thedafa
Enthusiast
Enthusiast

Guest customization > Join domain fails

Hi,

I am trying to customize a Win2008 R2, renaming and etc. works, but DomainJoin fails.

These are the suspicious lines from c:\windows\panther\unattendgc\setupact.txt:

2012-03-20 15:16:06, Info         [DJOIN.EXE] Unattended Join: Joining domain [intra]...
2012-03-20 15:16:06, Info         [DJOIN.EXE] Unattended Join: Calling DsGetDcName for intra...

2012-03-20 15:16:09, Warning  [DJOIN.EXE] Unattended Join:  DsGetDcName failed: 0x54b, last error is 0x0, will retry in 5 seconds...

<repeated many times>

2012-03-20 15:23:05, Warning  [DJOIN.EXE] Unattended Join:  DsGetDcName failed: 0x54b, last error is 0x0, will retry in 5 seconds...

2012-03-20 15:23:10, Error       [DJOIN.EXE] Unattended Join: NetJoinDomain failed error code is [1355]
2012-03-20 15:23:10, Error       [DJOIN.EXE] Unattended Join: Unable to join; gdwError = 0x54b
2012-03-20 15:23:10, Info         [DJOIN.EXE] Unattended Join: Exit, returning 0x0

First I thought that the machine was unable to reach the network while joining. But I can ping the machine in the time period when log-lines say.

All firewalling are disabled. I've tried to add both the short and fqdn to hosts and lmhosts files, without better results. I've tried using the same user+pass and manually joining the domain after a forced customization and that worked, so its not a permission problem. I've tried using both "ORG global" and "VM local" domain join specification, with the same issue.

Any good ideas?

Tags (2)
0 Kudos
9 Replies
nirvy
Commander
Commander

Are your DNS settings correct in the guest?

0 Kudos
thedafa
Enthusiast
Enthusiast

At the time the customization happens I dont know. That is why I tried using hosts and lmhosts file.

But when the machine comes up, they are correct.

Ive also tried echoing a ipconfig /all to a file in the customization script, and it points to correct DNS servers when that runs.

0 Kudos
thedafa
Enthusiast
Enthusiast

Hmm, seems like it is the DNS acting strange...

I've trying running this cust. script:

-----------------------------------------------------

if "%1%" == "precustomization" (

echo "Do precustomization tasks" >> C:\IT\boot.log

echo %DATE% %TIME% >> C:\IT\boot.log

) else if "%1%" == "postcustomization" (

echo "Do postcustomization tasks" >> C:\IT\boot.log

echo %DATE% %TIME% >> C:\IT\boot.log

netdom join  /Domain:domain.intra %COMPUTERNAME% /userD:domainadm /passwordD:domainpass

)

ipconfig /all

-----------------------------------------------------

But it fails with this in the customiza-guest.log, even though the ipconfig just below displays correct DNS settings:

The specified domain either does not exist or could not be contacted.
The command failed to complete successfully.

0 Kudos
nirvy
Commander
Commander

Do you get any errors if you run dcdiag /test:dns on your domain controller?

0 Kudos
thedafa
Enthusiast
Enthusiast

Hi Nirvy,

Not any errors that should be concerning according to our AD/DNS admins.

They asked if the dns client was running at the join-time, so I did a sc query dnscache in the script (and added a timeout /t 60), before the netdom command. But the dnscache service is running fine.

So I'll keep on investigating... More good ideas are very welcome.

0 Kudos
nirvy
Commander
Commander

Your setupact log in your first post shows the results from a domain join attempt against the netbios name of your domain... have you tried using the fqdn too, and if so was the log output any different?

0 Kudos
qc4vmware
Virtuoso
Virtuoso

For what its worth domain joins only worked for me when I used the fully qualified name and username@domainname format for the user credential.  I can't confirm that I had any similar errors in my panther logs as it was quite a while ago I was struggling with this.

0 Kudos
babarton
Contributor
Contributor

I just recently ran into this on a Windows 7 guest.  Here are the steps I performed:

1.) Configure the vShield edge on the Org Network to enable DHCP:

We didn't have a DHCP server in that VLAN, so I had to use the vshield edge to perform this function.

With guest customization enabled on a Windows host, it appears that the AD join seems to occur at the first sysprep, before the vCloud network settings are applied.  If you are not using DHCP then the guest has no networking, therefore it cannot join AD.  At the point where vmware tools calls the second sysprep to configure the network, it is too late, the AD join has already timed out.

2.) Make sure that your (guest) vapp template has DHCP enabled.  This is what bit me, and the reason I found this thread.  Once I had DHCP enabled on my guest, the AD join worked as advertised.

Hope this helps....

0 Kudos
TonyKhan
Enthusiast
Enthusiast

I had a similar issue.  I had to reset Administrator account password in the Customization Specification.  Hope this help.

Cheers.

0 Kudos