Computer not joined to domain after imaging completes
search cancel

Computer not joined to domain after imaging completes

book

Article ID: 268681

calendar_today

Updated On:

Products

Ghost Solution Suite

Issue/Introduction

Successfully able to upload an image as well as download and installing the image.  Now you are facing an issue of joining the computer to the domain.

Microsoft's netsetup.log file is a valuable resource when you troubleshoot a domain join issue. The netsetup.log file is located at C:\Windows\Debug\netsetup.log per the following KB:

Active Directory domain join troubleshooting guidance

In this case the netsetup.log file contained the following entries and the 0x8ac error is generally a permissions issue:

06/22/2023 10:11:06:549 IsLegacyAccountReuseSetInRegistry: RegQueryValueEx for 'NetJoinLegacyAccountReuse' returned Status: 0x2. 
06/22/2023 10:11:06:549 IsLegacyAccountReuseSetInRegistry returning: 'FALSE''.
06/22/2023 10:11:06:565 NetpCheckIfAccountShouldBeReused: Failed to NetpLsaLookupSidFromName. NetStatus: 8ac
06/22/2023 10:11:06:565 NetpCheckIfAccountShouldBeReused:fReuseAllowed: FALSE, NetStatus:0x8ac
06/22/2023 10:11:06:565 NetpModifyComputerObjectInDs: Failed to check if account can be re-used. Error: 0x8ac 
06/22/2023 10:11:06:565 NetpProvisionComputerAccount: LDAP creation failed: 0x8ac
06/22/2023 10:11:06:565 NetpProvisionComputerAccount: Cannot retry downlevel, specifying OU is not supported
06/22/2023 10:11:06:565 ldap_unbind status: 0x0
06/22/2023 10:11:06:565 NetpJoinCreatePackagePart: status:0x8ac.
06/22/2023 10:11:06:565 NetpJoinDomainOnDs: Function exits with status of: 0x8ac
06/22/2023 10:11:06:565 NetpJoinDomainOnDs: status of disconnecting from '\\NSserver.example.edu': 0x0
06/22/2023 10:11:06:565 NetpResetIDNEncoding: DnsDisableIdnEncoding(RESETALL) on 'example.edu' returned 0x0
06/22/2023 10:11:06:565 NetpJoinDomainOnDs: NetpResetIDNEncoding on 'example.edu': 0x0
06/22/2023 10:11:06:565 NetpDoDomainJoin: status: 0x8ac

Environment

GSS 3.x

Cause

The 0x8ac error is generally a permissions issue

Resolution

Confirmed that the user account configured in the GSS Console under Tools > Security was a local admin but not a domain admin as required by Microsoft. 

Resolved by configuring the GSS Console to use a domain admin account under Tools > Security.

Additional Information

Powered by Wolken Software