Computers not automatically placed to correct organisational unit
This issue has been solved. See solution.
Teijo Hämäläinen
September 30th, 2009
Hello,
I want my new computer accounts automatically placed to correct OU, when they join domain during mini-setup.
I've created New Computer to DS, which contains MAC address, computer name and domain with following value:
domain.com/gpo_test/scandinavia/computers/workstations
Computer account is not created to this OU in Active Directory and computer is not joined to domain. Also mini-setup asks me to choose whether to join domain or workgroup.
There's even no events in %windir%\debug\netsetup.log that computer even tried to join domain.
If I create New Computer in DS and select to join domain, type in only full domain name, without any OU structure, computer is joined to domain during mini-setup.
Please help.
Sysprep
Hi Teijo,
The way I accomplish this is in the Sysprep file in the Identification section. Make sure to use the FQDN of the OU in the MachineObjectOU line.
[Identification]
JoinDomain=domain
DomainAdmin=admin
DomainAdminPassword=password
MachineObjectOU="OU=StandardComputers,DC=domain,DC=com"
-Geo
Don't forget to mark the solution to your forum post if it has been answered!
Sysprep
If you are using syspreped images, you will want to do your configuration as a separate task in the imaging job.
Your Distribute Image task should have the "Automatically perform configuration task after completing this imaging task." box unchecked.
You would then add another task to the job to do your configuration to add to the domain and correct OU.
There may be another way of doing it that is better, however, this way works for us. Also ensure that your domain credentials in the DS console are correct (Tools ---> Options, Domain Accounts tab).
Hi bhawver and George, Thanks
Hi bhawver and George,
Thanks for your replies.
I'll try these tips. Just makes me wonder why Symantec put option to enter domain+OU structure information while entering New Computer to DS, if this setting is not working.
Great job guys!You were both
Great job guys!
You were both right.
This was solved by modifying sysprep.inf file to contain settings George suggested. Then I also needed to uncheck option "Automatically perform configuration task after completing this imaging task." Now new computer automatically joins domain and computer account is placed on correct organisational unit in Active Directory.
Many thanks to you both!
Crap... We have test
Crap...
We have test computers in two different network segments and both log on to different domain controllers.
Joining domain works perfectly during mini-setup on our testcomputer, but on other network segment, joining fails with error "invalid domain name". There's no events on domain controllers event logs about joining process. If WORKGROUP is selected, joining succeeds after attempted from desktop.
Is there any other who has faced similar problems joining computers to domain during sysprep mini-setup phase?
DNS
It sounds like on the other segment the DNS is not set up properly. Also, have your AD administrator ensure that the domain controller for that segment is listed in Sites and Services (that is how a computer know which domain controller to authenticate to instead of coming across the WAN).
Hi bhawver, Problem solved.
Hi bhawver,
Problem solved. It was caused by manual default gateway value on base image TCP/IP properties :)
Removed default gateway address from base image, new sysprep = works perfectly
Would you like to reply?
Login or Register to post your comment.