Adding a computer to an Active Directory Organizational Unit via "Configure Computer" or "Apply System Configuration" task

Article:TECH189929  |  Created: 2012-05-29  |  Updated: 2012-09-25  |  Article URL http://www.symantec.com/docs/TECH189929
Article Type
Technical Solution

Product(s)

Issue



When using a "Configure Computer" or "Apply System Configuration" task to join client computers to an Active Directory (AD), they do not correctly join when specifying one or more Organizational Units (OUs).


Error



Symantec Agent Logs will show a failure with little or no additional information.

The NetSetup.LOG (default location: C:\Windows\debug\)


Environment



Deployment Solution 7.1 (All builds)


Cause



A specific syntax must be used when client machines are added to an OU.


Solution



Detailed below are a few example cases that show how to use the "Apply System Configuration" task with domain and/or OU joins in the Active Directory. For each of these cases, we will be using an Active Directory with the following structure:

domain.environment.local
OU 1
   └ OU 2
          OU 3
OU A

Case 1 - Joining a client machine to the root of the domain*

  • In the "Apply System Configuration" task, select the radio button next to "Domain:"
  • Populate the text box with the domain in the following format: domain.environment.local
  • Provide the credential area with a domain account with sufficient privilieges to join the client to the domain
  • Click "OK"

Case 2 - Joining a client machine to an OU that is one level deep 

  • In the "Apply System Configuration" task, select the radio button next to "Domain:"
  • Populate the text box next to "Domain:" with the domain in the following format: domain.environment.local
  • Populate the text box next to "Organizational unit:" with the OU in the following format: OU 1
  • Provide the credential area with a domain account with sufficient privilieges to join the client to the domain and specific organizational unit
  • Click "OK"

Case 3 - Joining a client machine to an OU that multiple levels deep

  • In the "Apply System Configuration" task, select the radio button next to "Domain:"
  • Populate the text box next to "Domain:" with the domain in the following format: domain.environment.local
  • Populate the text box next to "Organizational unit:" with the OU in the following format: OU 1/OU 2/OU 3
  • Provide the credential area with a domain account with sufficient privilieges to join the client to the domain and specific organizational unit
  • Click "OK"

 

* This can only be done to client machines that are not presently in the domain. If the client is already joined to the domain and in an organizational unit, it cannot be moved to the root of the domain again. It will instead be moved to the lowest-level organizational unit in its current path, e.g., if the client were in OU 3, it would be moved to OU 1.

 




Article URL http://www.symantec.com/docs/TECH189929


Terms of use for this information are found in Legal Notices