hello,
in my task sequence I can not get my join domain service account to work. I have had it work using the Domain Administrator account. I have applied the delegate control at the root of the domain, and have verified my domain join account cm_djoin propagates to all OU's in the domain. below is the %windir%\debug\netsetup.log. Based on fact domain administrator account works I feel confident this is a rights / permissions issue with my service account.
09/19/2025 13:35:09:379 NetpDoDomainJoin
09/19/2025 13:35:09:379 NetpDoDomainJoin: using new computer names
09/19/2025 13:35:09:379 NetpDoDomainJoin: NetpGetNewMachineName returned 0x0
09/19/2025 13:35:09:379 NetpDoDomainJoin: NetpGetNewHostName returned 0x0
09/19/2025 13:35:09:379 NetpMachineValidToJoin: 'WORKSTATION1'
09/19/2025 13:35:09:379 OS Version: 10.0
09/19/2025 13:35:09:379 Build number: 26100 (26100.ge_release.240331-1435)
09/19/2025 13:35:09:392 SKU: Windows 11 Enterprise
09/19/2025 13:35:09:393 Architecture: 64-bit (AMD64)
09/19/2025 13:35:09:394 NetpMachineValidToJoin: status: 0x0
09/19/2025 13:35:09:394 NetpJoinDomain
09/19/2025 13:35:09:394 HostName: WORKSTATION1
09/19/2025 13:35:09:394 NetbiosName: WORKSTATION1
09/19/2025 13:35:09:394 Domain: contoso.com\DC2.contoso.com
09/19/2025 13:35:09:394 MachineAccountOU: (NULL)
09/19/2025 13:35:09:394 Account: CONTOSO\CM_DJOIN
09/19/2025 13:35:09:394 Options: 0x23
09/19/2025 13:35:09:394 NetpDisableIDNEncoding: no domain dns available - IDN encoding will NOT be disabled
09/19/2025 13:35:09:394 NetpJoinDomainOnDs: NetpDisableIDNEncoding returned: 0x0
09/19/2025 13:35:11:710 NetUseAdd to \\DC2.contoso.com\IPC$ returned 1326
09/19/2025 13:35:11:710 NetpJoinDomainOnDs: status of connecting to dc '\\DC2.contoso.com': 0x52e
09/19/2025 13:35:11:710 NetpJoinDomainOnDs: Function exits with status of: 0x52e
09/19/2025 13:35:11:710 NetpJoinDomainOnDs: NetpResetIDNEncoding on '(null)': 0x0
09/19/2025 13:35:11:710 NetpDoDomainJoin: status: 0x52e
in my task sequence I can not get my join domain service account to work. I have had it work using the Domain Administrator account. I have applied the delegate control at the root of the domain, and have verified my domain join account cm_djoin propagates to all OU's in the domain. below is the %windir%\debug\netsetup.log. Based on fact domain administrator account works I feel confident this is a rights / permissions issue with my service account.
09/19/2025 13:35:09:379 NetpDoDomainJoin
09/19/2025 13:35:09:379 NetpDoDomainJoin: using new computer names
09/19/2025 13:35:09:379 NetpDoDomainJoin: NetpGetNewMachineName returned 0x0
09/19/2025 13:35:09:379 NetpDoDomainJoin: NetpGetNewHostName returned 0x0
09/19/2025 13:35:09:379 NetpMachineValidToJoin: 'WORKSTATION1'
09/19/2025 13:35:09:379 OS Version: 10.0
09/19/2025 13:35:09:379 Build number: 26100 (26100.ge_release.240331-1435)
09/19/2025 13:35:09:392 SKU: Windows 11 Enterprise
09/19/2025 13:35:09:393 Architecture: 64-bit (AMD64)
09/19/2025 13:35:09:394 NetpMachineValidToJoin: status: 0x0
09/19/2025 13:35:09:394 NetpJoinDomain
09/19/2025 13:35:09:394 HostName: WORKSTATION1
09/19/2025 13:35:09:394 NetbiosName: WORKSTATION1
09/19/2025 13:35:09:394 Domain: contoso.com\DC2.contoso.com
09/19/2025 13:35:09:394 MachineAccountOU: (NULL)
09/19/2025 13:35:09:394 Account: CONTOSO\CM_DJOIN
09/19/2025 13:35:09:394 Options: 0x23
09/19/2025 13:35:09:394 NetpDisableIDNEncoding: no domain dns available - IDN encoding will NOT be disabled
09/19/2025 13:35:09:394 NetpJoinDomainOnDs: NetpDisableIDNEncoding returned: 0x0
09/19/2025 13:35:11:710 NetUseAdd to \\DC2.contoso.com\IPC$ returned 1326
09/19/2025 13:35:11:710 NetpJoinDomainOnDs: status of connecting to dc '\\DC2.contoso.com': 0x52e
09/19/2025 13:35:11:710 NetpJoinDomainOnDs: Function exits with status of: 0x52e
09/19/2025 13:35:11:710 NetpJoinDomainOnDs: NetpResetIDNEncoding on '(null)': 0x0
09/19/2025 13:35:11:710 NetpDoDomainJoin: status: 0x52e