See all of the top support solutions for our most common issues here
Here's another cool OSD tip from Frank Rojas. If your clients are joining the domain like you expect then maybe this is what you're running into:
Issue: A client does not join the domain if the Computers container is specified as the Domain OU in the "Apply Network Settings" task of a Task Sequence in SCCM 2007 OSD. No errors are seen in the SMSTS.log, but upon examining the NetSetup.log which is part of Windows setup, the following error will be logged:
NetpDoDomainJoin NetpMachineValidToJoin: 'CONTAINER' NetpGetLsaPrimaryDomain: status: 0x0 NetpMachineValidToJoin: status: 0x0 NetpJoinDomain Machine: CONTAINER Domain: <DOMAIN> MachineAccountOU: CN=Computers,DC=<DOMAIN>,DC=com Account: <DOMAIN>\<ACCOUNT> Options: 0x40001 OS Version: 5.1 Build number: 2600 ServicePack: Service Pack 3 NetpValidateName: checking to see if '<DOMAIN>' is valid as type 3 name NetpCheckDomainNameIsValid [ Exists ] for '<DOMAIN>' returned 0x0 NetpValidateName: name '<DOMAIN>' is valid for type 3 NetpDsGetDcName: trying to find DC in domain '<DOMAIN>', flags: 0x1020 NetpDsGetDcName: failed to find a DC having account 'CONTAINER$': 0x525 NetpDsGetDcName: found DC '\\<DC_SERVER>' in the specified domain NetpJoinDomain: status of connecting to dc '\\<DC_SERVER>': 0x0 NetpGetLsaPrimaryDomain: status: 0x0 NetpGetDnsHostName: Read NV Hostname: Container NetpGetDnsHostName: PrimaryDnsSuffix defaulted to DNS domain name: <DOMAIN>.com NetpLsaOpenSecret: status: 0xc0000034 SamLookupNamesInDomain on CONTAINER$ failed with 0xc0000073 NetpJoinDomain: status of setting machine password: 0x534 NetpJoinDomain: initiaing a rollback due to earlier errors NetpLsaOpenSecret: status: 0x0 NetpJoinDomain: rollback: status of deleting secret: 0x0 NetpJoinDomain: status of disconnecting from '\\<DC_SERVER>': 0x0 NetpDoDomainJoin: status: 0x534
Cause: This problem happens because the Computers container in AD is a Container, and not an OU. For this reason, if you try to specify the Computers container as the OU that the PC should join in the "Apply Network Settings" of an SCCM 2007 OSD Task Sequence it will fail and the PC will not join the domain.
Resolution: To resolve the problem, if the user wants the PC to be part of the Computers container when joining the domain, leave the Domain OU field in the "Apply Network Settings" task blank. Since PCs are automatically put into the Computers container by default if no Domain OU is specified when joining a domain, leaving the Domain OU field blank will cause the PC to join the domain and be put into the Computers container.
If you want the PC to join the Domain as part of a Domain OU, change the Domain OU field to specify a valid OU and not the Computers container.
J.C. Hornbeck | Manageability Knowledge Engineer
PingBack from http://mazda-video.com/models/2007-mazda-cx9/
Old blog post, but answered my question and my situation exactly. Works when I choose an OU, but when I pick the LDAP://CN=Computers,DC=DOMAIN,DC=COM it does not join the domain. I wasn't sure what leaving it blank would do and I did not want to waste an hour running the task again and have it fail.
Thanks. I'll give this a try.