Domain join but no computer object in ad |
Post Reply | Page 12> |
Author | |
biomet
Newbie Joined: 04 Apr 2014 Location: Netherlands Status: Offline Points: 8 |
Post Options
Thanks(0)
Posted: 04 Apr 2014 at 4:58am |
Hello all,
I've been working some time to get this solved, but everything works except looking into ad there is no computer object in ad. i've been using a lookup file with "oldname,newname". I can see that the system is joined but upon looking into in aduc simply no computer to be found with the new name. Is there something i'm missing as the log file simpy says Joined Done. See log file: ForensiT User Profile Wizard v3.7.1190 Licensed to Biomet3i (50 Seats) Serial No. BEB0CB57 Copyright (c) 2002-2013 ForensiT Ltd www.ForensiT.com Finding Domain Controller for domain ******... Done. Using Domain Controller: \\******. Binding to Active Directory... Done. Getting FQDN for user "******"... Done. Getting Domain SID... Done. SID is S-1-5-21-2233417852-4028248285-2824820072-14825 Checking for roaming profile...Done. No roaming profile path set. Setting Registry ACLs... Done. Set Registry ACLs in 0.109 seconds. Setting Profile ACL... Done. Set Profile ACL in 1.419 seconds. Creating Profile registry keys... Done. Joining to domain "******" ... Done. Adding domain account to local groups... Done. Setting ****** as default logon... Done. Migration Complete! |
|
Support
Moderator Group Joined: 09 Nov 2006 Location: United Kingdom Status: Offline Points: 1860 |
Post Options
Thanks(0)
|
If the system is joined to the domain and you can logon with the new domain account, there must be a computer object in AD.
Do you have multiple DCs? If so, may be you have an AD replication issue. |
|
biomet
Newbie Joined: 04 Apr 2014 Location: Netherlands Status: Offline Points: 8 |
Post Options
Thanks(0)
|
we do have multiple dc's yes.
But when i just simply join the system myself it nicely appears in ad. so no domain replication problems nor issues. we have setup a 2 way trust between 2 domains and need to migratie the user accounts as well the workstations the user accounts are not having any problem but when it comes to the workstations they simply do not appear nor does the workstation get's it's new name. as i explianed i'm using a lookup file to rename and join the workstations. |
|
Support
Moderator Group Joined: 09 Nov 2006 Location: United Kingdom Status: Offline Points: 1860 |
Post Options
Thanks(0)
|
If you look at the System Properties, is the machine joined to the new domain?
|
|
biomet
Newbie Joined: 04 Apr 2014 Location: Netherlands Status: Offline Points: 8 |
Post Options
Thanks(0)
|
Yes it does show it's joined.
but no dns entry or ad object, even when forcing replication between al dc's. |
|
biomet
Newbie Joined: 04 Apr 2014 Location: Netherlands Status: Offline Points: 8 |
Post Options
Thanks(0)
|
Any thoughts as we really need to start migrating and it's not working for us. as we also have created test machines in different sites and no computer abject is created while it saying joined to domain.
manual join works without any problem. |
|
Support
Moderator Group Joined: 09 Nov 2006 Location: United Kingdom Status: Offline Points: 1860 |
Post Options
Thanks(0)
|
If a machine is joined to a domain and you can logon with an account from that domain, there must be a computer account object in Active Directory.
As there is a two-way trust, the source domain can authenticate user accounts from the target domain, and that would explain why you can logon with a user account from the target domain. However, for this to work the machine (I believe) must still be joined to the source domain. We have never seen a situation where User Profile Wizard (using Microsoft's standard network APIs) joins a machine to a domain, the machine reports it is joined to that domain, but it is not. Try setting the <ProtocolPriority> value in Profwiz.config to LDAP. |
|
biomet
Newbie Joined: 04 Apr 2014 Location: Netherlands Status: Offline Points: 8 |
Post Options
Thanks(0)
|
Domain Join does work now, but it seems that the wizard isn't reading the csv or notepad file to renmane the system and it does not get joined to the correct ou, instead it puts it into the computers ou.
|
|
Support
Moderator Group Joined: 09 Nov 2006 Location: United Kingdom Status: Offline Points: 1860 |
Post Options
Thanks(0)
|
Did it work setting the <ProtocolPriority> to LDAP? If the computer account already exists in the target domain, User Profile Wizard cannot move it.
|
|
biomet
Newbie Joined: 04 Apr 2014 Location: Netherlands Status: Offline Points: 8 |
Post Options
Thanks(0)
|
Yes, that did the trick.
and i didn't precreate the computer account, i just gave the old name and new name in a csv/txt file. But it doenst seem to want to read it same for old username and new username. |
|
Post Reply | Page 12> |
Tweet
|
Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |