Some Computers Fail to Join Domain
[B]This is important[/B]
This problem was caused by my misunderstanding. FOG doesn’t display AD information for groups, but it will set it. So I don’t need this problem solved, FOG will take care of it.
[B]Thanks for looking![/B]
I’m hoping that I can be as thorough as possible here, so here I go…
FOG is great. Here at this school, we have lots of the same model of computer. The multicast is faster than anything Norton Ghost ever managed. It’s also tolerant to failures. If a machine decides it doesn’t want to download an image, the rest just leave it behind and complete the task. That’s great. And Ghost doesn’t do it.
However, we’re having issues with AD. I have domain join set up in unattend.xml because the FOG 2072 build doesn’t let me put values in the AD interfaces (another issue for another time). Some machines successfully image, install, join the domain, and log in as an admin on the domain so that we can get “Preparing Windows” out of the way. But, other machines install, image, look like they’ve joined the domain, but then reboot and come back to a lock screen with the admin username on it. When you try to type in the password, it says, “the trust relationship between this workstation and the primary domain failed.” Rejoining the domain fixes the problem and so does using Reset-ComputerMachinePassword, but that isn’t a good solution when we’d like to have scheduled imaging tasks refreshing these computers often.
Does anyone know what causes this issue or how to fix it?
EDIT: I have some solid data now. I completed an imaging task and let the computers do their thing. Out of 23 imaged computers, only 13 successfully joined the network. Another error is, “The security database on the server does not have a computer account for this workstation trust relationship.”
The fog ad issues are resolved with 1.2 and in the current svn. Keep in mind that you no longer use domain/username just username. [url]http://fogproject.org/wiki/index.php?title=Active_Directory_-_FOG_Setting[/url]
I would remove joining domain from unattend file and re-upload your image. I would also remove the hosts that give you that error and re-image them with join domain in fog. The reason I say this is to rule out possible AD permission limitations on the user you use to join the domain.
I’m having the same issue here, half the machines join the domain and half don’t. Is there anything I can troubleshoot here?
Are you trying to join the domain with the unattend.xml file? If so, you’re doing it wrong.
Install the FOG service on your image computer and join the computers to AD using FOG.
I finally worked it out. The network card driver was slow to negotiate it’s connection when the machine booted meaning the FOG Service had no time to do it’s business. Upgraded the driver and now it’s working