 15:15:36:390  lpPassword: (non-null)

    09/23/2011 15:15:36:390  dwJoinOptions: 0x23

    09/23/2011 15:15:36:390  dwOptions: 0x40000003

    09/23/2011 15:15:36:546 NetpLdapBind: Verified minimum encryption strength on dns1.bob.local: 0x0

    09/23/2011 15:15:36:546 NetpLdapGetLsaPrimaryDomain: reading domain data

    09/23/2011 15:15:36:546 NetpGetNCData: Reading NC data

    09/23/2011 15:15:36:546 NetpGetDomainData: Lookup domain data for: DC=bob,DC=local

    09/23/2011 15:15:36:546 NetpGetDomainData: Lookup crossref data for: CN=Partitions,CN=Configuration,DC=bob,DC=local

    09/23/2011 15:15:36:609 NetpLdapGetLsaPrimaryDomain: result of retrieving domain data: 0x0

    09/23/2011 15:15:36:671 NetpGetComputerObjectDn: Cracking DNS domain name bob.local/ into Netbios on \\dns1.bob.local

    09/23/2011 15:15:36:671 NetpGetComputerObjectDn: Crack results:  name = bob\

    09/23/2011 15:15:36:671 NetpGetComputerObjectDn: Cracking account name bob\bob-8FN11KA3N3$ on \\dns1.bob.local

    09/23/2011 15:15:36:671 NetpGetComputerObjectDn: Crack results:  Account does not exist

    09/23/2011 15:15:36:671 NetpGetComputerObjectDn: Cracking Netbios domain name bob\ into root DN on \\dns1.bob.local

    09/23/2011 15:15:36:671 NetpGetComputerObjectDn: Crack results:  name = DC=bob,DC=local

    09/23/2011 15:15:36:687 NetpGetComputerObjectDn: Got DN CN=bob-8FN11KA3N3,CN=Computers,DC=bob,DC=local from the default computer container

    09/23/2011 15:15:36:687 NetpModifyComputerObjectInDs: Initial attribute values:

    09/23/2011 15:15:36:687  objectClass  =  Computer

    09/23/2011 15:15:36:687  SamAccountName  =  bob-8FN11KA3N3$

    09/23/2011 15:15:36:687  userAccountControl  =  0x1000

    09/23/2011 15:15:36:687  DnsHostName  =  bob-8FN11KA3N3.bob.local

    09/23/2011 15:15:36:687  ServicePrincipalName  =  HOST/bob-8FN11KA3N3.bob.local  RestrictedKrbHost/bob-8FN11KA3N3.bob.local  HOST/bob-8FN11KA3N3  

     

    RestrictedKrbHost/bob-8FN11KA3N3

    09/23/2011 15:15:36:687  unicodePwd  =  <SomePassword>

    09/23/2011 15:15:36:687 NetpModifyComputerObjectInDs: Computer Object does not exist in OU

    09/23/2011 15:15:36:687 NetpModifyComputerObjectInDs: Attribute values to set:

    09/23/2011 15:15:36:687  objectClass  =  Computer

    09/23/2011 15:15:36:687  SamAccountName  =  bob-8FN11KA3N3$

    09/23/2011 15:15:36:687  userAccountControl  =  0x1000

    09/23/2011 15:15:36:687  DnsHostName  =  bob-8FN11KA3N3.bob.local

    09/23/2011 15:15:36:687  ServicePrincipalName  =  HOST/bob-8FN11KA3N3.bob.local  RestrictedKrbHost/bob-8FN11KA3N3.bob.local  HOST/bob-8FN11KA3N3  

     

    RestrictedKrbHost/bob-8FN11KA3N3

    09/23/2011 15:15:36:687  unicodePwd  =  <SomePassword>

    09/23/2011 15:15:37:281 NetpEncodeProvisioningBlob: Encoding provisioning data

    09/23/2011 15:15:37:281 NetpInitBlobWin7: Constructing blob...

    09/23/2011 15:15:37:281 Blob version: 1

    09/23/2011 15:15:37:281  lpDomain: bob.local

    09/23/2011 15:15:37:281  lpMachineName: bob-8FN11KA3N3

    09/23/2011 15:15:37:281  lpMachinePassword: <omitted from log>

    09/23/2011 15:15:37:281    DomainDnsPolicy:

    09/23/2011 15:15:37:281     Name: bob

    09/23/2011 15:15:37:281     DnsDomainName: bob.local

    09/23/2011 15:15:37:281     DnsForestName: bob.local

    09/23/2011 15:15:37:281     DomainGuid: 883675b8-ee13-4390-aafc-58f627128ea6

    09/23/2011 15:15:37:281     Sid: S-1-5-21-57989841-527237240-725345543

    09/23/2011 15:15:37:281    DcInfo:

    09/23/2011 15:15:37:281     DomainControllerName: \\dns1.bob.local

    09/23/2011 15:15:37:281     DomainControllerAddress: \\192.168.0.1

    09/23/2011 15:15:37:281     DomainControllerAddressType: 1

    09/23/2011 15:15:37:281     DomainGuid: 883675b8-ee13-4390-aafc-58f627128ea6

    09/23/2011 15:15:37:281     DomainName: bob.local

    09/23/2011 15:15:37:281     DnsForestName: bob.local

    09/23/2011 15:15:37:281     Flags: 0xe00031fd

    09/23/2011 15:15:37:281     DcSiteName: Default-First-Site

    09/23/2011 15:15:37:281     ClientSiteName: Default-First-Site

    09/23/2011 15:15:37:281  Options: 0x40000003

    09/23/2011 15:15:37:281 NetpInitBlobWin7: Blob pickling result: 0

    09/23/2011 15:15:37:281 NetpEncodeProvisioningBlob: result: 0x0

    09/23/2011 15:15:37:281 ldap_unbind status: 0x0

    09/23/2011 15:15:37:281 NetpRequestOfflineDomainJoin:

    09/23/2011 15:15:37:281  dwProvisionBinDataSize: 960

    09/23/2011 15:15:37:281  JoinOptions: 0x23

    09/23/2011 15:15:37:281  Options: 0x40000003

    09/23/2011 15:15:37:281  lpWindowsPath: C:\Windows

    09/23/2011 15:15:37:281 NetpDecodeProvisioningBlob: Unpickling provisioning blob with size 960 bytes

    09/23/2011 15:15:37:281 NetpDecodeProvisioningBlob: Searching 1 blobs for supported ODJ blob, highest supported version: 1

    09/23/2011 15:15:37:281 NetpDecodeProvisioningBlob: Found ODJ blob version: 1

    09/23/2011 15:15:37:281 NetpDecodeProvisioningBlob: Selected ODJ blob version: 1

    09/23/2011 15:15:37:281 Blob version: 1

    09/23/2011 15:15:37:281  lpDomain: bob.local

    09/23/2011 15:15:37:281  lpMachineName: bob-8FN11KA3N3

    09/23/2011 15:15:37:281  lpMachinePassword: <omitted from log>

    09/23/2011 15:15:37:281    DomainDnsPolicy:

    09/23/2011 15:15:37:281     Name: bob

    09/23/2011 15:15:37:281     DnsDomainName: bob.local

    09/23/2011 15:15:37:281     DnsForestName: bob.local

    09/23/2011 15:15:37:281     DomainGuid: 883675b8-ee13-4390-aafc-58f627128ea6

    09/23/2011 15:15:37:281     Sid: S-1-5-21-57989841-527237240-725345543

    09/23/2011 15:15:37:281    DcInfo:

    09/23/2011 15:15:37:281     DomainControllerName: \\dns1.bob.local

    09/23/2011 15:15:37:281     DomainControllerAddress: \\192.168.0.1

    09/23/2011 15:15:37:281     DomainControllerAddressType: 1

    09/23/2011 15:15:37:281     DomainGuid: 883675b8-ee13-4390-aafc-58f627128ea6

    09/23/2011 15:15:37:281     DomainName: bob.local

    09/23/2011 15:15:37:281     DnsForestName: bob.local

    09/23/2011 15:15:37:281     Flags: 0xe00031fd

    09/23/2011 15:15:37:281     DcSiteName: Default-First-Site

    09/23/2011 15:15:37:281     ClientSiteName: Default-First-Site

    09/23/2011 15:15:37:281  Options: 0x40000003

    09/23/2011 15:15:37:281 NetpDoInitiateOfflineDomainJoin

    09/23/2011 15:15:37:281 NetpDoInitiateOfflineDomainJoin: Setting backup/restore privileges

    09/23/2011 15:15:37:312 NetpInitiateOfflineJoin

    09/23/2011 15:15:37:312  lpLocalRegistryPath: C:\Windows\system32\config\SYSTEM

    09/23/2011 15:15:37:312  dwOptions: 0x40000003

    09/23/2011 15:15:37:312 NetpConvertBlobToJoinState: Translating provisioning data to internal format

    09/23/2011 15:15:37:312 NetpConvertBlobToJoinState: Selecting version 1

    09/23/2011 15:15:37:312 NetpConvertBlobToJoinState: exiting: 0x0

    09/23/2011 15:15:37:312 NetpValidateFullJoinState: Validating provisioning data...

    09/23/2011 15:15:37:312 NetpValidateFullJoinState: exiting: 0x0

    09/23/2011 15:15:37:312 NetpClearFullJoinState:  Removing cached state from the registry...

    09/23/2011 15:15:37:312 NetpClearFullJoinState: Status of deleting join state key 0x2

    09/23/2011 15:15:37:312 NetpSaveFullJoinStateInternal: Injecting provisioning data into image...

    09/23/2011 15:15:37:312 NetpSaveFullJoinStateInternal: exiting: 0x0

    09/23/2011 15:15:37:312 NetpSetComputerNamesOffline: Checking for pending name changes...

    09/23/2011 15:15:37:312  SetHostName: TRUE

    09/23/2011 15:15:37:312  SetDnsDomain: TRUE

    09/23/2011 15:15:37:312  SetNetBiosName: TRUE

    09/23/2011 15:15:37:312  SetCurrentValues: TRUE

    09/23/2011 15:15:37:312 NetpSetComputerNamesOffline: Setting Hostname to bob-8FN11KA3N3

    09/23/2011 15:15:37:312 NetpSetComputerNamesOffline: Setting Domain name to bob.local

    09/23/2011 15:15:37:312 NetpSetComputerNamesOffline: Setting NetBios computer name to bob-8FN11KA3N3

    09/23/2011 15:15:37:328 NetpDoInitiateOfflineDomainJoin: status: 0x0

    09/23/2011 15:15:37:328 NetRequestOfflineDomainJoin: Successfully initiated the offline domain join

    09/23/2011 15:15:37:328 NetpJoinDomainOnDs: Setting netlogon cache.

    09/23/2011 15:15:37:374 NetpJoinDomainOnDs: status of setting netlogon cache: 0x0

    09/23/2011 15:15:37:374 NetpJoinDomainOnDs: Function exits with status of: 0x0

    09/23/2011 15:15:37:374 NetpJoinDomainOnDs: status of disconnecting from '\\dns1.bob.local': 0x0

    09/23/2011 15:15:37:390 NetpCompleteOfflineDomainJoin

    09/23/2011 15:15:37:390  fBootTimeCaller: FALSE

    09/23/2011 15:15:37:390  fSetLocalGroups: TRUE

    09/23/2011 15:15:37:390 NetpLsaOpenSecret: status: 0xc0000034

    09/23/2011 15:15:37:390 NetpGetLsaPrimaryDomain: status: 0x0

    09/23/2011 15:15:37:390 NetpJoinDomainLocal: NetpHandleJoinedStateInfo returned: 0x0

    09/23/2011 15:15:37:390 NetpLsaOpenSecret: status: 0xc0000034

    09/23/2011 15:15:37:624 NetpJoinDomainLocal: NetpManageMachineSecret returned: 0x0.

    09/23/2011 15:15:37:624 Calling NetpQueryService to get Netlogon service state.

    09/23/2011 15:15:37:624 NetpJoinDomainLocal: NetpQueryService returned: 0x0.

    09/23/2011 15:15:37:656 NetpSetLsaPrimaryDomain: for 'bob' status: 0x0

    09/23/2011 15:15:37:656 NetpJoinDomainLocal: status of setting LSA pri. domain: 0x0

    09/23/2011 15:15:37:656 NetpManageLocalGroupsForJoin: Adding groups for new domain, removing groups from old domain, if any.

    09/23/2011 15:15:37:656 NetpManageLocalGroups: Populating list of account SIDs.

    09/23/2011 15:15:37:843 NetpManageLocalGroupsForJoin: status of modifying groups related to domain 'bob' to local groups: 0x0

    09/23/2011 15:15:37:843 NetpManageLocalGroupsForJoin: INFO: No old domain groups to process.

    09/23/2011 15:15:37:843 NetpJoinDomainLocal: Status of managing local groups: 0x0

    09/23/2011 15:15:37:921 NetpJoinDomainLocal: status of setting ComputerNamePhysicalDnsDomain to 'bob.local': 0x0

    09/23/2011 15:15:37:921 NetpJoinDomainLocal: Controlling services and setting service start type.

    09/23/2011 15:15:37:921 NetpJoinDomainLocal: Updating W32TimeConfig

    09/23/2011 15:15:38:046 NetpUpdateW32timeConfig: 0x0

    09/23/2011 15:15:38:046 NetpClearFullJoinState:  Removing cached state from the registry...

    09/23/2011 15:15:38:046 NetpClearFullJoinState: Status of deleting join state key 0x0

    09/23/2011 15:15:38:046 NetpCompleteOfflineDomainJoin: status: 0x0

    09/23/2011 15:15:38:046 NetpJoinDomain: NetpCompleteOfflineDomainJoin SUCCESS: Requested a reboot :0x0

    09/23/2011 15:15:38:046 NetpDoDomainJoin: status: 0x0

     

    segunda-feira, 26 de setembro de 2011 15:47